Trustworthy Privacy Indicators: Grades, Labels, Certifications, and Dashboards

Despite numerous groups’ efforts to score, grade, label, and rate the privacy of websites, apps, and network-connected devices, these attempts at privacy indicators have, thus far, not been widely adopted. Privacy policies, however, remain long, complex, and impractical for consumers. Communicating in some short-hand form, synthesized privacy content is now crucial to empower internet users and provide them more meaningful notice, as well as nudge consumers and data processors toward more meaningful privacy. Indeed, on the basis of these needs, the National Institute of Standards and Technology and the Federal Trade Commission in the United States, as well as lawmakers and policymakers in the European Union, have advocated for the development of privacy indicator systems. Efforts to develop privacy grades, scores, labels, icons, certifications, seals, and dashboards have wrestled with various deficiencies and obstacles for the wide-scale deployment as meaningful and trustworthy privacy indicators. This paper seeks to identify and explain these deficiencies and obstacles that have hampered past and current attempts. With these lessons, the article then offers criteria that will need to be established in law and policy for trustworthy indicators to be successfully deployed and adopted through technological tools. The lack of standardization prevents user-recognizability and dependability in the online marketplace, diminishes the ability to create automated tools for privacy, and reduces incentives for consumers and industry to invest in privacy indicators. Flawed methods in selection and weighting of privacy evaluation criteria and issues interpreting language that is often ambiguous and vague jeopardize success and reliability when baked into an indicator of privacy protectiveness or invasiveness. Likewise, indicators fall short when those organizations rating or certifying the privacy practices are not objective, trustworthy, and sustainable. Nonetheless, trustworthy privacy rating systems that are meaningful, accurate, and adoptable can be developed to assure effective and enduring empowerment of consumers. This paper proposes a framework using examples from prior and current attempts to create privacy indicator systems in order to provide a valuable resource for present-day, real world policymaking. First, privacy rating systems need an objective and quantifiable basis that is fair and accountable to the public. Unlike previous efforts through industry self-regulation, if lawmakers and regulators establish standardized evaluation criteria for privacy practices and provide standards for how these criteria should be weighted in scoring techniques, the rating system will have public accountability with an objective, quantifiable basis. If automated rating mechanisms convey to users accepted descriptions of data practices or generate scores from privacy statements based on recognized criteria and weightings rather than from deductive conclusions, then this reduces interpretive issues with any privacy technology tool. Second, rating indicators should align with legal principles of contract interpretation and the existing legal defaults for the interpretation of silence in privacy policy language. Third, a standardized system of icons, along with guidelines as to where these should be located, will reduce the education and learning curve now necessary to understand and benefit from many different, inconsistent privacy indicator labeling systems. And lastly, privacy rating evaluators must be impartial, honest, autonomous, and financially and operationally durable in order to be successful

Attack-Surface Metrics, OSSTMM and Common Criteria Based Approach to “Composable Security” in Complex Systems

In recent studies on Complex Systems and Systems-of-Systems theory, a huge effort has been put to cope with behavioral problems, i.e. the possibility of controlling a desired overall or end-to-end behavior by acting on the individual elements that constitute the system itself. This problem is particularly important in the “SMART” environments, where the huge number of devices, their significant computational capabilities as well as their tight interconnection produce a complex architecture for which it is difficult to predict (and control) a desired behavior; furthermore, if the scenario is allowed to dynamically evolve through the modification of both topology and subsystems composition, then the control problem becomes a real challenge. In this perspective, the purpose of this paper is to cope with a specific class of control problems in complex systems, the “composability of security functionalities”, recently introduced by the European Funded research through the pSHIELD and nSHIELD projects (ARTEMIS-JU programme). In a nutshell, the objective of this research is to define a control framework that, given a target security level for a specific application scenario, is able to i) discover the system elements, ii) quantify the security level of each element as well as its contribution to the security of the overall system, and iii) compute the control action to be applied on such elements to reach the security target. The main innovations proposed by the authors are: i) the definition of a comprehensive methodology to quantify the security of a generic system independently from the technology and the environment and ii) the integration of the derived metrics into a closed-loop scheme that allows real-time control of the system. The solution described in this work moves from the proof-of-concepts performed in the early phase of the pSHIELD research and enrich es it through an innovative metric with a sound foundation, able to potentially cope with any kind of pplication scenarios (railways, automotive, manufacturing, ...)

The Concept of Neighbourhood in Contemporary Residential Environments: An Investigation of Occupants' Perception

The dwelling occupant satisfaction is related to the efficiency of the combination of numerous factors stemming from the qualitative and quantitative aspects of the various components of the residential environment. Those components exist at a whole scale ranging from an interior space within the housing unit to the whole urban environment. This study aimed to explore the immediate social and physical environment around the dwelling unit, which is often referred to as “neighbourhood”. In addition to the physical space that the concept reminds, the term neighbourhood is also used to describe a socially distinguished area depending on residents’ perception. In the traditional sense, this physical space is outlined with virtual boundaries that are traced differently in the minds of each individual according to the life style and type of social interaction and the type of use of the physical environment. The perceptions of residents’ in relation with this neighbourhood area are also affected with both physical and social characteristics of the concerned environment. This paper aimed to investigate the situation of the neighbourhood concept in contemporary urban residential environments by making use of the data obtained from two distinct independent housing researches conducted in Turkey. The analysis and evaluation of the findings together with an overview of the literature reflecting the traditional and contemporary neighbourhood concepts in Turkish residential environments, reveals that changes are about to occur in the definition, creation and experiencing of the neighbourhood issue. The evaluation of the literature, manifestos and approaches of most housing institutions and policy builders in the contemporary world expose a rather increasing interest to the issue of neighbourhood as the concept constitutes an important component of residential satisfaction. The findings of this study indicate that the neighbourhood feeling in contemporary urban environments is now less dependent on the sharing of common close physical residential environment due to housing initiatives driven by liberal / random land use options, financial viability and profitability. The benefits expected of the use of the close physical environment is disregarded due to possibilities obtained with increasing mobility and transportation facilities. The remote activities and life styles of dwelling occupants become the basic factors that shape the social environment. The segregation of the close social environment from the close physical environment is a major source for residential environment dissatisfaction. A conclusion drawn from the findings is that the physical properties of the close built environment may act as sources of dissatisfaction if the residents’ perception of neighbourhood notion is disregarded during residential environment design. Hints to increase dwelling occupants’ satisfaction from the residential environment lies in redefining the neighbourhood concept through creating adequate, functioning, distinct, value added common spaces that ease admittance and social interaction. However, those spaces shall be a part of the urban tissue. The long-term effects of physical segregation, clustering of the residential environments, creating of sprawl type settlements shall be re-evaluated

Lessons learned from evaluating eight password nudges in the wild

Background. The tension between security and convenience, when creating passwords, is well established. It is a tension that often leads users to create poor passwords. For security designers, three mitigation strategies exist: issuing passwords, mandating minimum strength levels or encouraging better passwords. The first strategy prompts recording, the second reuse, but the third merits further investigation. It seemed promising to explore whether users could be subtly nudged towards stronger passwords.Aim. The aim of the study was to investigate the influence of visual nudges on self-chosen password length and/or strength.Method. A university application, enabling students to check course dates and review grades, was used to support two consecutive empirical studies over the course of two academic years. In total, 497 and 776 participants, respectively, were randomly assigned either to a control or an experimental group. Whereas the control group received no intervention, the experimental groups were presented with different visual nudges on the registration page of the web application whenever passwords were created. The experimental groups’ password strengths and lengths were then compared that of the control group.Results. No impact of the visual nudges could be detected, neither in terms of password strength nor length. The ordinal score metric used to calculate password strength led to a decrease in variance and test power, so that the inability to detect an effect size does not definitively indicate that such an effect does not exist.Conclusion. We cannot conclude that the nudges had no effect on password strength. It might well be that an actual effect was not detected due to the experimental design choices. Another possible explanation for our result is that password choice is influenced by the user’s task, cognitive budget, goals and pre-existing routines. A simple visual nudge might not have the power to overcome these forces. Our lessons learned therefore recommend the use of a richer password strength quantification measure, and the acknowledgement of the user’s context, in future studies

Global Innovation Policy Index

Ranks fifty-five nations' strategies to boost innovation capacity: policies on trade, scientific research, information and communications technologies, tax, intellectual property, domestic competition, government procurement, and high-skill immigration

The sweet spot in sustainability: a framework for corporate assessment in sugar manufacturing

The assessment of corporate sustainability has become an increasingly important topic, both within academia and in industry. For manufacturing companies to conform to their commitments to sustainable development, a standard and reliable measurement framework is required. There is, however, a lack of sector-specific and empirical research in many areas, including the sugar industry. This paper presents an empirically developed framework for the assessment of corporate sustainability within the Thai sugar industry. Multiple case studies were conducted, and a survey using questionnaires was also employed to enhance the power of generalisation. The developed framework is an accurate and reliable measurement instrument of corporate sustainability, and guidelines to assess qualitative criteria are put forward. The proposed framework can be used for a company’s self-assessment and for guiding practitioners in performance improvement and policy decision-maki

The Concept of Neighbourhood in Contemporary Residential Environments: An Investigation of Occupants' Perception

The dwelling occupant satisfaction is related to the efficiency of the combination of numerous factors stemming from the qualitative and quantitative aspects of the various components of the residential environment. Those components exist at a whole scale ranging from an interior space within the housing unit to the whole urban environment. This study aimed to explore the immediate social and physical environment around the dwelling unit, which is often referred to as “neighbourhood”. In addition to the physical space that the concept reminds, the term neighbourhood is also used to describe a socially distinguished area depending on residents’ perception. In the traditional sense, this physical space is outlined with virtual boundaries that are traced differently in the minds of each individual according to the life style and type of social interaction and the type of use of the physical environment. The perceptions of residents’ in relation with this neighbourhood area are also affected with both physical and social characteristics of the concerned environment. This paper aimed to investigate the situation of the neighbourhood concept in contemporary urban residential environments by making use of the data obtained from two distinct independent housing researches conducted in Turkey. The analysis and evaluation of the findings together with an overview of the literature reflecting the traditional and contemporary neighbourhood concepts in Turkish residential environments, reveals that changes are about to occur in the definition, creation and experiencing of the neighbourhood issue. The evaluation of the literature, manifestos and approaches of most housing institutions and policy builders in the contemporary world expose a rather increasing interest to the issue of neighbourhood as the concept constitutes an important component of residential satisfaction. The findings of this study indicate that the neighbourhood feeling in contemporary urban environments is now less dependent on the sharing of common close physical residential environment due to housing initiatives driven by liberal / random land use options, financial viability and profitability. The benefits expected of the use of the close physical environment is disregarded due to possibilities obtained with increasing mobility and transportation facilities. The remote activities and life styles of dwelling occupants become the basic factors that shape the social environment. The segregation of the close social environment from the close physical environment is a major source for residential environment dissatisfaction. A conclusion drawn from the findings is that the physical properties of the close built environment may act as sources of dissatisfaction if the residents’ perception of neighbourhood notion is disregarded during residential environment design. Hints to increase dwelling occupants’ satisfaction from the residential environment lies in redefining the neighbourhood concept through creating adequate, functioning, distinct, value added common spaces that ease admittance and social interaction. However, those spaces shall be a part of the urban tissue. The long-term effects of physical segregation, clustering of the residential environments, creating of sprawl type settlements shall be re-evaluated.Housing, Residential Environment, Neighbourhood, Occupant Satisfaction