Developers' Privacy Education: A game framework to stimulate secure coding behaviour

Software privacy provides the ability to limit data access to unauthorized parties. Privacy is achieved through different means, such as implementing GDPR into software applications. However, previous research revealed that the lack of poor coding behaviour leads to privacy breaches such as personal data breaching. Therefore, this research proposes a novel game framework as a training intervention enabling developers to implement privacy-preserving software systems. The proposed framework was empirically investigated through a survey study (with some exit questions), which revealed the elements that should be addressed in the game design framework. The developed game framework enhances developers' secure coding behaviour to improve the privacy of the software they develop.Comment: 1

A Blockchain-Based Framework for Distributed Agile Software Testing Life Cycle

A blockchain-based framework for distributed agile software testing life cycle is an innovative approach that uses blockchain technology to optimize the software testing process. Previously, various methods were employed to address communication and collaboration challenges in software testing, but they were deficient in aspects such as trust, traceability, and security. Additionally, a significant cause of project failure was the non-completion of unit testing by developers, leading to delayed testing. This paper integration of blockchain technology in software testing resolves critical concerns related to transparency, trust, coordination, and communication. We have proposed a blockchain based framework named as TestingPlus. TestingPlus framework utilizes blockchain technology to provide a secure and transparent platform for acceptance testing and payment verification. By leveraging smart contracts on a private Ethereum blockchain, TestingPlus can help to ensure that both the testing team and the development team are working towards a common goal and are compensated fairly for their contributions.Comment: 4 figures, 12 page

Privacy Harm and Non-Compliance from a Legal Perspective

In today\u27s data-sharing paradigm, personal data has become a valuable resource that intensifies the risk of unauthorized access and data breach. Increased data mining techniques used to analyze big data have posed significant risks to data security and privacy. Consequently, data breaches are a significant threat to individual privacy. Privacy is a multifaceted concept covering many areas, including the right to access, erasure, and rectify personal data. This paper explores the legal aspects of privacy harm and how they transform into legal action. Privacy harm is the negative impact to an individual as a result of the unauthorized release, gathering, distillation, or expropriation of personal information. Privacy Enhancing Technologies (PETs) emerged as a solution to address data privacy issues and minimize the risk of privacy harm. It is essential to implement privacy enhancement mechanisms to protect Personally Identifiable Information (PII) from unlawful use or access. FIPPs (Fair Information Practice Principles), based on the 1973 Code of Fair Information Practice (CFIP), and the Organization for Economic Cooperation and Development (OECD), are a collection of widely accepted, influential US codes that agencies use when evaluating information systems, processes, programs, and activities affecting individual privacy. Regulatory compliance places a responsibility on organizations to follow best practices to ensure the protection of individual data privacy rights. This paper will focus on FIPPs, relevance to US state privacy laws, their influence on OECD, and reference to the EU General Data Processing Regulation. (GDPR). Keywords —Privacy harm, Privacy Enhancing Technologies(PETs),Fair Information Practice Principles (FIPPs

Mobile User\u27s Privacy Decision Making: Integrating Economic Exchange and Social Justice Perspectives

Recent advances in wireless computing and communication have led to the proliferation of location-based services (LBS). While LBS offer users the flexibility of accessing network services on the move, potential privacy violations have emerged as a contentious issue because details of user identities, movements and behaviors are available to LBS providers. Drawing on the economic exchange and social justice theories, this research addresses privacy issues by examining key mechanisms that can alleviate users’ privacy concerns. A theoretical framework is developed to link three privacy assurance mechanisms (technology control, industry self-regulation, and government legislation) to the individual privacy decision making process. In addition, as the individual privacy decision making is usually dynamic and context-specific, the research model will be tested in three different contexts with three different types of LBS applications (safety, advertising, and social networking applications). This research contributes to a better understanding of the dynamic and dialectic nature of information privacy through a combination of theoretical and empirical research efforts. The interplay between social and technological issues associated with the privacy assurance will be the interests for application developers, service providers and policy makers

Your Privacy Is Your Friend's Privacy: Examining Interdependent Information Disclosure on Online Social Networks

The highly interactive nature of interpersonal communication on online social networks (OSNs) impels us to think about privacy as a communal matter, with users' private information being revealed by not only their own voluntary disclosures, but also the activities of their social ties. The current privacy literature has identified two types of information disclosures in OSNs: self-disclosure, i.e., the disclosure of an OSN user's private information by him/herself; and co-disclosure, i.e., the disclosure of the user's private information by other users. Although co-disclosure has been increasingly identified as a new source of privacy threat inherent to the OSN context, few systematic attempts have been made to provide a framework for understanding the commonalities and distinctions between self- vs. co-disclosure, especially pertaining to different types of private information. To address this gap, this paper presents a data-driven study that builds upon an innovative measurement for quantifying the extent to which others' co-disclosure could lead to actual privacy harm. The results demonstrate the significant harm caused by co-disclosure and illustrate the differences between the identity elements revealed through self- and co-disclosure

Your Privacy Is Your Friend\u27s Privacy: Examining Interdependent Information Disclosure on Online Social Networks

The highly interactive nature of interpersonal communication on online social networks (OSNs) impels us to think about privacy as a communal matter, with users\u27 private information being revealed by not only their own voluntary disclosures, but also the activities of their social ties. The current privacy literature has identified two types of information disclosures in OSNs: self-disclosure, i.e., the disclosure of an OSN user\u27s private information by him/herself; and co-disclosure, i.e., the disclosure of the user\u27s private information by other users. Although co-disclosure has been increasingly identified as a new source of privacy threat inherent to the OSN context, few systematic attempts have been made to provide a framework for understanding the commonalities and distinctions between self- vs. co-disclosure, especially pertaining to different types of private information. To address this gap, this paper presents a data-driven study that builds upon an innovative measurement for quantifying the extent to which others\u27 co-disclosure could lead to actual privacy harm. The results demonstrate the significant harm caused by co-disclosure and illustrate the differences between the identity elements revealed through self- and co-disclosure

Socio-Technical Analysis of Indonesian Government E-Procurement System Implementation

Abstract: E-governance has become increasingly important to deliver better public services, and increase public trust. One of Indonesia’s e-government reform initiatives was to improve public spending efficiency through public e-procurement system. It is argued that an effective national e-procurement system will potentially generate great savings in the government expenditure, assist in delivering better public services and increase trust. Despite the reform, Indonesia’s public e-procurement has not been very successful due to socio-economic problems. With a specific focus on e-procurement and the issues of transparency and accountability in Indonesia, this research aims to investigate the role and barriers of information technology in enhancing information transparency and accountability to the public. Actor-network theory and the notion of delegation approach are employed in this research. Six semi-structured interviews were conducted with the developers and management of Indonesia Government e-Procurement System, which includes the e-Procurement Directory staff in the Institution of Government Procurement Policy (IGPP), and the users of an e-procurement system. This research concludes that information technology was delegated to automate the procurement process to increase transparency, accountability and prevent fraud. However, barriers of e-literacy, lack of leadership, a reluctance of implementation, and lack of infrastructure created obstacles to attain the goals. This infers that social and technical aspects are interrelated and empower each other to support the technology in enhancing information transparency and accountability. This research suggests that there should be an increased collaborative approach between the developers and users in the application development and implementation to improve e-procurement system implementation to achieve transparency and accountability.Abstrak: E-governance telah menjadi semakin penting untuk memberikan layanan publik yang lebih baik, dan meningkatkan kepercayaan publik. Salah satu inisiatif reformasi e-government Indonesia adalah untuk meningkatkan efisiensi belanja publik melalui sistem e-procurement publik. Dikatakan bahwa sistem e-procurement nasional yang efektif akan berpotensi  menghasilkan  penghematan  besar  dalam  pengeluaran  pemerintah, membantu dalam memberikan layanan publik yang lebih baik dan meningkatkan kepercayaan. Meskipun reformasi, e-procurement publik Indonesia belum berhasil karena masalah sosial-ekonomi. Dengan fokus khusus pada e-procurement dan isu transparansi dan akuntabilitas di Indonesia, penelitian ini bertujuan untuk menyelidiki peran dan hambatan teknologi informasi dalam meningkatkan transparansi informasi dan akuntabilitas kepada publik. Teori jaringan aktor dan gagasan pendekatan delegasi digunakan dalam penelitian ini. Enam wawancara semi-terstruktur dilakukan dengan pengembang dan manajemen Sistem e-Procurement Pemerintah Indonesia, yang mencakup staf Direktori e-Procurement di Lembaga Kebijakan Pengadaan Pemerintah (LKPP), dan pengguna sistem e-procurement. Penelitian ini menyimpulkan bahwa teknologi informasi didelegasikan untuk mengotomatiskan proses pengadaan untuk meningkatkan transparansi, akuntabilitas dan mencegah penipuan. Namun, hambatan e-literacy, kurangnya kepemimpinan, keengganan implementasi, dan kurangnya infrastruktur menciptakan hambatan untuk mencapai tujuan. Ini menyimpulkan bahwa aspek sosial dan teknis saling terkait dan memberdayakan satu sama lain untuk mendukung teknologi dalam meningkatkan transparansi informasi dan akuntabilitas. Penelitian ini menunjukkan bahwa harus ada peningkatan pendekatan kolaboratif antara pengembang dan pengguna dalam pengembangan aplikasi dan implementasi untuk meningkatkan implementasi sistem e-procurement untuk mencapai transparansi dan akuntabilitas

POLICY PROCESSES SUPPORT THROUGH INTEROPERABILITY WITH SOCIAL MEDIA

Governments of many countries attempt to increase public participation by exploiting the capabilities and high penetration of the Internet. In this direction they make considerable investments for constructing and operating e-participation websites; however, the use of them has been in general limited and below expectations. For this reason governments, in order to widen e-participation, should investigate the exploitation of the numerous users-driven Web 2.0 social media as well, which seem to be quite successful in attracting huge numbers of users. This paper describes a methodology for the exploitation of the Web 2.0 social media by government organizations in the processes of public policies formulation, through a central platform-toolset providing interoperability with many different social media, and enabling posting and retrieving content from them in a systematic centrally managed and machinesupported automated manner (through their application programming interfaces (APIs)). The proposed methodology includes the use of ‘Policy Gadgets’ (Padgets), which are defined as micro web applications presenting policy messages in various popular Web 2.0 social media (e.g. social networks, blogs, forums, news sites, etc) and collecting users’ interactions with them (e.g. views, comments, ratings, votes, etc.). Interaction data can be used as input in policy simulation models estimating the impact of various policy options. Encouraging have been the conclusions from the analysis of the APIs of 10 highly popular social media, which provide extensive capabilities for publishing content on them (e.g. data, images, video, links, etc.) and also for retrieving relevant user activity and content (e.g. views, comments, ratings, votes, etc.), though their continuous evolution might pose significant difficulties and challenges