The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election

In the world's largest-ever deployment of online voting, the iVote Internet voting system was trusted for the return of 280,000 ballots in the 2015 state election in New South Wales, Australia. During the election, we performed an independent security analysis of parts of the live iVote system and uncovered severe vulnerabilities that could be leveraged to manipulate votes, violate ballot privacy, and subvert the verification mechanism. These vulnerabilities do not seem to have been detected by the election authorities before we disclosed them, despite a pre-election security review and despite the system having run in a live state election for five days. One vulnerability, the result of including analytics software from an insecure external server, exposed some votes to complete compromise of privacy and integrity. At least one parliamentary seat was decided by a margin much smaller than the number of votes taken while the system was vulnerable. We also found protocol flaws, including vote verification that was itself susceptible to manipulation. This incident underscores the difficulty of conducting secure elections online and carries lessons for voters, election officials, and the e-voting research community

What’s behind the ag-data logo? An examination of voluntary agricultural-data codes of practice

In this article, we analyse agricultural data (ag-data) codes of practice. After the introduction, Part II examines the emergence of ag-data codes of practice and provides two case studies—the American Farm Bureau’s Privacy and Security Principles for Farm Data and New Zealand’s Farm Data Code of Practice—that illustrate that the ultimate aims of ag-data codes of practice are inextricably linked to consent, disclosure, transparency and, ultimately, the building of trust. Part III highlights the commonalities and challenges of ag-data codes of practice. In Part IV several concluding observations are made. Most notably, while ag-data codes of practice may help change practices and convert complex details about ag-data contracts into something tangible, understandable and useable, it is important for agricultural industries to not hastily or uncritically accept or adopt ag-data codes of practice. There needs to be clear objectives, and a clear direction in which stakeholders want to take ag-data practices. In other words, stakeholders need to be sure about what they are trying, and able, to achieve with ag-data codes of practice. Ag-data codes of practice need credible administration, accreditation and monitoring. There also needs to be a way of reviewing and evaluating the codes in a more meaningful way than simple metrics such as the number of members: for example, we need to know something about whether the codes raise awareness and education around data practices, and, perhaps most importantly, whether they encourage changes in attitudes and behaviours around the access to and use of ag-data

Data protection: the challenges facing social networking

The popularity of social networking sites has increased dramatically over the past decade. A recent report indicated that thirty-eight percent of online users have a social networking profile. Many of these social networking site users (SNS users) post or provide personal information over the internet every day. According to the latest OfCom study, the average adult SNS user has profiles on 1.6 sites and most check their profiles at least once every other day. However, the recent rise in social networking activity has opened the door to the misuse and abuse of personal information through identity theft, cyber stalking, and undesirable screenings by prospective employers. Behavioral advertising programs have also misused personal information available on social networking sites. Society is now facing an important question: what level of privacy should be expected and required within the social networking environment

User's Privacy in Recommendation Systems Applying Online Social Network Data, A Survey and Taxonomy

Recommender systems have become an integral part of many social networks and extract knowledge from a user's personal and sensitive data both explicitly, with the user's knowledge, and implicitly. This trend has created major privacy concerns as users are mostly unaware of what data and how much data is being used and how securely it is used. In this context, several works have been done to address privacy concerns for usage in online social network data and by recommender systems. This paper surveys the main privacy concerns, measurements and privacy-preserving techniques used in large-scale online social networks and recommender systems. It is based on historical works on security, privacy-preserving, statistical modeling, and datasets to provide an overview of the technical difficulties and problems associated with privacy preserving in online social networks.Comment: 26 pages, IET book chapter on big data recommender system

Young people's views regarding participation in mental health and wellbeing research through social media

Social media is a central component in the lives of many young people, and provides innovative potential to conduct research among this population. Ethical issues around online research have been subject to much debate, yet young people have seldom been consulted to provide a youth perspective and voice. Eight (8) focus groups involving 48 Grade 9 Western Australian secondary school students aged 13-14 years were held in 2012, to investigate how young people perceive the feasibility and acceptability of social media when used as a research tool to investigate various issues relevant to their mental health and wellbeing. Whilst young people recognise many benefits of researchers using social media in this way, such as its relevance, innovation and accessibility, there were salient issues of privacy, consent, and practicality that require careful negotiation. There is a need for continued exploration and scientific debate of the moral and ethical implications of using social media for research, to help ensure this is employed in an appropriate and effective way that is respectful of and sensitive to the needs and views of young peoplepeer-reviewe

Evaluating global e-government sites: A view using web diagnostics tools

This is the post-print version of the Article. The official published version can be accessed from the link below - Copyright @ 2004 The AuthorsSeveral governments across the world have embraced the digital revolution and continue to take advantage of the information and communication facilities offered by the Internet to offer public services. Conversely, citizens’ awareness and expectations of Internet based online-public-services have also increased in recent times. Although the numbers of the different national e-Government web portals have rapidly increased in the last three years, the success of these portals will largely depend on their accessibility, quality and privacy. This paper reports the results of an evaluative study of a cross-section of e-Government portals from these three perspectives, using a common set of performance metrics and Web diagnostic engines. Results show that not only are there wide variations in the spectrum of information and services provided by these portals, but that significant work still needs to be undertaken in order to make the portals examples of ‘best practice’ e-Government services