Data degradation to enhance privacy for the Ambient Intelligence

Increasing research in ubiquitous computing techniques towards the development of an Ambient Intelligence raises issues regarding privacy. To gain the required data needed to enable application in this Ambient Intelligence to offer smart services to users, sensors will monitor users' behavior to fill personal context histories. Those context histories will be stored on database/information systems which we consider as honest: they can be trusted now, but might be subject to attacks in the future. Making this assumption implies that protecting context histories by means of access control might be not enough. To reduce the impact of possible attacks, we propose to use limited retention techniques. In our approach, we present applications a degraded set of data with a retention delay attached to it which matches both application requirements and users privacy wishes. Data degradation can be twofold: the accuracy of context data can be lowered such that the less privacy sensitive parts are retained, and context data can be transformed such that only particular abilities for application remain available. Retention periods can be specified to trigger irreversible removal of the context data from the system

Does one trust judgement fit all? Linking theory and empirics

Copyright @ 2010 The Authors. This is the accepted version of the following article: Fisher, J., Van Heerde, J. and Tucker, A. (2010), Does One Trust Judgement Fit All? Linking Theory and Empirics. The British Journal of Politics & International Relations, 12: 161–188, which has been published in final form at http://onlinelibrary.wiley.com/doi/10.1111/j.1467-856X.2009.00401.x/abstract.Few questions in political science have received more attention in recent times than the role of trust in democracy, democratic government and political participation. In Britain this has become a particular concern as levels of democratic engagement in traditional politics have declined, exacerbated by media reports of politicians' untrustworthy behaviour. A common feature of previous empirical work on political trust is that trust is treated as a single theoretical concept. Scholars have assumed that trust operates in a similar fashion across different political institutions—that citizens' trust mechanisms are the same for trusting parliament, the prime minister or the European Union. As a consequence, the operationalisation of trust has generally been through a single measure. In this article we draw on recent research from political theory, where different forms of judgements whether to trust—strategic, moral and deliberative—have been conceptualised, to argue that trust judgements may vary in application and significance depending upon the institution under examination. Using specially designed data sets generated from YouGov's weekly omnibus and the British Election Study's Continuous Monitoring Panel, we operationalise these three forms of trust judgements to examine trust in two British institutions—political parties and politicians. We find, as hypothesised, that different forms of trust judgements are of differing significance depending upon the institution under consideration

Temporal patterns and psychosocial consequences of adolescent help-seeking behaviour

This thesis presented an investigation of adolescent help-seeking behaviour that is likely to inform future studies examining adolescent psychology. This research highlighted family help-seeking can be measured separately from family support, and discussed the role of family help-seeking and support in reducing adverse outcomes (e.g. mental health problems) for adolescents

Exploring personalized life cycle policies

Ambient Intelligence imposes many challenges in protecting people's privacy. Storing privacy-sensitive data permanently will inevitably result in privacy violations. Limited retention techniques might prove useful in order to limit the risks of unwanted and irreversible disclosure of privacy-sensitive data. To overcome the rigidness of simple limited retention policies, Life-Cycle policies more precisely describe when and how data could be first degraded and finally be destroyed. This allows users themselves to determine an adequate compromise between privacy and data retention. However, implementing and enforcing these policies is a difficult problem. Traditional databases are not designed or optimized for deleting data. In this report, we recall the formerly introduced life cycle policy model and the already developed techniques for handling a single collective policy for all data in a relational database management system. We identify the problems raised by loosening this single policy constraint and propose preliminary techniques for concurrently handling multiple policies in one data store. The main technical consequence for the storage structure is, that when allowing multiple policies, the degradation order of tuples will not always be equal to the insert order anymore. Apart from the technical aspects, we show that personalizing the policies introduces some inference breaches which have to be further investigated. To make such an investigation possible, we introduce a metric for privacy, which enables the possibility to compare the provided amount of privacy with the amount of privacy required by the policy

Implanting Life-Cycle Privacy Policies in a Context Database

Ambient intelligence (AmI) environments continuously monitor surrounding individuals' context (e.g., location, activity, etc.) to make existing applications smarter, i.e., make decision without requiring user interaction. Such AmI smartness ability is tightly coupled to quantity and quality of the available (past and present) context. However, context is often linked to an individual (e.g., location of a given person) and as such falls under privacy directives. The goal of this paper is to enable the difficult wedding of privacy (automatically fulfilling users' privacy whishes) and smartness in the AmI. interestingly, privacy requirements in the AmI are different from traditional environments, where systems usually manage durable data (e.g., medical or banking information), collected and updated trustfully either by the donor herself, her doctor, or an employee of her bank. Therefore, proper information disclosure to third parties constitutes a major privacy concern in the traditional studies

Balancing smartness and privacy for the Ambient Intelligence

Ambient Intelligence (AmI) will introduce large privacy risks. Stored context histories are vulnerable for unauthorized disclosure, thus unlimited storing of privacy-sensitive context data is not desirable from the privacy viewpoint. However, high quality and quantity of data enable smartness for the AmI, while less and coarse data benefit privacy. This raises a very important problem to the AmI, that is, how to balance the smartness and privacy requirements in an ambient world. In this article, we propose to give to donors the control over the life cycle of their context data, so that users themselves can balance their needs and wishes in terms of smartness and privacy

Do Loyalty Programs Really Enhance Behavioral Loyalty? An Empirical Analysis Accounting for Self-Selecting Members

One of the pressing issues in marketing is whether loyalty programs really enhance behavioral loyalty. Loyalty program members may have a much higher share-of-wallet at the firm with the loyalty program than non-members have, but this does not necessarily imply that loyalty programs are effective. Loyal customers may select themselves to become members in order to benefit from the program. Since this implies that program membership is endogenous, we estimate models for both the membership decision (using instrumental variables) and for the effect of membership on share-of-wallet, our measure of behavioral loyalty. We use panel data from a representative sample of Dutch households who report their loyalty program memberships for all seven loyalty programs in grocery retailing as well as their expenditures at each of the 20 major supermarket chains. We find a small positive yet significant effect of loyalty program membership on share-of-wallet. This effect is seven times smaller than is suggested by a naïve model that ignores the endogeneity of program membership. The predictive validity of the proposed model is much better than for the naïve model. Our results show that creating loyalty program membership is a crucial step to enhance share-of-wallet, and we provide guidelines how to achieve this.Attraction models;Endogeneity;Grocery retailing;Loyalty programs;Tobit-II model