The Impacts of Privacy Rules on Users' Perception on Internet of Things (IoT) Applications: Focusing on Smart Home Security Service

Department of Management EngineeringAs communication and information technologies advance, the Internet of Things (IoT) has changed the way people live. In particular, as smart home security services have been widely commercialized, it is necessary to examine consumer perception. However, there is little research that explains the general perception of IoT and smart home services. This article will utilize communication privacy management theory and privacy calculus theory to investigate how options to protect privacy affect how users perceive benefits and costs and how those perceptions affect individuals??? intentions to use of smart home service. Scenario-based experiments were conducted, and perceived benefits and costs were treated as formative second-order constructs. The results of PLS analysis in the study showed that smart home options to protect privacy decreased perceived benefits and increased perceived costs. In addition, the perceived benefits and perceived costs significantly affected the intention to use smart home security services. This research contributes to the field of IoT and smart home research and gives practitioners notable guidelines.ope

Micromobility evolution and expansion: Understanding how docked and dockless bikesharing models complement and compete – A case study of San Francisco

Shared micromobility – the shared use of bicycles, scooters, or other low-speed modes – is an innovative transportation strategy growing across the United States that includes various service models such as docked, dockless, and e-bike service models. This research focuses on understanding how docked bikesharing and dockless e-bikesharing models complement and compete with respect to user travel behaviors. To inform our analysis, we used two datasets from February 2018 of Ford GoBike (docked) and JUMP (dockless electric) bikesharing trips in San Francisco. We employed three methodological approaches: 1) travel behavior analysis, 2) discrete choice analysis with a destination choice model, and 3) geospatial suitability analysis based on the Spatial Temporal Economic Physiological Social (STEPS) to Transportation Equity framework. We found that dockless e-bikesharing trips were longer in distance and duration than docked trips. The average JUMP trip was about a third longer in distance and about twice as long in duration than the average GoBike trip. JUMP users were far less sensitive to estimated total elevation gain than were GoBike users, making trips with total elevation gain about three times larger than those of GoBike users, on average. The JUMP system achieved greater usage rates than GoBike, with 0.8 more daily trips per bike and 2.3 more miles traveled on each bike per day, on average. The destination choice model results suggest that JUMP users traveled to lower-density destinations, and GoBike users were largely traveling to dense employment areas. Bike rack density was a significant positive factor for JUMP users. The location of GoBike docking stations may attract users and/or be well-placed to the destination preferences of users. The STEPS-based bikeability analysis revealed opportunities for the expansion of both bikesharing systems in areas of the city where high-job density and bike facility availability converge with older resident populations

Big Brother is Listening to You: Digital Eavesdropping in the Advertising Industry

In the Digital Age, information is more accessible than ever. Unfortunately, that accessibility has come at the expense of privacy. Now, more and more personal information is in the hands of corporations and governments, for uses not known to the average consumer. Although these entities have long been able to keep tabs on individuals, with the advent of virtual assistants and “always-listening” technologies, the ease by which a third party may extract information from a consumer has only increased. The stark reality is that lawmakers have left the American public behind. While other countries have enacted consumer privacy protections, the United States has no satisfactory legal framework in place to curb data collection by greedy businesses or to regulate how those companies may use and protect consumer data. This Article contemplates one use of that data: digital advertising. Inspired by stories of suspiciously well-targeted advertisements appearing on social media websites, this Article additionally questions whether companies have been honest about their collection of audio data. To address the potential harms consumers may suffer as a result of this deficient privacy protection, this Article proposes a framework wherein companies must acquire users\u27 consent and the government must ensure that businesses do not use consumer information for harmful purposes

The Relationship Between Intensity of Fitness Tracker Usage and Motivation

Many college students engage in unhealthy behaviors which may contribute to diseases. Additionally, some students may lack motivation to rectify these behaviors to improve their long-term health. This study assessed the relationship between intensity of fitness tracker usage and motivation among health professions students at a large, public Midwestern university. This non-experimental, correlational study used convenience sampling and a theoretical framework based on Bandura’s Social Cognitive Theory. Online recruitment announcements were emailed and included links to the consent form and survey. Motivation was measured with Deci and Ryan’s modified self-determination tool. Intensity of tracker usage was measured using a scale of questions regarding various tracker functions. The data was analyzed with Pearson’s coefficient correlations and no significant relationships between intensity of tracker usage and (a) intrinsic motivation, (b) extrinsic motivation, and (c) prosocial behaviors were found

An Automated Approach to Auditing Disclosure of Third-Party Data Collection in Website Privacy Policies

A dominant regulatory model for web privacy is "notice and choice". In this model, users are notified of data collection and provided with options to control it. To examine the efficacy of this approach, this study presents the first large-scale audit of disclosure of third-party data collection in website privacy policies. Data flows on one million websites are analyzed and over 200,000 websites' privacy policies are audited to determine if users are notified of the names of the companies which collect their data. Policies from 25 prominent third-party data collectors are also examined to provide deeper insights into the totality of the policy environment. Policies are additionally audited to determine if the choice expressed by the "Do Not Track" browser setting is respected. Third-party data collection is wide-spread, but fewer than 15% of attributed data flows are disclosed. The third-parties most likely to be disclosed are those with consumer services users may be aware of, those without consumer services are less likely to be mentioned. Policies are difficult to understand and the average time requirement to read both a given site{\guillemotright}s policy and the associated third-party policies exceeds 84 minutes. Only 7% of first-party site policies mention the Do Not Track signal, and the majority of such mentions are to specify that the signal is ignored. Among third-party policies examined, none offer unqualified support for the Do Not Track signal. Findings indicate that current implementations of "notice and choice" fail to provide notice or respect choice

The Transitivity of Trust Problem in the Interaction of Android Applications

Mobile phones have developed into complex platforms with large numbers of installed applications and a wide range of sensitive data. Application security policies limit the permissions of each installed application. As applications may interact, restricting single applications may create a false sense of security for the end users while data may still leave the mobile phone through other applications. Instead, the information flow needs to be policed for the composite system of applications in a transparent and usable manner. In this paper, we propose to employ static analysis based on the software architecture and focused data flow analysis to scalably detect information flows between components. Specifically, we aim to reveal transitivity of trust problems in multi-component mobile platforms. We demonstrate the feasibility of our approach with Android applications, although the generalization of the analysis to similar composition-based architectures, such as Service-oriented Architecture, can also be explored in the future

DOES PRIVACY THREAT MATTER IN MOBILE HEALTH SERVICE? FROM HEALTH BELIEF MODEL PERSPECTIVE

A lot of mobile health (mHealth) service apps have been launched in the market with advances in technology. When people decide to use these mHealth service apps, they have to provide their personal data or personal health data more or less to the service providers. However, the health data is more sensitive data than general personal data. In addition, the behaviour of using mHealth service apps includes technology use behaviour and health promotion behaviour. Therefore, we employed HBM to be the theory foundation to find out what factors will impact on the intention to upload personal health data via a mHealth service app. Online questionnaires were distributed and 133 valid questionnaires were returned. The results showed the perceived benefits is the only factor to influence an individual intention to upload personal health data. The specific information privacy concerns has no significant effect on the behaviour intention. That means people value the benefits that the mhealth service app can bring more than the threat of privacy they perceived. The construct, disposition to value privacy (DTVP), have strong effects on perceived vulnerability, perceived severity, and specific information privacy concerns. Future studies will be recommended

The Mediating Role of Awareness in Bridging the Expectancy-Capability Gap in Mobile Identity Protection

AlHelaly, Y., Dhillon, G., & Oliveira, T. (2023). When Expectation Fails and Motivation Prevails: The Mediating Role of Awareness in Bridging the Expectancy-Capability Gap in Mobile Identity Protection. Computers & Security, 134(November), 1-20. [103470]. https://doi.org/10.1016/j.cose.2023.103470Identity theft poses a significant threat to mobile users, yet mobile identity protection is often overlooked in cybersecurity literature. Despite various technical solutions proposed, little attention has been given to the motivational aspects of protection. Moreover, the disparity between individuals' expectations and their ability to safeguard their mobile identities exacerbates the problem. This study adopts a mixed-methods approach and draws on expectancy-value theory to address these gaps and explore the impact of expectations, capabilities, motivational values, technical measures, and awareness on individuals' intentions to achieve mobile identity protection. Our research reveals that protection awareness acts as a crucial mediator between individuals' expectations and capabilities. Additionally, motivational values not only enhance technical protection measures but also significantly influence identity protection intentions. Furthermore, we identify the moderating effect of protection experience on individuals' expectations and perceived value of identity protection. This study contributes to mobile security literature by highlighting the pivotal role of protection awareness in bridging the divide between individual expectations and actual capabilities in mobile identity protection.publishersversionpublishe