Mobile Privacy and Business-to-Platform Dependencies: An Analysis of SEC Disclosures

This Article systematically examines the dependence of mobile apps on mobile platforms for the collection and use of personal information through an analysis of Securities and Exchange Commission (SEC) filings of mobile app companies. The Article uses these disclosures to find systematic evidence of how app business models are shaped by the governance of user data by mobile platforms, in order to reflect on the role of platforms in privacy regulation more generally. The analysis of SEC filings documented in the Article produces new and unique insights into the data practices and data-related aspects of the business models of popular mobile apps and shows the value of SEC filings for privacy law and policy research more generally. The discussion of SEC filings and privacy builds on regulatory developments in SEC disclosures and cybersecurity of the last decade. The Article also connects to recent regulatory developments in the U.S. and Europe, including the General Data Protection Regulation, the proposals for a new ePrivacy Regulation and a Regulation of fairness in business-to-platform relations

To Tell or Not to Tell: Predictors of Disclosure and Privacy Settings Usage in an Online Social Networking Site (Facebook)

Use of social networking sites has grown exponentially over the last decade. Facebook, a popular social networking site, currently boasts membership of over 500 million users (www.facebook.com). In the present research, four studies were conducted to examine factors that impact on self-disclosure and privacy settings use. The primary goal for Studies 1 A, B and C involved developing methods for organizing and understanding the information that individuals disclose through social networking sites. Specifically, in Study 1 A, a scoring tool was developed in order to comprehensively assess the content of the personal profiles. In Study 1 B, grouping categories (default/standard information, sensitive personal information, and potentially stigmatizing information) were developed to examine information pertinent to identity threat, personal and group threat. Finally, in Study 1 C, an alternative grouping strategy was developed to include all information present in Facebook, organized as a function of the content that was presented. Overall, these studies indicated that approximately 25% of all possible information that could potentially be disclosed by users was disclosed. Presenting personal information such as gender and age was related to disclosure of other sensitive and highly personal information as well as greater disclosure. As age increased, the amount of personal information in profiles decreased. Those seeking a relationship were at greater risk of threat, and disclosed the greatest amount of highly sensitive and potentially stigmatizing information. Study 2 examined whether giving participants stories to read that did or did not alert participants to potential dangers of disclosure and the media context (electronic or hard copy formats) impacted on disclosure and privacy settings use. In addition, the predictive power of gender and the virtual other (the audience in mind) was also examined. Females disclosed less sensitive information than males after reading a personal privacy invasion story. Disclosure was less when the target for whom the information was being posted was the same gender as the participant, and more when the target was the opposite gender of the participant. Disclosure of specific content areas also differed by gender of the discloser. Only 20.3% of participants employed privacy settings. When a virtual audience consisting of referents other than friends or the self was in mind, use of privacy settings increased. Lastly, participants who filled out Facebook profiles on paper-and-pencil disclosed more as compared to their online Facebook counterparts. Overall, these findings shed light on some of the factors that may be related to over-disclosure, and help to identify those users who are at particular risk when online. In addition, these studies examined a relatively novel but highly important area, privacy settings and the factors that relate to use. The notion of the virtual other is one that demands further examination and may prove useful in understanding how and why people choose to share highly personal information online, and most importantly, employ privacy settings

Consumer intent to disclose personal information in ecommerce: a comparison of Estonia and the United States

2014 Fall.An online survey conducted among participants in the US (n=248) and Estonia (n=225) examined willingness to disclose and perceived risks pertaining to disclosing personally identifying information (PII, also referred to as personal data in Europe) in ecommerce, as well as attitude toward disclosure in general, and anxiety disclosing personal data. Additionally, the study investigated how willingness to disclose and perceived risk of disclosing personal data were affected by demographic variables, trust in the Internet and trust in institutions, the Big Five personality dimensions found in the psychology literature (neuroticism, openness, agreeableness, conscientiousness, and extraversion), and four sets of perceived shopping benefits (opportunity benefits, bargain benefits, purchase benefits, and expected privacy benefits). Despite Estonia's advanced adoption and progressive policies and practices toward the Internet, Americans were more willing to disclose, exhibited more positive attitudes, demonstrated less anxiety, and were less concerned about perceived risks. For Estonians, ecommerce experience, perceived purchase benefits, and trust in the Internet and institutions were significant predictors of willingness to disclose personal data. Americans who perceived purchase benefits were found to be the most likely to disclose PII, while Americans with lower levels of education were also more willing to disclose. The study utilized a 17-item list of potential disclosure items (name, email address, etc.) and showed these can be categorized reliably into six sub-indices: contact information, payment information, life history information, financial/medical information, work-related information, and online account information. Further, a reliable efficient, 20-item scale was developed that can be deployed in future studies investigating the Big Five personality traits. Online disclosure consciousness (ODC) was introduced as a framework to conceptualize and empirically measure the gap between one's willingness to disclose and perceived risk pertaining to the overall 17-item index used in the study, the sub-indices, and particular items. Using 7-point Likert-type measures, the results showed significant gaps among participants both within and across nations. A 5-scenario online disclosure consciousness model is presented to explain the tradeoffs involved in making a disclosure decision, with absolute willingness to disclose and absolute perceived risk on the two extremes and theoretical midpoint where the two competing motivations cancel themselves out. Changes in a person's position along the continuum are posited to be influenced by marketers' initiatives, personal experiences, and external factors. Implications for theory, consumers, marketing practice, and public policy are discussed. The findings suggest that willingness to disclose and risk aversion can and should be analyzed empirically together. Thus, the ODC model provides an alternative conceptualization to the ideas of the privacy paradox, privacy calculus, and privacy cost-benefit ratios found in the literature. The study suggests consumers have a responsibility to educate themselves about online disclosure practices and how to protect their privacy. The findings also suggest marketers and policy makers should recognize that data disclosed online are not all equally sensitive to consumers. However, fostering trust, reducing risks, and promoting benefits are essential to the future of ecommerce

DEFACING THE ‘BOOK: EXAMINING INFORMATION REVELATION, INTERNET PRIVACY CONCERNS AND PRIVACY PROTECTION IN FACEBOOK

The focus of much research on social network sites (SNSs) has been on the amount and types of information revealed, the relatively open nature of the information, and the apparent lack of controls employed by users. The aim of the present study was to expand the research in this area by identifying the factors that influence information revelation and privacy protection on Facebook, as well as to examine the strategies developed by students to protect themselves against privacy threats. A mixed-methods data collection approach was employed that included a questionnaire, semi-structured interviews and profile analyses. Findings show that students manage their Internet privacy concerns by withholding personal information and address their concerns about unwanted audiences by altering the visibility of their information from within the site. The findings provide insight into students’ motivations for information revelation on Facebook and the ways in which they negotiate privacy on the site

Social Data

As online social media grow, it is increasingly important to distinguish between the different threats to privacy that arise from the conversion of our social interactions into data. One well-recognized threat is from the robust concentrations of electronic information aggregated into colossal databases. Yet much of this same information is also consumed socially and dispersed through a user interface to hundreds, if not thousands, of peer users. In order to distinguish relationally shared information from the threat of the electronic database, this essay identifies the massive amounts of personal information shared via the user interface of social technologies as “social data.” The main thesis of this essay is that, unlike electronic databases, which are the focus of the Fair Information Practice Principles (FIPPs), there are no commonly accepted principles to guide the recent explosion of voluntarily adopted practices, industry codes, and laws that address social data. This essay aims to remedy that by proposing three social data principles — a sort of FIPPs for the front-end of social media: the Boundary Regulation Principle, the Identity Integrity Principle, and the Network Integrity Principle. These principles can help courts, policymakers, and organizations create more consistent and effective rules regarding the use of social data

Informational Privacy and Self-Disclosure Online: A Critical Mixed-Methods Approach to Social Media

This thesis investigates the multifaceted processes that have contributed to normalising identifiable self-disclosure in online environments and how perceptions of informational privacy and self-disclosure behavioural patterns have evolved in the relatively brief history of online communication. Its investigative mixed-methods approach critically examines a wide and diverse variety of primary and secondary sources and material to bring together aspects of the social dynamics that have contributed to the generalised identifiable self-disclosure. This research also utilises the results of the exploratory statistical as well as qualitative analysis of an extensive online survey completed by UCL students as a snapshot in time. This is combined with arguments developed from an analysis of existing published sources and looks ahead to possible future developments. This study examines the time when people online proved to be more trusting, and how users of the Internet responded to the development of the growing societal need to share personal information online. It addresses issues of privacy ethics and how they evolved over time to allow a persistent association of online self-disclosure to real-life identity that had not been seen before the emergence of social network sites. The resistance to identifiable self-disclosure before the widespread use of social network sites was relatively resolved by a combination of elements and circumstances. Some of these result from the demographics of young users, users' attitudes to deception, ideology and trust-building processes. Social and psychological factors, such as gaining social capital, peer pressure and the overall rewarding and seductive nature of social media, have led users to waive significant parts of their privacy in order to receive the perceived benefits. The sociohistorical context allows this research to relate evolving phenomena like the privacy paradox, lateral surveillance and self-censorship to the revamped ethics of online privacy and self-disclosure

COLLEGE STUDENTS’ USE OF SOCIAL MEDIA TO COMMUNICATE ABOUT ALCOHOL AND DRINKING BEHAVIORS

Social networking sites (SNSs) are an increasingly popular channel for communication among college students. Often students disclose more freely via social networking sites than they would in other situations. These disclosures commonly include information about engaging in risky health behaviors (e.g., binge drinking). Study 1 examined students’ impression management goals and self-presentation tactics specifically related to self-disclosures of drinking behavior on SNSs. Findings suggest that students use differing self-presentation tactics across various SNSs in order to achieve their impression management goals and to avoid consequences associated with disclosing about risky health behaviors to certain audiences. Study 2 sought to develop and measure SNS communication about alcohol related activities (SNCAA). It used the theory of normative social behavior as framework for investigating and predicting SNCAA. Additional variables that predict SNCAA were also identified. Findings demonstrate partial fit of the TNSB as a framework for explaining SNCAA. The overarching results of this project suggest a need for interventions aimed at reducing students’ SNCAA as well as increasing their overall knowledge about privacy and safety online