On the Privacy Practices of Just Plain Sites

In addition to visiting high profile sites such as Facebook and Google, web users often visit more modest sites, such as those operated by bloggers, or by local organizations such as schools. Such sites, which we call "Just Plain Sites" (JPSs) are likely to inadvertently represent greater privacy risks than high profile sites by virtue of being unable to afford privacy expertise. To assess the prevalence of the privacy risks to which JPSs may inadvertently be exposing their visitors, we analyzed a number of easily observed privacy practices of such sites. We found that many JPSs collect a great deal of information from their visitors, share a great deal of information about their visitors with third parties, permit a great deal of tracking of their visitors, and use deprecated or unsafe security practices. Our goal in this work is not to scold JPS operators, but to raise awareness of these facts among both JPS operators and visitors, possibly encouraging the operators of such sites to take greater care in their implementations, and visitors to take greater care in how, when, and what they share.Comment: 10 pages, 7 figures, 6 tables, 5 authors, and a partridge in a pear tre

"The dearest of our possessions": applying Floridi's information privacy concept in models of information behavior and information literacy

This conceptual paper argues for the value of an approach to privacy in the digital information environment informed by Luciano Floridi's philosophy of information and information ethics. This approach involves achieving informational privacy, through the features of anonymity and obscurity, through an optimal balance of ontological frictions. This approach may be used to modify models for information behavior and for information literacy, giving them a fuller and more effective coverage of privacy issues in the infosphere. For information behavior, the Information Seeking and Communication Model, and the Information Grounds conception, are most appropriate for this purpose. For information literacy, the metaliteracy model, using a modification a privacy literacy framework, is most suitable

Regulating for Responsibility: Reputation and Social Media

The framework brought forward by the United Kingdom's Defamation Act 2013 underlines a traditional hierarchy of expression in which news media are viewed as high-level speech. Although of a different form, social media are a dominant means of expression. The current study explores the rationale for a more robust and forceful discussion of responsibility in speech on social media platforms. The underlying premise here is that speech should be viewed as a qualified good and that a more appropriate paradigm is one found in the phrase ‘freedom to participate’

Distilling Privacy Requirements for Mobile Applications

As mobile computing applications have become commonplace, it is increasingly important for them to address end-users’ privacy requirements. Privacy requirements depend on a number of contextual socio-cultural factors to which mobility adds another level of contextual variation. However, traditional requirements elicitation methods do not sufficiently account for contextual factors and therefore cannot be used effectively to represent and analyse the privacy requirements of mobile end users. On the other hand, methods that do investigate contextual factors tend to produce data that does not lend itself to the process of requirements extraction. To address this problem we have developed a Privacy Requirements Distillation approach that employs a problem analysis framework to extract and refine privacy requirements for mobile applications from raw data gathered through empirical studies involving end users. Our approach introduces privacy facets that capture patterns of privacy concerns which are matched against the raw data. We demonstrate and evaluate our approach using qualitative data from an empirical study of a mobile social networking application

Privacy in crowdsourcing:a systematic review

The advent of crowdsourcing has brought with it multiple privacy challenges. For example, essential monitoring activities, while necessary and unavoidable, also potentially compromise contributor privacy. We conducted an extensive literature review of the research related to the privacy aspects of crowdsourcing. Our investigation revealed interesting gender differences and also differences in terms of individual perceptions. We conclude by suggesting a number of future research directions.</p

Media, Capabilities, and Justification

In this paper, I evaluate the ‘capability approach’ developed by Amartya Sen and Martha Nussbaum as a normative perspective for critical media research. The concept of capabilities provides a valuable way of assessing media and captures important aspects of the relationship between media and equality. However, following Rainer Forst’s critique of outcome- oriented approaches to justice, I argue the capability approach needs to pay more attention to questions of power and process. In particular, when it comes to deciding which capabilities media should promote and what media structure and practices should promote them, the capability approach must accept the priority of deliberative and democratic processes of justification. Once we do this, we are urged to situate the concept of capabilities within a more process-oriented view of justice, focused not on capabilities as such, but on outlining the conditions required for justificatory equality. After discussing the capability approach, I will outline the process-oriented theory of justice Forst has developed around the idea of the ‘right to justification’. While Forst does not discuss media in depth, I argue his theory of justice can provide a valuable alternative normative standpoint for the critical media research

The Psychology of Privacy in the Digital Age

Privacy is a psychological topic suffering from historical neglect – a neglect that is increasingly consequential in an era of social media connectedness, mass surveillance and the permanence of our electronic footprint. Despite fundamental changes in the privacy landscape, social and personality psychology journals remains largely unrepresented in debates on the future of privacy. By contrast, in disciplines like computer science and media and communication studies, engaging directly with socio- technical developments, interest in privacy has grown considerably. In our review of this interdisciplinary literature we suggest four domains of interest to psychologists. These are: sensitivity to individual differences in privacy disposition; a claim that privacy is fundamentally based in social interactions; a claim that privacy is inherently contextual; and a suggestion that privacy is as much about psychological groups as it is about individuals. Moreover, we propose a framework to enable progression to more integrative models of the psychology of privacy in the digital age, and in particular suggest that a group and social relations based approach to privacy is needed

The affective atmospheres of surveillance

The spaces that surveillance produces can be thought of as ambiguous, entailing elements that are ethereal yet material, geographical yet trans-geographical. Contemporary surveillance systems form numerous connections that involve multiple times, spaces, and bodies. Owing to their ubiquity, normalization, and yet clandestine characteristics, they seem to produce an almost unnoticed aspect of everyday life. The impacts, then, of contemporary surveillance systems appear to be particularly experienced on the margins of consciousness. Thus we find that an empirical analysis of this realm of experience is possible but requires one to look for such things as disruption, disfluency, and hesitation in the text of speech acts rather than clear representation. Through empirical analysis of narratives concerning everyday experiences of living with contemporary surveillance systems, this paper focuses on their possible affective impacts. In turn, we find it more fitting to think about the so-called “surveillance society” in terms of producing “atmospheres” rather than “cultures or assemblages,” and “affects” rather than “emotions.” © 2013, SAGE Publications. All rights reserved

Competing jurisdictions: data privacy across the borders

Borderless cloud computing technologies are exacerbating tensions between European and other existing approaches to data privacy. On the one hand, in the European Union (EU), a series of data localisation initiatives are emerging with the objective of preserving Europe’s digital sovereignty, guaranteeing the respect of EU fundamental rights and preventing foreign law enforcement and intelligence agencies from accessing personal data. On the other hand, foreign countries are unilaterally adopting legislation requiring national corporations to disclose data stored in Europe, in this way bypassing jurisdictional boundaries grounded on physical data location. The chapter investigates this twofold dynamics by focusing particularly on the current friction between the EU data protection approach and the data privacy model of the United States (US) in the field of cloud computing

Surveillance in ubiquitous network societies: Normative conflicts related to the consumer in-store supermarket experience in the context of the Internet of Things

Peer-reviewed journal articleThe Internet of Things (IoT) is an emerging global infrastructure that employs wireless sensors to collect, store, and exchange data. Increasingly, applications for marketing and advertising have been articulated as a means to enhance the consumer shopping experience, in addition to improving efficiency. However, privacy advocates have challenged the mass aggregation of personally identifiable information in databases and geotracking, the use of location-based services to identify one’s precise location over time. This paper employs the framework of contextual integrity related to privacy developed by Nissenbaum (Privacy in context: technology, policy, and the integrity of social life. Stanford University Press, Stanford, 2010) as a tool to understand citizen response to implementation IoT-related technology in the supermarket. The purpose of the study was to identify and understand specific changes in information practices brought about by the IoT that may be perceived as privacy violations. Citizens were interviewed, read a scenario of near-term IoT implementation, and were asked to reflect on changes in the key actors involved, information attributes, and principles of transmission. Areas where new practices may occur with the IoT were then highlighted as potential problems (privacy violations). Issues identified included the mining of medical data, invasive targeted advertising, and loss of autonomy through marketing profiles or personal affect monitoring. While there were numerous aspects deemed desirable by the participants, some developments appeared to tip the balance between consumer benefit and corporate gain. This surveillance power creates an imbalance between the consumer and the corporation that may also impact individual autonomy. The ethical dimensions of this problem are discussed