10,705 research outputs found
Online advertising: analysis of privacy threats and protection approaches
Online advertising, the pillar of the âfreeâ content on the Web, has revolutionized the marketing business in recent years by creating a myriad of new opportunities for advertisers to reach potential customers. The current advertising model builds upon an intricate infrastructure composed of a variety of intermediary entities and technologies whose main aim is to deliver personalized ads. For this purpose, a wealth of user data is collected, aggregated, processed and traded behind the scenes at an unprecedented rate. Despite the enormous value of online advertising, however, the intrusiveness and ubiquity of these practices prompt serious privacy concerns. This article surveys the online advertising infrastructure and its supporting technologies, and presents a thorough overview of the underlying privacy risks and the solutions that may mitigate them. We first analyze the threats and potential privacy attackers in this scenario of online advertising. In particular, we examine the main components of the advertising infrastructure in terms of tracking capabilities, data collection, aggregation level and privacy risk, and overview the tracking and data-sharing technologies employed by these components. Then, we conduct a comprehensive survey of the most relevant privacy mechanisms, and classify and compare them on the basis of their privacy guarantees and impact on the Web.Peer ReviewedPostprint (author's final draft
Recommended from our members
Tackling food marketing to children in a digital world: trans-disciplinary perspectives. Childrenâs rights, evidence of impact, methodological challenges, regulatory options and policy implications for the WHO European Region
There is unequivocal evidence that childhood obesity is influenced by marketing of foods and non-alcoholic beverages high in saturated fat, salt and/or free sugars (HFSS), and a core recommendation of the WHO Commission on Ending Childhood Obesity is to reduce childrenâs exposure to all such marketing. As a result, WHO has called on Member States to introduce restrictions on marketing of HFSS foods to children, covering all media, including digital, and to close any regulatory loopholes. This publication provides up-to-date information on the marketing of foods and non-alcoholic beverages to children and the changes that have occurred in recent years, focusing in particular on the major shift to digital marketing. It examines trends in media use among children, marketing methods in the new digital media landscape and childrenâs engagement with such marketing. It also considers the impact on children and their ability to counter marketing as well as the implications for childrenâs rights and digital privacy. Finally the report discusses the policy implications and some of the recent policy action by WHO European Member States
South American Expert Roundtable : increasing adaptive governance capacity for coping with unintended side effects of digital transformation
This paper presents the main messages of a South American expert roundtable (ERT) on the unintended side effects (unseens) of digital transformation. The input of the ERT comprised 39 propositions from 20 experts representing 11 different perspectives. The two-day ERT discussed the main drivers and challenges as well as vulnerabilities or unseens and provided suggestions for: (i) the mechanisms underlying major unseens; (ii) understanding possible ways in which rebound effects of digital transformation may become the subject of overarching research in three main categories of impact: development factors, society, and individuals; and (iii) a set of potential action domains for transdisciplinary follow-up processes, including a case study in Brazil. A content analysis of the propositions and related mechanisms provided insights in the genesis of unseens by identifying 15 interrelated causal mechanisms related to critical issues/concerns. Additionally, a cluster analysis (CLA) was applied to structure the challenges and critical developments in South America. The discussion elaborated the genesis, dynamics, and impacts of (groups of) unseens such as the digital divide (that affects most countries that are not included in the development of digital business, management, production, etc. tools) or the challenge of restructuring small- and medium-sized enterprises (whose service is digitally substituted by digital devices). We identify specific issues and effects (for most South American countries) such as lack of governmental structure, challenging geographical structures (e.g., inclusion in high-performance transmission power), or the digital readiness of (wide parts) of society. One scientific contribution of the paper is related to the presented methodology that provides insights into the phenomena, the causal chains underlying âwanted/positiveâ and âunwanted/negativeâ effects, and the processes and mechanisms of societal changes caused by digitalization
Contributions to the privacy provisioning for federated identity management platforms
Identity information, personal data and userâs profiles are key assets for organizations
and companies by becoming the use of identity management (IdM) infrastructures a prerequisite
for most companies, since IdM systems allow them to perform their business
transactions by sharing information and customizing services for several purposes in more
efficient and effective ways.
Due to the importance of the identity management paradigm, a lot of work has been done
so far resulting in a set of standards and specifications. According to them, under the
umbrella of the IdM paradigm a personâs digital identity can be shared, linked and reused
across different domains by allowing users simple session management, etc. In this way,
usersâ information is widely collected and distributed to offer new added value services
and to enhance availability. Whereas these new services have a positive impact on usersâ
life, they also bring privacy problems.
To manage usersâ personal data, while protecting their privacy, IdM systems are the ideal
target where to deploy privacy solutions, since they handle usersâ attribute exchange.
Nevertheless, current IdM models and specifications do not sufficiently address comprehensive
privacy mechanisms or guidelines, which enable users to better control over the
use, divulging and revocation of their online identities. These are essential aspects, specially
in sensitive environments where incorrect and unsecured management of userâs data
may lead to attacks, privacy breaches, identity misuse or frauds.
Nowadays there are several approaches to IdM that have benefits and shortcomings, from
the privacy perspective.
In this thesis, the main goal is contributing to the privacy provisioning for federated
identity management platforms. And for this purpose, we propose a generic architecture
that extends current federation IdM systems. We have mainly focused our contributions
on health care environments, given their particularly sensitive nature. The two main
pillars of the proposed architecture, are the introduction of a selective privacy-enhanced
user profile management model and flexibility in revocation consent by incorporating an
event-based hybrid IdM approach, which enables to replace time constraints and explicit
revocation by activating and deactivating authorization rights according to events. The
combination of both models enables to deal with both online and offline scenarios, as well
as to empower the user role, by letting her to bring together identity information from
different sources.
Regarding userâs consent revocation, we propose an implicit revocation consent mechanism
based on events, that empowers a new concept, the sleepyhead credentials, which
is issued only once and would be used any time. Moreover, we integrate this concept
in IdM systems supporting a delegation protocol and we contribute with the definition
of mathematical model to determine event arrivals to the IdM system and how they are
managed to the corresponding entities, as well as its integration with the most widely
deployed specification, i.e., Security Assertion Markup Language (SAML).
In regard to user profile management, we define a privacy-awareness user profile management
model to provide efficient selective information disclosure. With this contribution a
service provider would be able to accesses the specific personal information without being
able to inspect any other details and keeping user control of her data by controlling
who can access. The structure that we consider for the user profile storage is based on
extensions of Merkle trees allowing for hash combining that would minimize the need of
individual verification of elements along a path. An algorithm for sorting the tree as we
envision frequently accessed attributes to be closer to the root (minimizing the accessâ
time) is also provided.
Formal validation of the above mentioned ideas has been carried out through simulations
and the development of prototypes. Besides, dissemination activities were performed in
projects, journals and conferences.Programa Oficial de Doctorado en IngenierĂa TelemĂĄticaPresidente: MarĂa Celeste Campo VĂĄzquez.- Secretario: MarĂa Francisca Hinarejos Campos.- Vocal: Ăscar Esparza MartĂ
Personalised privacy in pervasive and ubiquitous systems
Our world is edging closer to the realisation of pervasive systems and their integration in our everyday life. While pervasive systems are capable of offering many benefits for everyone, the amount and quality of personal information that becomes available raise concerns about maintaining user privacy and create a real need to reform existing privacy practices and provide appropriate safeguards for the user of pervasive environments.
This thesis presents the PERSOnalised Negotiation, Identity Selection and Management (PersoNISM) system; a comprehensive approach to privacy protection in pervasive environments using context aware dynamic personalisation and behaviour learning. The aim of the PersoNISM system is twofold: to provide the user with a comprehensive set of privacy protecting tools and to help them make the best use of these tools according to their privacy needs. The PersoNISM system allows users to: a) configure the terms and conditions of data disclosure through the process of privacy policy negotiation, which addresses the current âtake it or leave itâ approach; b) use multiple identities to interact with pervasive services to avoid the accumulation of vast amounts of personal information in a single user profile; and c) selectively disclose information based on the type of information, who requests it, under what context, for what purpose and how the information will be treated. The PersoNISM system learns user privacy preferences by monitoring the behaviour of the user and uses them to personalise and/or automate the decision making processes in order to unburden the user from manually controlling these complex mechanisms.
The PersoNISM system has been designed, implemented, demonstrated and evaluated during three EU funded projects
Slave to the Algorithm? Why a \u27Right to an Explanation\u27 Is Probably Not the Remedy You Are Looking For
Algorithms, particularly machine learning (ML) algorithms, are increasingly important to individualsâ lives, but have caused a range of concerns revolving mainly around unfairness, discrimination and opacity. Transparency in the form of a âright to an explanationâ has emerged as a compellingly attractive remedy since it intuitively promises to open the algorithmic âblack boxâ to promote challenge, redress, and hopefully heightened accountability. Amidst the general furore over algorithmic bias we describe, any remedy in a storm has looked attractive. However, we argue that a right to an explanation in the EU General Data Protection Regulation (GDPR) is unlikely to present a complete remedy to algorithmic harms, particularly in some of the core âalgorithmic war storiesâ that have shaped recent attitudes in this domain. Firstly, the law is restrictive, unclear, or even paradoxical concerning when any explanation-related right can be triggered. Secondly, even navigating this, the legal conception of explanations as âmeaningful information about the logic of processingâ may not be provided by the kind of ML âexplanationsâ computer scientists have developed, partially in response. ML explanations are restricted both by the type of explanation sought, the dimensionality of the domain and the type of user seeking an explanation. However, âsubject-centric explanations (SCEs) focussing on particular regions of a model around a query show promise for interactive exploration, as do explanation systems based on learning a model from outside rather than taking it apart (pedagogical versus decompositional explanations) in dodging developers\u27 worries of intellectual property or trade secrets disclosure. Based on our analysis, we fear that the search for a âright to an explanationâ in the GDPR may be at best distracting, and at worst nurture a new kind of âtransparency fallacy.â But all is not lost. We argue that other parts of the GDPR related (i) to the right to erasure ( right to be forgotten ) and the right to data portability; and (ii) to privacy by design, Data Protection Impact Assessments and certification and privacy seals, may have the seeds we can use to make algorithms more responsible, explicable, and human-centered
Ami-deu : un cadre sémantique pour des applications adaptables dans des environnements intelligents
Cette thĂšse vise Ă Ă©tendre lâutilisation de l'Internet des objets (IdO) en facilitant le dĂ©veloppement dâapplications par des personnes non experts en dĂ©veloppement logiciel. La thĂšse propose une nouvelle approche pour augmenter la sĂ©mantique des applications dâIdO et lâimplication des experts du domaine dans le dĂ©veloppement dâapplications sensibles au contexte. Notre approche permet de gĂ©rer le contexte changeant de lâenvironnement et de gĂ©nĂ©rer des applications qui sâexĂ©cutent dans plusieurs environnements intelligents pour fournir des actions requises dans divers contextes. Notre approche est mise en Ćuvre dans un cadriciel (AmI-DEU) qui inclut les composants pour le dĂ©veloppement dâapplications IdO. AmI-DEU intĂšgre les services dâenvironnement, favorise lâinteraction de lâutilisateur et fournit les moyens de reprĂ©senter le domaine dâapplication, le profil de lâutilisateur et les intentions de lâutilisateur. Le cadriciel permet la dĂ©finition dâapplications IoT avec une intention dâactivitĂ© autodĂ©crite qui contient les connaissances requises pour rĂ©aliser lâactivitĂ©. Ensuite, le cadriciel gĂ©nĂšre Intention as a Context (IaaC), qui comprend une intention dâactivitĂ© autodĂ©crite avec des connaissances colligĂ©es Ă Ă©valuer pour une meilleure adaptation dans des environnements intelligents.
La sĂ©mantique de lâAmI-DEU est basĂ©e sur celle du ContextAA (Context-Aware Agents) â une plateforme pour fournir une connaissance du contexte dans plusieurs environnements. Le cadriciel effectue une compilation des connaissances par des rĂšgles et l'appariement sĂ©mantique pour produire des applications IdO autonomes capables de sâexĂ©cuter en ContextAA. AmI- DEU inclut Ă©galement un outil de dĂ©veloppement visuel pour le dĂ©veloppement et le dĂ©ploiement rapide d'applications sur ContextAA. L'interface graphique dâAmI-DEU adopte la mĂ©taphore du flux avec des aides visuelles pour simplifier le dĂ©veloppement d'applications en permettant des dĂ©finitions de rĂšgles Ă©tape par Ă©tape. Dans le cadre de lâexpĂ©rimentation, AmI-DEU comprend un banc dâessai pour le dĂ©veloppement dâapplications IdO. Les rĂ©sultats expĂ©rimentaux montrent une optimisation sĂ©mantique potentielle des ressources pour les applications IoT dynamiques dans les maisons intelligentes et les villes intelligentes.
Notre approche favorise l'adoption de la technologie pour amĂ©liorer le bienĂȘtre et la qualitĂ© de vie des personnes. Cette thĂšse se termine par des orientations de recherche que le cadriciel AmI-DEU dĂ©voile pour rĂ©aliser des environnements intelligents omniprĂ©sents fournissant des adaptations appropriĂ©es pour soutenir les intentions des personnes.Abstract: This thesis aims at expanding the use of the Internet of Things (IoT) by facilitating the development of applications by people who are not experts in software development. The thesis proposes a new approach to augment IoT applicationsâ semantics and domain expert involvement in context-aware application development. Our approach enables us to manage the changing environment context and generate applications that run in multiple smart environments to provide required actions in diverse settings. Our approach is implemented in a framework (AmI-DEU) that includes the components for IoT application development. AmI- DEU integrates environment services, promotes end-user interaction, and provides the means to represent the application domain, end-user profile, and end-user intentions. The framework enables the definition of IoT applications with a self-described activity intention that contains the required knowledge to achieve the activity. Then, the framework generates Intention as a Context (IaaC), which includes a self-described activity intention with compiled knowledge to be assessed for augmented adaptations in smart environments. AmI-DEU framework semantics adopts ContextAA (Context-Aware Agents) â a platform to provide context-awareness in multiple environments. The framework performs a knowledge compilation by rules and semantic matching to produce autonomic IoT applications to run in ContextAA. AmI-DEU also includes a visual tool for quick application development and deployment to ContextAA. The AmI-DEU GUI adopts the flow metaphor with visual aids to simplify developing applications by allowing step-by-step rule definitions. As part of the experimentation, AmI-DEU includes a testbed for IoT application development. Experimental results show a potential semantic optimization for dynamic IoT applications in smart homes and smart cities. Our approach promotes technology adoption to improve peopleâs well-being and quality of life. This thesis concludes with research directions that the AmI-DEU framework uncovers to achieve pervasive smart environments providing suitable adaptations to support peopleâs intentions
Nurturing a Digital Learning Environment for Adults 55+
Being digitally competent means having competences in all areas of DigComp: Information and data literacy, Communication and collaboration, Digital content creation, Safety and Problem-solving. More than other demographic categories, adults 55+ have a wide range of levels of digitalization. Depending on their level of competences, individuals may join self-administered online courses to improve their skills, or they may need guidance from adult educators.
Taking into consideration the above situation and willing to address adult learners regardless of their initial skill levels, the proposed educational programme is carefully designed for both: self-administrated and educator-led training. It comprises five totally innovative courses that can be separately taught or can be integrated into a complex programme delivered by adult education organizations. These courses are the result of an ERASMUS+ project âDigital Facilitator for Adults 55+â.
Chapter 1 introduces the methodology for designing attractive and engaging educational materials for adultsâ digital skills improvement. The methodology clarifies the inputs, the development process and the expected results. An ample explanation of the five phases of the 5E instructional strategy is presented to help adult educators build a sequence of coherent and engaging learning stages. With this approach, learners are supported to think, work, gather ideas, identify their own skill levels and needs, analyse their progress, and communicate with others under the guidance of educators.
Following up on the proposed methodology, in Chapter 2 researchers from Formative Footprint (Spain), TEAM4Excellence (Romania), Voluntariat Pentru Viata (Romania) and Saricam Halk Egitimi Merkezi (Turkey) developed five course modules in line with the DIGCOMP - Digital Competence Framework for Citizens. These modules address the competence areas of information and data literacy, communication and collaboration, digital content creation, safety, and problem-solving. Each course module comprises digital textbooks, videos, interactive activities and means for evaluation developed using the 5E instructional model strategy.
Understanding that accessibility is one of the main components of lifelong learning education, Chapter 3 of the manual provides an overview of the integration of educational materials, tools, instruments, video tutorials as well as DIFA55+ web app in the digital educational ecosystem.
Finally, the authors formulate recommendations for usability and transferability that go beyond individuals, ensuring that educational materials are user-friendly and effective while making it easier to apply successful pedagogical approaches in other complementary educational contexts or projects.Grant Agreementâ2021-1-RO01-KA220-ADU-000035297, Digital Facilitator for Adults 55
- âŠ