Privacy-aware Linked Widgets

The European General Data Protection Regulation (GDPR) brings new challenges for companies, who must demonstrate that their systems and business processes comply with usage constraints specified by data subjects. However, due to the lack of standards, tools, and best practices, many organizations struggle to adapt their infrastructure and processes to ensure and demonstrate that all data processing is in compliance with users' given consent. The SPECIAL EU H2020 project has developed vocabularies that can formally describe data subjects' given consent as well as methods that use this description to automatically determine whether processing of the data according to a given policy is compliant with the given consent. Whereas this makes it possible to determine whether processing was compliant or not, integration of the approach into existing line of business applications and ex-ante compliance checking remains an open challenge. In this short paper, we demonstrate how the SPECIAL consent and compliance framework can be integrated into Linked Widgets, a mashup platform, in order to support privacy-aware ad-hoc integration of personal data. The resulting environment makes it possible to create data integration and processing workflows out of components that inherently respect usage policies of the data that is being processed and are able to demonstrate compliance. We provide an overview of the necessary meta data and orchestration towards a privacy-aware linked data mashup platform that automatically respects subjects' given consents. The evaluation results show the potential of our approach for ex-ante usage policy compliance checking within the Linked Widgets Platforms and beyond

On the Privacy Practices of Just Plain Sites

In addition to visiting high profile sites such as Facebook and Google, web users often visit more modest sites, such as those operated by bloggers, or by local organizations such as schools. Such sites, which we call "Just Plain Sites" (JPSs) are likely to inadvertently represent greater privacy risks than high profile sites by virtue of being unable to afford privacy expertise. To assess the prevalence of the privacy risks to which JPSs may inadvertently be exposing their visitors, we analyzed a number of easily observed privacy practices of such sites. We found that many JPSs collect a great deal of information from their visitors, share a great deal of information about their visitors with third parties, permit a great deal of tracking of their visitors, and use deprecated or unsafe security practices. Our goal in this work is not to scold JPS operators, but to raise awareness of these facts among both JPS operators and visitors, possibly encouraging the operators of such sites to take greater care in their implementations, and visitors to take greater care in how, when, and what they share.Comment: 10 pages, 7 figures, 6 tables, 5 authors, and a partridge in a pear tre

Content repositories and social networking : can there be synergies?

This paper details the novel application of Web 2.0 concepts to current services offered to Social Scientists by the ReDReSS project, carried out by the Centre for e-Science at Lancaster University. We detail plans to introduce Social Bookmarking and Social Networking concepts into the repository software developed by the project. This will result in the improved discovery of e-Science concepts and training to Social Scientists and allow for much improved linking of resources in the repository. We describe plans that use Social Networking and Social Bookmarking concepts, using Open Standards, which will promote collaboration between researchers by using information gathered on user’s use of the repository and information about the user. This will spark collaborations that would not normally be possible in the academic repository context

ADsafety: Type-Based Verification of JavaScript Sandboxing

Web sites routinely incorporate JavaScript programs from several sources into a single page. These sources must be protected from one another, which requires robust sandboxing. The many entry-points of sandboxes and the subtleties of JavaScript demand robust verification of the actual sandbox source. We use a novel type system for JavaScript to encode and verify sandboxing properties. The resulting verifier is lightweight and efficient, and operates on actual source. We demonstrate the effectiveness of our technique by applying it to ADsafe, which revealed several bugs and other weaknesses.Comment: in Proceedings of the USENIX Security Symposium (2011

Data Management Roles for Librarians

In this Chapter:● Looking at data through different lenses● Exploring the range of data use and data support ● Using data as the basis for informed decision making ● Treating data as a legitimate scholarly research produc

The Future of Personalisation at News Websites: Lessons from a Longitudinal Study

This paper tracks the recent history of personalization at national news websites in the United Kingdom and United States, allowing an analysis to be made of the reasons for and implications of the adoption of this form of adaptive interactivity. Using three content surveys conducted over three and a half years, the study records—at an unprecedented level of detail—the range of personalization features offered by contemporary news websites, and demonstrates how news organizations increasingly rely on software algorithms to predict readers’ content preferences. The results also detail how news organizations’ deployment of personalization on mobile devices, and in conjunction with social networking platforms, is still at an early stage. In addressing the under-researched but important—and increasingly prevalent—phenomenon of personalization, this paper contributes to debates on journalism’s future funding, transparency, and societal benefits

CoolBeans: Using Technology to Encourage Real-World Informal Interaction

Informal interaction is considered an important part of the work ethic and process in business and academia. We found that the new facilities for a computer science department at the University of Southampton were not conducive to this, and designed a technology-based solution to improve social awareness and encourage interaction using a presence-aware application and web interface. Users could use the system to find out who was taking a break and to invite others to do so. Initial results suggest that the project both encouraged social activity and became a popular fixture in the area on which efforts were focused