Security and Online learning: to protect or prohibit

The rapid development of online learning is opening up many new learning opportunities. Yet, with this increased potential come a myriad of risks. Usable security systems are essential as poor usability in security can result in excluding intended users while allowing sensitive data to be released to unacceptable recipients. This chapter presents findings concerned with usability for two security issues: authentication mechanisms and privacy. Usability issues such as memorability, feedback, guidance, context of use and concepts of information ownership are reviewed within various environments. This chapter also reviews the roots of these usability difficulties in the culture clash between the non-user-oriented perspective of security and the information exchange culture of the education domain. Finally an account is provided of how future systems can be developed which maintain security and yet are still usable

APIs and Your Privacy

Application programming interfaces, or APIs, have been the topic of much recent discussion. Newsworthy events, including those involving Facebook’s API and Cambridge Analytica obtaining information about millions of Facebook users, have highlighted the technical capabilities of APIs for prominent websites and mobile applications. At the same time, media coverage of ways that APIs have been misused has sparked concern for potential privacy invasions and other issues of public policy. This paper seeks to educate consumers on how APIs work and how they are used within popular websites and mobile apps to gather, share, and utilize data. APIs are used in mobile games, search engines, social media platforms, news and shopping websites, video and music streaming services, dating apps, and mobile payment systems. If a third-party company, like an app developer or advertiser, would like to gain access to your information through a website you visit or a mobile app or online service you use, what data might they obtain about you through APIs and how? This report analyzes 11 prominent online services to observe general trends and provide you an overview of the role APIs play in collecting and distributing information about consumers. For example, how might your data be gathered and shared when using your Facebook account login to sign up for Venmo or to access the Tinder dating app? How might advertisers use Pandora’s API when you are streaming music? After explaining what APIs are and how they work, this report categorizes and characterizes different kinds of APIs that companies offer to web and app developers. Services may offer content-focused APIs, feature APIs, unofficial APIs, and analytics APIs that developers of other apps and websites may access and use in different ways. Likewise, advertisers can use APIs to target a desired subset of a service’s users and possibly extract user data. This report explains how websites and apps can create user profiles based on your online behavior and generate revenue from advertiser-access to their APIs. The report concludes with observations on how various companies and platforms connecting through APIs may be able to learn information about you and aggregate it with your personal data from other sources when you are browsing the internet or using different apps on your smartphone or tablet. While the paper does not make policy recommendations, it demonstrates the importance of approaching consumer privacy from a broad perspective that includes first parties and third parties, and that considers the integral role of APIs in today’s online ecosystem

Lime: Data Lineage in the Malicious Environment

Intentional or unintentional leakage of confidential data is undoubtedly one of the most severe security threats that organizations face in the digital era. The threat now extends to our personal lives: a plethora of personal information is available to social networks and smartphone providers and is indirectly transferred to untrustworthy third party and fourth party applications. In this work, we present a generic data lineage framework LIME for data flow across multiple entities that take two characteristic, principal roles (i.e., owner and consumer). We define the exact security guarantees required by such a data lineage mechanism toward identification of a guilty entity, and identify the simplifying non repudiation and honesty assumptions. We then develop and analyze a novel accountable data transfer protocol between two entities within a malicious environment by building upon oblivious transfer, robust watermarking, and signature primitives. Finally, we perform an experimental evaluation to demonstrate the practicality of our protocol

CHORUS Deliverable 2.2: Second report - identification of multi-disciplinary key issues for gap analysis toward EU multimedia search engines roadmap

After addressing the state-of-the-art during the first year of Chorus and establishing the existing landscape in multimedia search engines, we have identified and analyzed gaps within European research effort during our second year. In this period we focused on three directions, notably technological issues, user-centred issues and use-cases and socio- economic and legal aspects. These were assessed by two central studies: firstly, a concerted vision of functional breakdown of generic multimedia search engine, and secondly, a representative use-cases descriptions with the related discussion on requirement for technological challenges. Both studies have been carried out in cooperation and consultation with the community at large through EC concertation meetings (multimedia search engines cluster), several meetings with our Think-Tank, presentations in international conferences, and surveys addressed to EU projects coordinators as well as National initiatives coordinators. Based on the obtained feedback we identified two types of gaps, namely core technological gaps that involve research challenges, and “enablers”, which are not necessarily technical research challenges, but have impact on innovation progress. New socio-economic trends are presented as well as emerging legal challenges

Keystones to foster inclusive knowledge societies: access to information and knowledge, freedom of expression, privacy, and ethics on a global internet

The transnational and multi-dimensional nature of Cyberspace and its growing importance presents new frontiers with unparalleled opportunities and challenges for access to information and knowledge, freedom of expression, privacy and ethics. The Internet Study being undertaken by UNESCO is seeking to provide the necessary clarity to support holistic approaches to addressing this broad range of interrelated issues as well as their short and long-term effects. The study was built on a year-long multistakeholder consultation process, which involved several rounds of consultation with member states and other actors, as well as almost 200 major responses to an online questionnaire. The Study includes the Options for future actions of UNESCO in the Internet related issues, which has served as a basis for the Outcome Document as adopted by the CONNECTing the Dots Conference on 3 and 4 March 2015. The Study also affirmed that the same rights that people have offline must be protected online, and good practices are shared between Member States and other stakeholders, in order to address security and privacy concerns on the Internet and in accordance with international human rights obligations. The Study also supports the Internet Universality principles (R.O.A.M) that promote a human rights-based approach, including freedom of expression, privacy, open Internet, accessible to all and characterized by multistakeholder participation

The Industry and Policy Context for Digital Games for Empowerment and Inclusion:Market Analysis, Future Prospects and Key Challenges in Videogames, Serious Games and Gamification

The effective use of digital games for empowerment and social inclusion (DGEI) of people and communities at risk of exclusion will be shaped by, and may influence the development of a range of sectors that supply products, services, technology and research. The principal industries that would appear to be implicated are the 'videogames' industry, and an emerging 'serious games' industry. The videogames industry is an ecosystem of developers, publishers and other service providers drawn from the interactive media, software and broader ICT industry that services the mainstream leisure market in games, The 'serious games' industry is a rather fragmented and growing network of firms, users, research and policy makers from a variety of sectors. This emerging industry is are trying to develop knowledge, products, services and a market for the use of digital games, and products inspired by digital games, for a range of non-leisure applications. This report provides a summary of the state of play of these industries, their trajectories and the challenges they face. It also analyses the contribution they could make to exploiting digital games for empowerment and social inclusion. Finally, it explores existing policy towards activities in these industries and markets, and draws conclusions as to the future policy relevance of engaging with them to support innovation and uptake of effective digital game-based approaches to empowerment and social inclusion.JRC.J.3-Information Societ