Consumer privacy in the era of big data: A survey of smartphone users' concerns

Smartphones increase rapidly and become high-speed mobile data networks progressively appearing everywhere in the recent years. Also, there is a large and ever increasing number of mobile phone applications on the market. In this case, consumer privacy become critically important because sellers might access a large volume of personal information. This paper attempts to identify the consumer privacy and concerns in the context of big data and to explore how consumers’ demographic differences may affect their concerns for information privacy. The smartphone owners’ demographic differences and their concerns over privacy are analyzed, based on a survey of 392 smartphone users in Erzurum. It has been found that consumers’ demographic differences have varying degrees of impact on their concerns for information privacy in the context of big data

Transparent Privacy Control via Static Information Flow Analysis

Abstract A common problem faced by modern mobile-device platforms is that thirdparty applications in the marketplace may leak private information without notifying users. Existing approaches adopted by these platforms provide little information on what applications will do with the private information, failing to effectively assist users in deciding whether to install applications and in controlling their privacy. To address this problem, we propose a transparent privacy control approach, where an automatic static analysis reveals to the user how private information is used inside an application. This flow information provides users with better insights, enabling them to determine when to use anonymized instead of real information, or to force script termination when scripts access private information. To further reduce the user burden in controlling privacy, our approach provides a default setting based on an extended information flow analysis that tracks whether private information is obscured before escaping through output channels. We built our approach into TouchDevelop, a novel application-creation environment that allows users to write application scripts on mobile devices, share them in a web bazaar, and install scripts published by other users. To evaluate our approach, we plan to study a portion of published scripts in order to evaluate the effectiveness and performance of information flow analysis. We also plan to carry out a user survey to evaluate the usability of our privacy control and guide our future design

Regulatory technologies for the study of data and platform power in the app economy

Tracking, the large-scale collection of data about user behaviour, is commonplace in mobile apps. While some see tracking as a necessary evil to making apps available at lower prices by showing users personalised advertising and selling their data to third parties, tracking can also have highly disproportionate effects on the lives of individuals and society as a whole. For example, tracking has significant effects on the rights to privacy and data protection, but also on other fundamental rights, such as the right to non-discrimination (e.g. when data from mobile tracking is used in AI systems, such as targeted ads for job offers) or the right to free and fair elections (e.g. when political microtargeting is used, as in the Brexit vote or the Trump election). This thesis develops and applies techno-legal methods to study choice over app tracking at four levels: the impact of the GDPR (Chapter 4), consent to tracking in apps (Chapter 5), differences between Android and iOS (Chapters 6), and the impact of Apple’s App Tracking Transparency (ATT) framework (Chapter 7). While many previous studies looked at data protection and privacy in apps, few studies analysed tracking over time, took a compliance angle, or looked at iOS apps at scale. Throughout our analysis of apps, we find compliance problems within apps as regards key aspects of US, EU and UK data protection and privacy law, particularly the need to seek consent before tracking. For instance, while user consent is usually required prior to tracking in the EU and UK (under the ePrivacy Directive), our empirical findings suggest that tracking takes place widely and usually without users’ awareness or explicit agreement. This thesis contributes 1) a scalable downloading and analysis framework for iOS and Android privacy and compliance analysis (PlatformControl), 2) an improved understanding of the legal requirements and empirical facts regarding app tracking, 3) a comprehensive database of the relations between companies in the app ecosystem (X-Ray 2020), and 4) an Android app to support the easy and independent analysis of apps’ privacy practices (TrackerControl)

A trust based model for enhanced adoption of diabetes self-management mobile applications

Information technology (IT) trust is an important concept as people today rely more on IT to perform their tasks than before. Extensive research in Information Systems (IS) has explored trust and how it affects clients’ selection of different IT artefacts. Literature found trust to be a key determinant of technology use and an accelerator of understanding user perceptions regarding technology. Users’ perception of a technology’s characteristics influences their initial decision to adopt it; they are less likely to try the technology once they perceive significant risk linked to the technology exploration. The study focused on trust in relation to adoption of mobile applications (apps) for self-management of diabetic treatment regimens. The aim was to identify factors that should be incorporated in these apps to positively influence user perception of trustworthiness for enhanced adoption. According to extant literature, there are a myriad of apps which are available and ready for use, but diabetic patients are not maximising these opportunities to actively participate in managing their conditions. This is in spite of the numerous benefits accruable from using these apps to aid treatment regimens away from clinical settings or with minimal involvement of health personnel. This work is a qualitative study that investigated the reasons behind the low levels of trust in mobile applications for self-management of diabetes. The research design involved a survey and the study employed interviews for primary data collection. Twenty participants were engaged in the intervention. Some of these respondents were diabetic patients on treatment and others were health staff specialising in diabetes treatment. The participants were asked to download and try, for one month or more, the Diabetes:M app from Google play store for android devices or from iTunes for IOS devices. Thereafter, interviews were held with the participants to investigate their perceptions of the diabetes management app. Based on the outcome of the investigation, the researcher put forward a model proposing the attributes of trustworthiness of diabetes self-management mobile apps for enhanced adoption. Research findings showed that the apps for diabetes self-management should be usable, possess sufficient functionalities, give accurate information for decision-making, be reliable, and secure in order to enhance the trust of diabetic patients

Corrélation des profils d'utilisateurs dans les réseaux sociaux : méthodes et applications

The proliferation of social networks and all the personal data that people share brings many opportunities for developing exciting new applications. At the same time, however, the availability of vast amounts of personal data raises privacy and security concerns.In this thesis, we develop methods to identify the social networks accounts of a given user. We first study how we can exploit the public profiles users maintain in different social networks to match their accounts. We identify four important properties – Availability, Consistency, non- Impersonability, and Discriminability (ACID) – to evaluate the quality of different profile attributes to match accounts. Exploiting public profiles has a good potential to match accounts because a large number of users have the same names and other personal infor- mation across different social networks. Yet, it remains challenging to achieve practically useful accuracy of matching due to the scale of real social networks. To demonstrate that matching accounts in real social networks is feasible and reliable enough to be used in practice, we focus on designing matching schemes that achieve low error rates even when applied in large-scale networks with hundreds of millions of users. Then, we show that we can still match accounts across social networks even if we only exploit what users post, i.e., their activity on a social networks. This demonstrates that, even if users are privacy conscious and maintain distinct profiles on different social networks, we can still potentially match their accounts. Finally, we show that, by identifying accounts that correspond to the same person inside a social network, we can detect impersonators.La prolifération des réseaux sociaux et des données à caractère personnel apporte de nombreuses possibilités de développement de nouvelles applications. Au même temps, la disponibilité de grandes quantités de données à caractère personnel soulève des problèmes de confidentialité et de sécurité. Dans cette thèse, nous développons des méthodes pour identifier les différents comptes d'un utilisateur dans des réseaux sociaux. Nous étudions d'abord comment nous pouvons exploiter les profils publics maintenus par les utilisateurs pour corréler leurs comptes. Nous identifions quatre propriétés importantes - la disponibilité, la cohérence, la non-impersonabilite, et la discriminabilité (ACID) - pour évaluer la qualité de différents attributs pour corréler des comptes. On peut corréler un grand nombre de comptes parce-que les utilisateurs maintiennent les mêmes noms et d'autres informations personnelles à travers des différents réseaux sociaux. Pourtant, il reste difficile d'obtenir une précision suffisant pour utiliser les corrélations dans la pratique à cause de la grandeur de réseaux sociaux réels. Nous développons des schémas qui obtiennent des faible taux d'erreur même lorsqu'elles sont appliquées dans les réseaux avec des millions d'utilisateurs. Ensuite, nous montrons que nous pouvons corréler les comptes d'utilisateurs même si nous exploitons que leur activité sur un les réseaux sociaux. Ça sa démontre que, même si les utilisateurs maintient des profils distincts nous pouvons toutefois corréler leurs comptes. Enfin, nous montrons que, en identifiant les comptes qui correspondent à la même personne à l'intérieur d'un réseau social, nous pouvons détecter des imitateurs

Mobile marketing: exploring the new wave of innovation in marketing

As the use of mobile devices among Irish consumers proliferates and becomes ever more\ud integrated within their lifestyles, it is important for Irish managers to understand how they\ud can effectively integrate Mobile Marketing into their overall marketing strategy. The\ud objective of this research was to explore the current use of mobile marketing by Irish\ud businesses and to investigate consumer attitudes towards mobile marketing. This process\ud included a thorough review of Mobile Marketing theory, its application, use and attitudes\ud towards it in order to develop an effective research approach. In-depth interviews, focus\ud groups and online surveys were designed, developed and conducted with managers and\ud consumers and their findings were comprehensively analysed.\ud The findings identify that managers are largely unclear about how they should use Mobile\ud Marketing. There is a lack of structure within organisations in terms of a Mobile Marketing\ud strategy for implementation into the overall marketing strategy. There appears to be very\ud little consumer engagement or interactivity taking place over the mobile medium. Thus\ud consumers have grown to feel generally negative towards Mobile Marketing. The outcome\ud of these findings is presented in the form of a set of guidelines for managers which make a\ud contribution to the literature and to practitioners by encouraging the more considered and\ud strategic use of MM. These guidelines are subject to further testing and refinement

Presentation of self on a decentralised web

Self presentation is evolving; with digital technologies, with the Web and personal publishing, and then with mainstream adoption of online social media. Where are we going next? One possibility is towards a world where we log and own vast amounts of data about ourselves. We choose to share - or not - the data as part of our identity, and in interactions with others; it contributes to our day-to-day personhood or sense of self. I imagine a world where the individual is empowered by their digital traces (not imprisoned), but this is a complex world. This thesis examines the many factors at play when we present ourselves through Web technologies. I optimistically look to a future where control over our digital identities are not in the hands of centralised actors, but our own, and both survey and contribute to the ongoing technical work which strives to make this a reality. Decentralisation changes things in unexpected ways. In the context of the bigger picture of our online selves, building on what we already know about self-presentation from decades of Social Science research, I examine what might change as we move towards decentralisation; how people could be affected, and what the possibilities are for a positive change. Finally I explore one possible way of self-presentation on a decentralised social Web through lightweight controls which allow an audience to set their expectations in order for the subject to meet them appropriately. I seek to acknowledge the multifaceted, complicated, messy, socially-shaped nature of the self in a way that makes sense to software developers. Technology may always fall short when dealing with humanness, but the framework outlined in this thesis can provide a foundation for more easily considering all of the factors surrounding individual self-presentation in order to build future systems which empower participants