Analytic surveillance: Big data business models in the time of privacy awareness

 Massive data collection and analysis is at the heart of many business models today. New technologies allow for fine-grained recommendation systems that help companies make accurate market predictions while also providing clients with highly personalized services. Because of this, extreme care must be taken when it comes to storing and managing personal (often highly sensitive) information. In this paper we focus on the influence of big data management in media business content platforms, mainly in well-known OTT (Over the Top) services. In addition, we comment on the implications of data management in social networks. We discuss the privacy and security risks associated with this novel scenario, and briefly comment on tools that aid in securing the privacy of business intelligence within this context

Service Security and Privacy as a Socio-Technical Problem: Literature review, analysis methodology and challenge domains

Published online September 2015 accepted: 15 September 2014Published online September 2015 accepted: 15 September 2014The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly tackled by consolidated research in security protocol design and analysis. By contrast, it entails much broader dimensions pertaining to how users approach technology and understand the risks for the data they enter. For example, users may express cautious or distracted personas depending on the service and the point in time; further, pre-established paths of practice may lead them to neglect the intrusive privacy policy offered by a service, or the outdated protections adopted by another. The approach that sees the service security and privacy problem as a socio-technical one needs consolidation. With this motivation, the article makes a threefold contribution. It reviews the existing literature on service security and privacy, especially from the socio-technical standpoint. Further, it outlines a general research methodology aimed at layering the problem appropriately, at suggesting how to position existing findings, and ultimately at indicating where a transdisciplinary task force may fit in. The article concludes with the description of the three challenge domains of services whose security and privacy we deem open socio-technical problems, not only due to their inherent facets but also to their huge number of users

Freedom to Hack

Swaths of personal and nonpersonal information collected online about internet users are increasingly being used in sophisticated ways to manipulate them based on that information. This represents a new trend in the exploitation of data, where instead of pursuing direct financial gain based on the face value of the data, actors are seeking to engage in data analytics using advanced artificial intelligence technologies that would allow them to more easily access individuals’ cognition and future behavior. Although in recent years the concept of online manipulation has received some academic and policy attention, the desirable relationship between the data-breach law and online manipulation is not yet well-appreciated. In other words, regulators and courts are yet to realize the power of existing legal mechanisms pertaining to data breaches in mitigating the harm of online manipulation. This Article provides an account of this relationship, by looking at online manipulation achieved through psychographic profiling. It submits that the volume, efficacy, and sophistication of present online manipulation techniques pose a considerable and immediate danger to autonomy, privacy, and democracy. Internet actors, political entities, and foreign adversaries fastidiously study the personality traits and vulnerabilities of potential voters and, increasingly, target each such voter with an individually tailored stream of information or misinformation with the intent of exploiting the weaknesses of these individuals. While new norms and regulations will have to be enacted at a certain point to address the problem of manipulation, data-breach law could provide a much-needed backdrop for the challenges presented by online manipulation, while alleviating the sense of lawlessness engulfing current misuses of personal and nonpersonal data. At the heart of this Article is the inquiry of data-breach law’s ability to recognize the full breadth of potential misuse of breached personal information, which today includes manipulation for political purposes. At present, data-breach jurisprudence does very little to recognize its evolving role in regulating misuses of personal information by unauthorized parties. It is a jurisprudence that is partially based on a narrow approach that seeks to remedy materialized harm in the context of identity theft or fraud. This approach contravenes the purpose of data-breach law – to protect individuals from the externalities of certain cyber risks by bridging informational asymmetries between corporations and consumers. This Article develops the theoretical connection between data-breach law and online manipulation, providing for a meaningful regulatory solution that is not currently used to its full extent