Understanding digital intelligence and the norms that might govern it

Abstract: This paper describes the nature of digital intelligence and provides context for the material published as a result of the actions of National Security Agency contractor Edward Snowden. It looks at the dynamic interaction between demands from government and law enforcement for digital intelligence, and at the new possibilities that digital technology has opened up for meeting such demands. The adequacy of previous regimes of legal powers and governance arrangements is seriously challenged just at a time when the objective need for intelligence on the serious threats facing civil society is apparent. This paper suggests areas where it might be possible to derive international norms, regarded as promoting standards of accepted behaviour that might gain widespread, if not universal, international acceptance, for the safe practice of digital intelligence

Prioritizing Privacy in the Courts and Beyond

Big data has affected American life and business in a variety of ways—inspiring both technological development and industrial change. The legal protections for a person’s right to his or her own personal information, however, have not matched the growth in the collection and aggregation of data. These legal shortcomings are exacerbated when third party privacy interests are at stake in litigation. Judicial orders to compel sensitive data are expressly permitted even under the few privacy statutes that may limit data transfers. Historically, the Federal Rules of Civil Procedure favor generous disclosure of information. But as litigation becomes more technical and data collection and transfer costs are decreasing, this Article argues that the judiciary must take an invigorated role in discovery—in particular when third-party privacy interests are at stake. First, this Article explores the existing legal support for informational privacy rights in constitutions, statutes, and tort. As explained, the legal protections that exist are slim. This Article employs a novel theoretical model to illustrate that the current law is particularly ill-suited to protect third-party privacy rights in discovery because the law does not penalize parties for acquiescence to overreaching discovery requests. Therefore, with the current legal backdrop, to protect informational privacy rights, the judge’s role as the discovery gatekeeper is imperative. To emphasize the need for a privacysensitive judiciary, the Article examines an ongoing litigation, Morgan Hill Concerned Parents Ass’n v. California Dep’t of Education, where the otherwise FERPA-protected school records of an estimated ten million students were ordered to be disclosed—including addresses, social security numbers, birthdates, disciplinary records, and test scores. This Article proposes a three-step framework to protect the privacy interest of litigants and affected third parties. The time is ripe for renewed judicial focus on privacy interests in the courts, and a recent amendment to the Federal Rules was made precisely to encourage litigants and the courts to limit the size and scope of civil discovery. In addition to discovery reforms, this Article proposes changes to the law to incentivize collectors of data to either decrease collection of sensitive data or increase investment in privacy protections

Prioritizing Privacy in the Courts and Beyond

Big data has affected American life and business in a variety of ways—inspiring both technological development and industrial change. The legal protections for a person’s right to his or her own personal information, however, have not matched the growth in the collection and aggregation of data. These legal shortcomings are exacerbated when third party privacy interests are at stake in litigation. Judicial orders to compel sensitive data are expressly permitted even under the few privacy statutes that may limit data transfers. Historically, the Federal Rules of Civil Procedure favor generous disclosure of information. But as litigation becomes more technical and data collection and transfer costs are decreasing, this Article argues that the judiciary must take an invigorated role in discovery—in particular when third-party privacy interests are at stake. First, this Article explores the existing legal support for informational privacy rights in constitutions, statutes, and tort. As explained, the legal protections that exist are slim. This Article employs a novel theoretical model to illustrate that the current law is particularly ill-suited to protect third-party privacy rights in discovery because the law does not penalize parties for acquiescence to overreaching discovery requests. Therefore, with the current legal backdrop, to protect informational privacy rights, the judge’s role as the discovery gatekeeper is imperative. To emphasize the need for a privacysensitive judiciary, the Article examines an ongoing litigation, Morgan Hill Concerned Parents Ass’n v. California Dep’t of Education, where the otherwise FERPA-protected school records of an estimated ten million students were ordered to be disclosed—including addresses, social security numbers, birthdates, disciplinary records, and test scores. This Article proposes a three-step framework to protect the privacy interest of litigants and affected third parties. The time is ripe for renewed judicial focus on privacy interests in the courts, and a recent amendment to the Federal Rules was made precisely to encourage litigants and the courts to limit the size and scope of civil discovery. In addition to discovery reforms, this Article proposes changes to the law to incentivize collectors of data to either decrease collection of sensitive data or increase investment in privacy protections

A Privacy-Preserving, Context-Aware, Insider Threat prevention and prediction model (PPCAITPP)

The insider threat problem is extremely challenging to address, as it is committed by insiders who are trusted and authorized to access the information resources of the organization. The problem is further complicated by the multifaceted nature of insiders, as human beings have various motivations and fluctuating behaviours. Additionally, typical monitoring systems may violate the privacy of insiders. Consequently, there is a need to consider a comprehensive approach to mitigate insider threats. This research presents a novel insider threat prevention and prediction model, combining several approaches, techniques and tools from the fields of computer science and criminology. The model is a Privacy- Preserving, Context-Aware, Insider Threat Prevention and Prediction model (PPCAITPP). The model is predicated on the Fraud Diamond (a theory from Criminology) which assumes there must be four elements present in order for a criminal to commit maleficence. The basic elements are pressure (i.e. motive), opportunity, ability (i.e. capability) and rationalization. According to the Fraud Diamond, malicious employees need to have a motive, opportunity and the capability to commit fraud. Additionally, criminals tend to rationalize their malicious actions in order for them to ease their cognitive dissonance towards maleficence. In order to mitigate the insider threat comprehensively, there is a need to consider all the elements of the Fraud Diamond because insider threat crime is also related to elements of the Fraud Diamond similar to crimes committed within the physical landscape. The model intends to act within context, which implies that when the model offers predictions about threats, it also reacts to prevent the threat from becoming a future threat instantaneously. To collect information about insiders for the purposes of prediction, there is a need to collect current information, as the motives and behaviours of humans are transient. Context-aware systems are used in the model to collect current information about insiders related to motive and ability as well as to determine whether insiders exploit any opportunity to commit a crime (i.e. entrapment). Furthermore, they are used to neutralize any rationalizations the insider may have via neutralization mitigation, thus preventing the insider from committing a future crime. However, the model collects private information and involves entrapment that will be deemed unethical. A model that does not preserve the privacy of insiders may cause them to feel they are not trusted, which in turn may affect their productivity in the workplace negatively. Hence, this thesis argues that an insider prediction model must be privacy-preserving in order to prevent further cybercrime. The model is not intended to be punitive but rather a strategy to prevent current insiders from being tempted to commit a crime in future. The model involves four major components: context awareness, opportunity facilitation, neutralization mitigation and privacy preservation. The model implements a context analyser to collect information related to an insider who may be motivated to commit a crime and his or her ability to implement an attack plan. The context analyser only collects meta-data such as search behaviour, file access, logins, use of keystrokes and linguistic features, excluding the content to preserve the privacy of insiders. The model also employs keystroke and linguistic features based on typing patterns to collect information about any change in an insider’s emotional and stress levels. This is indirectly related to the motivation to commit a cybercrime. Research demonstrates that most of the insiders who have committed a crime have experienced a negative emotion/pressure resulting from dissatisfaction with employment measures such as terminations, transfers without their consent or denial of a wage increase. However, there may also be personal problems such as a divorce. The typing pattern analyser and other resource usage behaviours aid in identifying an insider who may be motivated to commit a cybercrime based on his or her stress levels and emotions as well as the change in resource usage behaviour. The model does not identify the motive itself, but rather identifies those individuals who may be motivated to commit a crime by reviewing their computer-based actions. The model also assesses the capability of insiders to commit a planned attack based on their usage of computer applications and measuring their sophistication in terms of the range of knowledge, depth of knowledge and skill as well as assessing the number of systems errors and warnings generated while using the applications. The model will facilitate an opportunity to commit a crime by using honeypots to determine whether a motivated and capable insider will exploit any opportunity in the organization involving a criminal act. Based on the insider’s reaction to the opportunity presented via a honeypot, the model will deploy an implementation strategy based on neutralization mitigation. Neutralization mitigation is the process of nullifying the rationalizations that the insider may have had for committing the crime. All information about insiders will be anonymized to remove any identifiers for the purpose of preserving the privacy of insiders. The model also intends to identify any new behaviour that may result during the course of implementation. This research contributes to existing scientific knowledge in the insider threat domain and can be used as a point of departure for future researchers in the area. Organizations could use the model as a framework to design and develop a comprehensive security solution for insider threat problems. The model concept can also be integrated into existing information security systems that address the insider threat problemInformation ScienceD. Phil. (Information Systems

Understanding Cyberprivacy : Context, Concept, and Issues

Cyberprivacy has become one of the most worrisome issues in the age of digitalization, as data breaches have increased at an alarming rate, and the development of technology has changed privacy norms themselves. Thus, maintaining cyberprivacy is important for both academia and practitioners. However, the literature on cyberprivacy is fragmented, since the topic is multidisciplinary and often confused with cybersecurity and data privacy. In this study, we seek to understand cyberprivacy by conducting a comprehensive literature review and analyzing 79 selected articles on the topic between 2008 and 2021. Our analysis shows that there are eight contexts associated with cyberprivacy. We proposed concepts on cyberprivacy from different views and highlighted four issues related to cyberprivacy for future consideration. Taken together, the knowledge on cyberprivacy, its challenges and its practices does not seem to accumulate. Consequently, there is a need for more targeted research on the topic to cover different contexts.©2022 The Association for Information Systems (AIS), Friedrich-Alexander-Universität, International Conference on Wirtschaftsinformatik.fi=vertaisarvioitu|en=peerReviewed

Understanding Cyberprivacy: Context, Concept, and Issues

Cyberprivacy has become one of the most worrisome issues in the age of digitalization, as data breaches have increased at an alarming rate, and the development of technology has changed privacy norms themselves. Thus, maintaining cyberprivacy is important for both academia and practitioners. However, the literature on cyberprivacy is fragmented, since the topic is multidisciplinary and often confused with cybersecurity and data privacy. In this study, we seek to understand cyberprivacy by conducting a comprehensive literature review and analyzing 79 selected articles on the topic between 2008 and 2021. Our analysis shows that there are eight contexts associated with cyberprivacy. We proposed concepts on cyberprivacy from different views and highlighted four issues related to cyberprivacy for future consideration. Taken together, the knowledge on cyberprivacy, its challenges and its practices does not seem to accumulate. Consequently, there is a need for more targeted research on the topic to cover different contexts

Ethics_ How to Develop Your Firm\u27s Cybersecurity Policy

Meeting proceedings of a seminar by the same name, held August 30, 2022

How WEIRD is Usable Privacy and Security Research? (Extended Version)

In human factor fields such as human-computer interaction (HCI) and psychology, researchers have been concerned that participants mostly come from WEIRD (Western, Educated, Industrialized, Rich, and Democratic) countries. This WEIRD skew may hinder understanding of diverse populations and their cultural differences. The usable privacy and security (UPS) field has inherited many research methodologies from research on human factor fields. We conducted a literature review to understand the extent to which participant samples in UPS papers were from WEIRD countries and the characteristics of the methodologies and research topics in each user study recruiting Western or non-Western participants. We found that the skew toward WEIRD countries in UPS is greater than that in HCI. Geographic and linguistic barriers in the study methods and recruitment methods may cause researchers to conduct user studies locally. In addition, many papers did not report participant demographics, which could hinder the replication of the reported studies, leading to low reproducibility. To improve geographic diversity, we provide the suggestions including facilitate replication studies, address geographic and linguistic issues of study/recruitment methods, and facilitate research on the topics for non-WEIRD populations.Comment: This paper is the extended version of the paper presented at USENIX SECURITY 202

Development of a Social Engineering eXposure Index (SEXI) using Open-Source Personal Information

Millions of people willingly expose their lives via Internet technologies every day, and even the very few ones who refrain from the use of the Internet find themselves exposed through data breaches. Billions of private information records are exposed through the Internet. Marketers gather personal preferences to influence shopping behavior. Providers gather personal information to deliver enhanced services, and underground hacker networks contain repositories of immense data sets. Few users of Internet technologies have considered where their information is going or who has access to it. Even fewer are aware of how decisions made in their own lives expose significant pieces of information, which can be used by cyber hackers to harm the very organizations with whom they are affiliated. While this threat can affect any person holding any position at an organization, upper management poses a significantly higher risk due to their level of access to critical data and finances targeted by cybercrime. The goal of this research was to develop and validate a Social Engineering eXposure Index (SEXI)™ using Open-Source Personal Information (OSPI) to assist in identifying and classifying social engineering vulnerabilities. This study combined an expert panel using the Delphi method, developmental research, and quantitative data collection. The expert panel categorized and assessed information privacy components into three identifiability groups, subsequently used to develop an algorithm that formed the basis for a SEXI. Validation of the algorithm used open-source personal information found on the Internet for 50 executives of Fortune 500 organizations and 50 Hollywood celebrities. The exposure of each executive and persona was quantified and the collected data were evaluated, analyzed, and presented in an anonymous aggregated form. Phase 1 of this study developed and evaluated the SEXI benchmarking instrument via an expert panel using the Delphi expert methodology. During the first round, 3,531 data points were collected with 1,530 having to do with the demographics, qualifications, experience, and working environments of the panel members as well as 2,001 attributing levels of exposure to personal information. The second Delphi round presented the panel members with the feedback of the first-round tasking them with categorizing personal information, resulting in 1,816 data points. Phase 2 of this study used the composition, weights, and categories of personal information from Phase 1 in the development of a preliminary SEXI benchmarking instrument comprised of 105 personal information items. Simulated data was used to validate the instrument prior to the data collection. Before initiating Phase 3, the preliminary SEXI benchmarking instrument was fully tested to verify the accuracy of recorded data. Phase 3 began with discovering, evaluating, and validating repositories of publicly available data sources of personal information. Approximately two dozen sources were used to collect 11,800 data points with the SEXI benchmarking index. Upon completion of Phase 3, data analysis of the Fortune 500 executives and Hollywood personas used to validate the SEXI benchmarking index. Data analysis was conducted in Phase 3 by one-way Analysis of Variance (ANOVA). The results of the ANOVA data analysis from Phase 3 revealed that age, gender, marital status, and military/police experience were not significant in showing SEXI differences. Additionally, income, estimated worth, industry, organization position, philanthropic contributions are significant, showing differences in SEXI. The most significant differences in SEXI in this research study were found with writers and chief information officers. A t-test was performed to compare the Fortune 500 executives and the Hollywood personas. The results of the t-test data analysis showed a significant difference between the two groups in that Hollywood Personas had a higher SEXI than the Fortune 500 Executives suggesting increased exposure due to OSPI. The results of this research study established, categorized, and validated a quantifiable measurement of personal information. Moreover, the results of this research study validated that the SEXI benchmarking index could be used to assess an individual’s exposure to social engineering due to publicly available personal information. As organizations and public figures rely on Internet technologies understanding the level of personal information exposure is critical is protecting against social engineering attacks. Furthermore, assessing personal information exposure could provide an organization insight into exposed personal information facilitating further mitigation of threats or potential social engineering attack vectors. Discussions and implications for future research are provided