Mobile Privacy and Business-to-Platform Dependencies: An Analysis of SEC Disclosures

This Article systematically examines the dependence of mobile apps on mobile platforms for the collection and use of personal information through an analysis of Securities and Exchange Commission (SEC) filings of mobile app companies. The Article uses these disclosures to find systematic evidence of how app business models are shaped by the governance of user data by mobile platforms, in order to reflect on the role of platforms in privacy regulation more generally. The analysis of SEC filings documented in the Article produces new and unique insights into the data practices and data-related aspects of the business models of popular mobile apps and shows the value of SEC filings for privacy law and policy research more generally. The discussion of SEC filings and privacy builds on regulatory developments in SEC disclosures and cybersecurity of the last decade. The Article also connects to recent regulatory developments in the U.S. and Europe, including the General Data Protection Regulation, the proposals for a new ePrivacy Regulation and a Regulation of fairness in business-to-platform relations

Diversity As A Trade Secret

When we think of trade secrets, we often think of famous examples such as the Coca-Cola formula, Google’s algorithm, or McDonald’s special sauce used on the Big Mac. However, companies have increasingly made the novel argument that diversity data and strategies are protected trade secrets. This may sound like an unusual, even suspicious, legal argument. Many of the industries that dominate the economy in wealth, status, and power continue to struggle with a lack of diversity. Various stakeholders have mobilized to improve access and equity, but there is an information asymmetry that makes this pursuit daunting. When potential plaintiffs and other diversity advocates request workforce statistics and related employment information, many companies have responded with virulent attempts to maintain secrecy, including the use of trade secret protection. In this Article, I use the technology industry as an example to examine the trending legal argument of treating diversity as a trade secret. I discuss how companies can use this tactic to hide gender and race disparities and interfere with the advancement of civil rights law and workplace equity. I argue that instead of permitting companies to hide information, we should treat diversity data and strategies as public resources. This type of open model will advance the goals of equal opportunity law by raising awareness of inequalities and opportunities, motivating employers to invest in effective practices, facilitating collaboration on diversity goals, fostering innovation, and increasing accountability for action and progress

Modeling profile-attribute disclosure in online social networks from a game theoretic perspective

Privacy settings are a crucial part of any online social network as users are confronted with determining which and how many profile attributes to disclose. Revealing more attributes increases users chances of finding friends and yet leaves users more vulnerable to dangers such as identity theft. In this dissertation, we consider the problem of finding the optimal strategy for the disclosure of user attributes in social networks from a game-theoretic perspective. We model the privacy settings\u27 dynamics of social networks with three game-theoretic approaches. In a two-user game, each user selects an ideal number of attributes to disclose to each other according to a utility function. We extend this model with a basic evolutionary game to observe how much of their profiles users are comfortable with revealing, and how this changes over time. We then consider a weighted evolutionary game to investigate the influence of attribute importance, benefit, risk and the network topology on the users\u27 attribute disclosure behavior. The two-user game results show how one user\u27s privacy settings are influenced by the settings of another user. The basic evolutionary game results show that the higher the motivation to reveal attributes, the longer users take to stabilize their privacy settings. Results from the weighted evolutionary game show that: irrespective of risk, users are more likely to reveal their most important attributes than their least important. attributes; when the users\u27 range of influence is increased, the risk factor plays a smaller role in attribute disclosure; the network topology exhibits a considerable effect on the privacy in an environment with risk. Motivation and risk are identified as important factors in determining how efficiently stability of privacy settings is achieved and what settings users will adopt given different parameters. Additionally, the privacy settings are affected by the network topology and the importance users attach to specific attributes. Our models indicate that users of social networks eventually adopt profile settings that provide the highest possible privacy if there is any risk, despite how high the motivation to reveal attributes is. The provided models and the gained results are particularly important to social network designers and providers because they enable us to understand the influence of different factors on users\u27 privacy choices

Privacy for Social Networking

This article begins by considering the emergence of social networks as a major medium of communication and posits that the success of social networks is attributable to their users\u27 willingness to share their information. Next, the article considers the expectation of privacy for users of social networks and whether such expectation is reasonable. In particular, the article discusses the privacy policies and legal terms governing the use of social networks, and tracks the evolution of such terms and policies as they slowly whittle away user control over time. The article then discusses public outcry regarding the disclosure of information contrary to users\u27 expectations of privacy. Specifically, the article posits that constantly changing privacy controls has resulted in users inadvertently transforming information which they meant to keep private into publicly available information. The article thereafter examines recognition of privacy issues arising from social network sites by privacy advocates and Congress alike as a result of social media becoming a primary method of communication. While the author commends such efforts, the article posits they do not address many loopholes with respect to regulating behavior of social network sites. These loopholes would be adequately addressed by tort because liability in tort would provide incentives to discontinue their policy change practices through liability for behavior and compensation for ensuing harm

A Decentralised Digital Identity Architecture

Current architectures to validate, certify, and manage identity are based on centralised, top-down approaches that rely on trusted authorities and third-party operators. We approach the problem of digital identity starting from a human rights perspective, with a primary focus on identity systems in the developed world. We assert that individual persons must be allowed to manage their personal information in a multitude of different ways in different contexts and that to do so, each individual must be able to create multiple unrelated identities. Therefore, we first define a set of fundamental constraints that digital identity systems must satisfy to preserve and promote privacy as required for individual autonomy. With these constraints in mind, we then propose a decentralised, standards-based approach, using a combination of distributed ledger technology and thoughtful regulation, to facilitate many-to-many relationships among providers of key services. Our proposal for digital identity differs from others in its approach to trust in that we do not seek to bind credentials to each other or to a mutually trusted authority to achieve strong non-transferability. Because the system does not implicitly encourage its users to maintain a single aggregated identity that can potentially be constrained or reconstructed against their interests, individuals and organisations are free to embrace the system and share in its benefits.Comment: 30 pages, 10 figures, 3 table

Effects of self- and partner’s online disclosure on relationship intimacy and satisfaction

Most research on the effects of disclosure on close relationships have been done using offline disclosure. However, disclosure done online has disparate features and thus its effects on relationships may also differ. In five studies and using primes emulating Facebook timelines and messages, we compared the effects of disclosure depth on intimacy and satisfaction in online vs. offline contexts, in romantic vs. friend relationships, and with differing content (self- vs. partner-focused). After demonstrating consistent differences, we examined one mechanism that accounted for the differential effects of online vs. offline disclosure in romantic relationships: perceived inclusivity of the recipients. Results revealed that greater disclosure was associated with higher relational intimacy and satisfaction when done offline (Studies 1 and 4), and lower intimacy and satisfaction when done online (Studies 1–4), in both the discloser (Study 1) and his or her partner (Studies 2–4). The negative association between online disclosure and intimacy was present in romantic relationships, but not in friendships (Study 1). Importantly, this effect only appeared when perceived inclusivity of recipients was high (Study 4). Focusing the online disclosure content on the partner/ relationship dissipated its negative effects (Study 5). Together, these studies extend further knowledge on how the effects of disclosure are contextualized, and suggest that disclosure done publicly online may be detrimental to romantic relationships

Current Approaches to Terrorist and Violent Extremist Content Among the Global Top 50 Online Content-sharing Services

This report provides an overview of the policies and procedures for addressing terrorist and violent extremist content (TVEC) across the global top 50 online content sharing services, with a focus on transparency. It finds that only five of the 50 services issue transparency reports specifically about TVEC, and these five services take different approaches in their reports. These services use different definitions of terrorism and violent extremism, report different types of information, use different measurement and estimation methods, and issue reports with varying frequency and on different timetables. The low number of reporting companies and the variation in what, when and how they report make it impossible to get a clear and complete cross-industry perspective on the efficacy of companies’ measures to combat TVEC online and how they may affect human rights. This situation could be improved if more companies issued TVEC transparency reports and included more comparable information