Learning analytics and higher education: a proposed model for establishing informed consent mechanisms to promote student privacy and autonomy

By tracking, aggregating, and analyzing student profiles along with students’ digital and analog behaviors captured in information systems, universities are beginning to open the black box of education using learning analytics technologies. However, the increase in and usage of sensitive and personal student data present unique privacy concerns. I argue that privacy-as-control of personal information is autonomy promoting, and that students should be informed about these information flows and to what ends their institution is using them. Informed consent is one mechanism by which to accomplish these goals, but Big Data practices challenge the efficacy of this strategy. To ensure the usefulness of informed consent, I argue for the development of Platform for Privacy Preferences (P3P) technology and assert that privacy dashboards will enable student control and consent mechanisms, while providing an opportunity for institutions to justify their practices according to existing norms and values

A conceptual framework for privacy policy negotiation in web services

Research into privacy in web services based service-oriented environment gained attention in recent years. Business Transaction Level Data (TLD) privacy is important because in web services the interaction between the Service Provider and Service consumer is far more complicated than in the browser-server environment. This results in an enormous amount of data, and complex data, which raises many transaction level data privacy issues. In web services we can define arbitrary transaction inter-faces and hence, the privacy concerns and associated complexity increases. The existing privacy solutions only offer session level data privacy; therefore, we extend this solution by adding transaction level data privacy. This would offer the service provider and consumer more control over their privacy data, and so that is the difference between existing privacy negotiation protocols and new generation service oriented based privacy protocols. In this paper we tackle this issue of privacy policy negotiation in the distributed service-oriented computing environment. To solve this privacy issue we propose a framework that would negotiate and generate dynamic transaction-based privacy policies based on transaction-related confidential data and its associated privacy preferences. A detailed protocol and supporting context is provided to illustrate the applicability of our proposed framework

Balancing smartness and privacy for the Ambient Intelligence

Ambient Intelligence (AmI) will introduce large privacy risks. Stored context histories are vulnerable for unauthorized disclosure, thus unlimited storing of privacy-sensitive context data is not desirable from the privacy viewpoint. However, high quality and quantity of data enable smartness for the AmI, while less and coarse data benefit privacy. This raises a very important problem to the AmI, that is, how to balance the smartness and privacy requirements in an ambient world. In this article, we propose to give to donors the control over the life cycle of their context data, so that users themselves can balance their needs and wishes in terms of smartness and privacy

A Distributed Context-Aware Trust Management Architecture

The realization of a pervasive context-aware service platform imposes new challenges for the security and privacy aspects of the system in relation to traditional service platforms. One important aspect is related with the management of trust relationships, which is especially hard in a pervasive environment because users are supposed to interact with entities unknown before hand in an ad-hoc and dynamic manner. Current trust management solutions do not adapt nor scale well in this dynamic service provisioning scenario because they require previously defined trust relationships in order to operate. The objective of this thesis is to design, prototype and validate a context-aware distributed trust management architecture in order to address: (a) the lack of integration between available trust solutions and security and privacy management languages, and (b) the dynamic characteristics of a context-aware service platform

P3P semantic checker of site behaviours

The interactive use of the web between users and service providers introduces a privacy problem that involves the undesired disclosing of user personal information, mainly with the presence of personalization that needs this type of information. Also there are many manners to face it, but the Platform for Privacy Preferences (P3P) is one that provides a variable level of privacy for the user’s browsing. However, the P3P only introduces a privacy contract between the site and the user, without guarantees that it will be obeyed by the site. Then a semantic checker can be added to the P3P architecture to compare the contract with the site attitude and to increase the trustworthiness on the P3P contract. Some experiments are accomplished and the results are displayed to show the present situation of the privacy policies of the sites, and we discuss what it implies in the data gathering and what is gained with the use of the semantic checker.5th IFIP International Conference on Network Control & Engineering for QoS, Security and MobilityRed de Universidades con Carreras en Informática (RedUNCI

Privacy support and evaluation on an ontological basis

This work is concerned with user perceived privacy and how clients (which we call data subjects here) can be empowered to control their own data consistently with their own interests. To support building and evaluation of privacy-aware applications, we describe a privacy ontology, how the privacy principles relate to that and how they are influenced by the core concepts as well as by each other. We use this influence of the privacy principles to evaluate the level of privacy for a particular transaction, when applying and extending the core concepts for an application domain