A design theory for transparency of information privacy practices

The rising diffusion of information systems (IS) throughout society poses an increasingly serious threat to privacy as a social value. One approach to alleviating this threat is to establish transparency of i nformation privacy practices (TIPP) so that consumers can better understand how their information is processed. However, the design of transparency artifacts (eg, privacy notices) has clearly not followed this approach, given the ever-increasing volume of information processing. Hence, consumers face a situation where they cannot see the ‘forest for the trees’ when aiming to ascertain whether information processing meets their privacy expectations. A key problem is that overly comprehensive information presentation results in information overload and is thus counterproductive for establishing TIPP. We depart from the extant design logic of transparency artifacts and develop a theoretical foundation (TIPP theory) for transparency artifact designs useful for establishing TIPP from the perspective of privacy as a social value. We present TIPP theory in two parts to capture the sociotechnical interplay. The first part translates abstract knowledge on the IS artifact and privacy into a description of social subsystems of transparency artifacts, and the second part conveys prescriptive design knowledge in form of a corresponding IS design theory. TIPP theory establishes a bridge from the complexity of the privacy concept to a metadesign for transparency artifacts that is useful to establish TIPP in any IS. In essence, transparency artifacts must accomplish more than offering comprehensive information; they must also be adaptive to the current information needs of consumers

Architecture and Design of a Patient-Friendly eHealth Web Application: Patient Information Leaflets and Supplementary Services

Patients benefit from information on pharmaceuticals and most patients are willing to read patient information leaflets for their pharmaceuticals. However, the quality of written information on pharmaceuticals leaves room for improvement. To mend insufficiencies of patient information leaflets, an alternative approach for provision of information on pharmaceuticals is illustrated. We present the design and architecture of a web application that provides information in patient information leaflets as well as supplementary services. With a web application supplementary services that cannot as easily be realised with patient information leaflets can be offered. An open-source framework with a robust architecture for rapid application development serves as a foundation of the web application. In combination with the proposed design and architecture, this leads to an extensible, reliable, scalable, customisable and patient-friendly web application with high availability

From Hype to Reality: A Taxonomy of Blockchain Applications

Blockchain is a decentralized digital ledger that challenges existing business models and theories by shifting the trust from institutions towards algorithms. However, the number of successfully developed blockchain-based systems remains low. This points towards a research gap between blockchain applications and technical blockchain characteristics. We answer the research question: What application areas fit blockchains with what technical characteristics? We develop a taxonomy, which comprises six blockchain application areas that are classified across eight technical dimensions. We demonstrate the utility of the taxonomy on ninety-nine blockchain-based systems. We contribute to the scientific literature by delimiting blockchain application areas, identifying new technical dimensions, and linking application and technical knowledge on blockchain to guide development of blockchain-based systems. For practitioners, we present an overview of current blockchain-based systems

ONE SIZE DOES NOT FIT ALL: INFORMATION SECURITY AND INFORMATION PRIVACY FOR GENOMIC CLOUD SERVICES

Most extant genomic cloud services strive to maximize information security and information privacy protection thereby neglecting the diversity of information practices in genomic research. Such a one-size-fits-all approach is not expedient and decreases the overall system usability and performance. While there is growing awareness that employed information security and information privacy measures must adapt to information security and information privacy requirements inherent to infor-mation practices, limited design knowledge exists on how to actually design genomic cloud services capable to account for differences in information practices in genomic research. In this research-in-progress, we propose a model for genomic cloud services that dynamically adapt to the diverse infor-mation security and information privacy requirements in genomic research. Our research contributes to the scientific knowledge base by capturing design knowledge for secure, privacy-preserving, and usable genomic cloud services, accounting for conflicts between information security and information privacy, and fostering understanding of information privacy as a context-sensitive construct

How Do Patients Expect Apps to Provide Drug Information?

Patients use various sources to obtain information on pharmaceutical drugs. Mobile health care applications (apps) providing drug information to users are increasingly made available and of rising importance for the health care domain. However, apps usually offer functionality that only medical professionals or vendors consider useful for patients, although their considerations are not likely to meet patient expectations. In our exploratory study, we identify 33 features patients expect in apps for drug information provision with interviews and empirically assess their perceived importance in an online survey. Results indicate that patients desire personalization features for provided information but not for the app interface. This work contributes to research and practice by identifying and empirically ranking drug information provision features patients find important. We furthermore establish a foundation for future research on effective mobile drug information provision and provide insights for practice on development of patient-centered mobile health apps

Assessment Instrument for Privacy Policy Content: Design and Evaluation of PPC

Privacy policies are notices posted by providers and intended to inform users about privacy practices. However, extant research shows that privacy policies are often of poor quality and do not address users’ concerns. In this paper, we design and develop PPC – a privacy policy content assessment instrument to support assessments of whether offered privacy policy content provides comprehensive information addressing users’ privacy concerns. PPC is developed based on extant research, standards, and guidelines. Application of PPC to 62 privacy policies of mHealth apps available in iOS and Android demonstrates utility of PPC and suitability of PPC as assessment instrument for privacy policy content. Contributions of our research are twofold: For research, we conduct improvement design science research contributing to design theory on assessment of privacy policy content. For practice, potential applications of PPC are support in privacy policy development and identification of deficiencies in offered privacy policies. In addition, through evaluation of PPC, we reveal an insufficient current state of mHealth app privacy policy content

No Risk, More Fun! Automating Breach of Confidentiality Risk Assessment for Android Mobile Health Applications

With the rapidly rising number of mobile health (mHealth) applications (apps), it is unfeasible to manually review mHealth apps for information privacy risks. One salient information privacy risk of mHealth apps are confidentiality breaches. We explore whether and how static code analysis is a feasible technology for app review automation. Evaluation of our research prototype shows that, on average, our prototype detected one breach of confidentiality risk more than human reviewers. Contributions are the demonstration that static code analysis is a feasible technology for detection of confidentiality breaches in mHealth apps, the derivation of eight generic design patterns for confidentiality breach risk assessments, and the identification of architectural challenges that need to be resolved for wide-spread dissemination of breach of confidentiality risk assessment tools. In terms of effectiveness, humans still outperform computers. However, we build a foundation for leveraging computation power to scale up breach of confidentiality risk assessments

Architecture Matters: Investigating the Influence of Differential Privacy on Neural Network Design

One barrier to more widespread adoption of differentially private neural networks is the entailed accuracy loss. To address this issue, the relationship between neural network architectures and model accuracy under differential privacy constraints needs to be better understood. As a first step, we test whether extant knowledge on architecture design also holds in the differentially private setting. Our findings show that it does not; architectures that perform well without differential privacy, do not necessarily do so with differential privacy. Consequently, extant knowledge on neural network architecture design cannot be seamlessly translated into the differential privacy context. Future research is required to better understand the relationship between neural network architectures and model accuracy to enable better architecture design choices under differential privacy constraints

What Does Not Fit Can be Made to Fit! Trade-Offs in Distributed Ledger Technology Designs

Distributed ledger technology (DLT), including blockchain, enables secure processing of transactions between untrustworthy parties in a decentralized system. However, DLT is available in different designs that exhibit diverse characteristics. Moreover, DLT characteristics have complementary and conflicting interdependencies. Hence, there will never be an ideal DLT design for all DLT use cases; instead, DLT implementations need to be configured to contextual requirements. Successful DLT configuration requires, however, a sound understanding of DLT characteristics and their interdependencies. In this manuscript, we review DLT characteristics and organize them into six groups. Furthermore, we condense interdependencies of DLT characteristics into trade-offs that should be considered for successful deployment of DLT. Finally, we consolidate our findings into DLT archetypes for common design objectives, such as security, usability, or performance. Our work makes extant DLT research more transparent and fosters understanding of interdependencies and trade-offs between DLT characteristics

Trade-offs between Distributed Ledger Technology Characteristics

When developing peer-to-peer applications on distributed ledger technology (DLT), a crucial decision is the selection of a suitable DLT design (e.g., Ethereum), because it is hard to change the underlying DLT design post hoc. To facilitate the selection of suitable DLT designs, we review DLT characteristics and identify trade-offs between them. Furthermore, we assess how DLT designs account for these trade-offs and we develop archetypes for DLT designs that cater to specific requirements of applications on DLT. The main purpose of our article is to introduce scientific and practical audiences to the intricacies of DLT designs and to support development of viable applications on DLT