Why Johnny Fails to Protect his Privacy

Albeit people worldwide cry out for the protection of their privacy, they often fail to successfully protect their private data. Possible reasons for this failure that have been identified in previous research include a lack of knowledge about possible privacy consequences, the negative outcome of a rational cost-benefit analysis, and insufficient ability for protection on the users’ side. However, these findings mainly base on theoretical considerations or results from quantitative studies, and no comprehensive explanation for users’ privacy behavior has been found so far. We thus conducted an interview study with 24 participants to qualitatively investigate what are (1) users’ mental models of privacy consequences, (2) obstacles for privacy protection, and (3) strategies for privacy protection. Our results provide evidence for all possible explanations: We find that most of our participants are indeed unaware of most consequences that could result from not protecting their privacy besides personalized advertisement and financial loss. We also identify several obstacles for privacy protection, such as protection being too much effort, too complicated, users lacking knowledge, or social aspects. Protection strategies mostly base on reducing the amount of data disclosed and most users refrain from using advanced PETs. We further identified additional factors which influence whether people adopt measures to protect their privacy and propose a model which subsumes all factors that are relevant for people’s decision to apply protection measures

Plan Now for Managing Electronic Data and Avoid Tomorrow’s Legal Risks

[Excerpt] In a world where the use of electronic data is rapidly increasing, companies must find ways to manage data now so that they effectively control compliance risks. The proliferation of electronic data is both astonishing and overwhelming. Given the storage power of average computers today, even the most modest mom-and-pop business may have electronic storage capacity equivalent to 2,000 four-drawer file cabinets. The task of managing electronic data is further compounded by the fact that the data is no longer just tangible pieces of paper, but rather are bytes of information that are constantly being edited, changed, and updated from different people and sources. Proper archiving, retention, monitoring, filtering, and encryption of electronic data are no longer optional: they are imperative

GOOGLE DORKING OR LEGAL HACKING: FROM THE CIA COMPROMISE TO YOUR CAMERAS AT HOME, WE ARE NOT AS SAFE AS WE THINK

This article addresses the issue of Google Dorking (“Dorking”): an underestimated, overlooked computer-crime technique utilized by hackers, cyberstalkers, and cybercriminals alike. Google Dorking is the specialized use of the Google Search engine which can be used to uncover sensitive data unintentionally exposed to the public online. Dorking can be beneficial and harmless when used by innocent researchers, journalists, and curious users. But it can be incredibly harmful if utilized by malicious actors. Dorking is behind notorious and infamous computer crimes that appear vastly different on the surface, such as a sextortion case involving over a hundred women including Miss Teen USA, an infamous hack of the Bowman Avenue Dam in New York, an intelligence failure that killed over 30 CIA assets and compromised around 70% of CIA operations internationally, and countless cases where legal officials, celebrities, politicians, families, and the average person alike have fallen victim. Anyone with access to the internet can “Google Dork”; the law currently fails to address the legality of this act or recognize it in the justice system. No one is nearly as safe as they think they are

Towards Enhanced Usability of IT Security Mechanisms - How to Design Usable IT Security Mechanisms Using the Example of Email Encryption

Nowadays, advanced security mechanisms exist to protect data, systems, and networks. Most of these mechanisms are effective, and security experts can handle them to achieve a sufficient level of security for any given system. However, most of these systems have not been designed with focus on good usability for the average end user. Today, the average end user often struggles with understanding and using security mecha-nisms. Other security mechanisms are simply annoying for end users. As the overall security of any system is only as strong as the weakest link in this system, bad usability of IT security mechanisms may result in operating errors, resulting in inse-cure systems. Buying decisions of end users may be affected by the usability of security mechanisms. Hence, software provid-ers may decide to better have no security mechanism then one with a bad usability. Usability of IT security mechanisms is one of the most underestimated properties of applications and sys-tems. Even IT security itself is often only an afterthought. Hence, usability of security mechanisms is often the after-thought of an afterthought. This paper presents some guide-lines that should help software developers to improve end user usability of security-related mechanisms, and analyzes com-mon applications based on these guidelines. Based on these guidelines, the usability of email encryption is analyzed and an email encryption solution with increased usability is presented. The approach is based on an automated key and trust man-agement. The compliance of the proposed email encryption solution with the presented guidelines for usable security mechanisms is evaluated

The Right of Publicity in New York and California: A Critical Analysis

The article provides an analysis of the right of publicity under the state laws of New York and California as of September 2012, focusing on the application of the laws to celebrities and the illegal use of their identities in advertising and trade. The New York right to publicity tort laws reportedly protect a celebrity\u27s name, portrait, and voice from unauthorized use by third parties. The New York case Roberson v. Rochester Folding Box Co. is also mentioned

The Right of Publicity in New York and California: A Critical Analysis

The article provides an analysis of the right of publicity under the state laws of New York and California as of September 2012, focusing on the application of the laws to celebrities and the illegal use of their identities in advertising and trade. The New York right to publicity tort laws reportedly protect a celebrity\u27s name, portrait, and voice from unauthorized use by third parties. The New York case Roberson v. Rochester Folding Box Co. is also mentioned

Conceive and Control: Cultural-Legal Narratives of American Privacy and Reproductive Politics

Law and literature share a foundation in narrative. The literary turn in legal scholarship recognizes that the law itself is a form of narrative, one that simultaneously reflects socio-cultural norms and creates social and political regulations with a complex matrix of power. Cultural narratives from the 1950s to the mid-1970s pertaining to reproductive politics, domesticity, and national identity both produce and are productive of legal rulings that govern and restrict private acts of sexuality and speech. The Supreme Court used cases concerning sex and reproduction to enumerate, explicate, and complicate the right to privacy, which appears nowhere in the U.S. Constitution or the Bill of Rights yet formed perhaps the most crucial legal issue of the second half of the twentieth century. But with the Court’s continuous “refinement” and clarification of the right to privacy, the Court has demonstrated how privacy is a Lyotardian differend which, in dividing the inside from the outside, dismantles the logic of both through deconstruction of the margin. Law-determining rulings protecting this right demonstrate a logical impossibility: the Court has made privacy a “right” in such a way that the conditions for exercising it are subject to state surveillance. To be a subject of the law is to relinquish privacy, and privacy requires that the individual subject him/herself to the law by placing the right to privacy within the public domain. Rules-governed practices are entangled in ways both inextricable and unresolvable with notions of privacy. Legal narratives of the right to privacy, therefore, provide a genealogy of failed supplementation, consistent with an array of cultural narratives reflected in contemporaneous literature, film, drama, and political discourse. The Supreme Court’s continual “refinements” of privacy expose the tenuousness of the authority upon which it is based, with the female body positioned as the site of contradiction upon which narratives of domesticity, sexuality, and subjectivity are made legible