Isabel Wagner,Eerke Boiten

DOI: https://doi.org/10.1007/978-3-030-00305-0_17

2018-09-09

Abstract:Privacy risk assessments aim to analyze and quantify the privacy risks associated with new systems. As such, they are critically important in ensuring that adequate privacy protections are built in. However, current methods to quantify privacy risk rely heavily on experienced analysts picking the "correct" risk level on e.g. a five-point scale. In this paper, we argue that a more scientific quantification of privacy risk increases accuracy and reliability and can thus make it easier to build privacy-friendly systems. We discuss how the impact and likelihood of privacy violations can be decomposed and quantified, and stress the importance of meaningful metrics and units of measurement. We suggest a method of quantifying and representing privacy risk that considers a collection of factors as well as a variety of contexts and attacker models. We conclude by identifying some of the major research questions to take this approach further in a variety of application scenarios.

Cryptography and Security

Meredydd Williams,Jason R. C. Nurse,Sadie Creese

DOI: https://doi.org/10.1007/978-3-319-55783-0_18

2018-07-16

Abstract:Privacy is a well-understood concept in the physical world, with us all desiring some escape from the public gaze. However, while individuals might recognise locking doors as protecting privacy, they have difficulty practising equivalent actions online. Privacy salience considers the tangibility of this important principle; one which is often obscured in digital environments. Through extensively surveying a range of studies, we construct the first taxonomies of privacy salience. After coding articles and identifying commonalities, we categorise works by their methodologies, platforms and underlying themes. While web browsing appears to be frequently analysed, the Internet-of-Things has received little attention. Through our use of category tuples and frequency matrices, we then explore those research opportunities which might have been overlooked. These include studies of targeted advertising and its affect on salience in social networks. It is through refining our understanding of this important topic that we can better highlight the subject of privacy.

Computers and Society,Cryptography and Security

Ángel Longueira-Romero,Rosa Iglesias,David Gonzalez,Iñaki Garitano

DOI: https://doi.org/10.48550/arXiv.2112.05475

2021-12-10

Abstract:Embedded Systems (ES) development has been historically focused on functionality rather than security, and today it still applies in many sectors and applications. However, there is an increasing number of security threats over ES, and a successful attack could have economical, physical or even human consequences, since many of them are used to control critical applications. A standardized and general accepted security testing framework is needed to provide guidance, common reporting forms, and the possibility to compare the results along the time. This can be achieved by introducing security metrics into the evaluation or assessment process. If carefully designed and chosen, metrics could provide a quantitative, repeatable and reproducible value that would reflect the level of security protection of the ES. This paper analyzes the features that a good security metric should exhibit, introduces a taxonomy for classifying them, and finally, it carries out a literature survey on security metrics for the security evaluation of ES. In this review, more than 500 metrics were collected and analyzed. Then, they were reduced to 169 metrics that have the potential to be applied to ES security evaluation. As expected, the 77.5 % of them is related exclusively to software, and only the 0.6 % of them addresses exclusively hardware security. This work aims to lay the foundations for constructing a security evaluation methodology that uses metrics to quantify the security level of an ES.

Cryptography and Security

Kovila P.L. Coopamootoo

DOI: https://doi.org/10.1145/3372297.3423347

2020-10-30

Abstract:The steady reports of privacy invasions online paints a picture of the Internet growing into a more dangerous place. This is supported by reports of the potential scale for online harms facilitated by the mass deployment of online technology and by the data-intensive web. While Internet users often express concern about privacy, some report taking actions to protect their privacy online. We investigate the methods and technologies that individuals employ to protect their privacy online. We conduct two studies, of N=180 and N=907, to elicit individuals' use of privacy methods, within the US, the UK and Germany. We find that non-technology methods are among the most used methods in the three countries. We identify distinct groupings of privacy methods usage in a cluster map. The map shows that together with non-technology methods of privacy protection, simple PETs that are integrated in services, form the most used cluster, whereas more advanced PETs form a different, least used cluster. We further investigate user perception and reasoning for mostly using one set of PETs, in a third study with N=183 participants. We do not find a difference in perceived competency in protecting privacy online between advanced and simpler PETs users. We compare use perceptions between advanced and simpler PETs and report on user reasoning for not using advanced PETs, as well as support needed for potential use. This paper contributes to privacy research by eliciting use and perception of use across 43 privacy methods, including 26 PETs across three countries and provides a map of PETs usage. The cluster map provides a systematic and reliable point of reference for future user-centric investigations across PETs. Overall, this research provides a broad understanding of use and perceptions across a collection of PETs, and can lead to future research for scaling use of PETs.

Karl van der Schyff,Suzanne Prior,Karen Renaud

DOI: https://doi.org/10.1016/j.cose.2024.104065

IF: 5.105

2024-08-20

Computers & Security

Abstract:Online users often neglect the importance of privacy policies - a critical aspect of digital privacy and data protection. This scoping review addresses this oversight by delving into privacy policy analysis, aiming to establish a comprehensive research agenda. The study's objective was to explore the analytic techniques employed in privacy policy analysis and to identify the associated challenges. Following the Preferred Reporting Items for Systematic Reviews and Meta-Analyses for Scoping Reviews (PRISMA-ScR) checklist, the review selected n = 97 relevant studies. The findings reveal a diverse array of techniques used, encompassing automated machine learning and natural language processing, and manual content analysis. Notably, researchers grapple with challenges like linguistic nuances, ambiguity, and complex data harvesting methods. Additionally, the lack of privacy-centric theoretical frameworks and a dearth of user evaluations in many studies limit their real-world applicability. The review concludes by proposing a set of research recommendations to shape the future research agenda in privacy policy analysis.

computer science, information systems

Isabel Casas,Jose Hurtado,Xingquan Zhu

DOI: https://doi.org/10.1007/978-3-319-26187-4_44

2015-01-01

Abstract:Social networks are becoming pervasive in todays world. Millions of people worldwide are involved in different form of online networking, with Facebook being one of the most popular sites. Online networks allow individuals to connect with friends and family, and share their private information. One of the reasons for the popularity of virtual communities is the perception of benefits received from the community. However, problems with privacy and security of the users information may also occur, especially when members are not aware of the risks of posting sensitive information on a social network. Members of social networking sites could become victims of identity theft, physical or online stalking and embarrassment as a consequence of malicious manipulation of their profiles data. Although networking sites often provide features for privacy settings, a high percentage of users neither know nor change their privacy preferences. This situation brings to consideration about many important aspects of social network privacy, such as what are the privacy issues in social networks? what are common privacy threats or risks in social networks? how privacy can be measured in a meaningful way? and how to empower users with knowledge to make correct decisions when selecting privacy settings? The goal of this paper is twofold. First, we discuss potential risks and attacks of social network site users privacy. Second, we present the measurement and quantification of the social privacy, along with solutions for privacy protection.

Eva-Maria Schomakers,Chantal Lidynia,Martina Ziefle

DOI: https://doi.org/10.1080/10447318.2021.1994211

2021-11-25

Abstract:The ongoing digitization and novel smart technologies can deliver enormous benefits to society and individuals. However, smart services often require the vast collection of data conflicting with users’ privacy. The integration of privacy concerns into acceptance research is needed to portray and predict user decisions in smart technologies. To allow a privacy-integrated prediction of users’ technology acceptance, we apply the privacy calculus theory to adoption behavior. We test the new model in three usage contexts, autonomous driving (transportation), activity trackers (fitness), and cardiac device remote monitoring (medical treatment). Using an online questionnaire, 624 German participants evaluated all three technologies. The model fits well in all contexts, although also context-related differences in the weighing of perceived benefits and privacy concerns showed. It is concluded that the trade-off between perceived benefits and privacy concerns is a central keystone not only for the willingness to disclose information but also for technology acceptance.

Xiaoxiao Meng

DOI: https://doi.org/10.1016/j.ipm.2024.103658

IF: 7.466

2024-01-22

Information Processing & Management

Abstract:Digital platforms have provided convenience, but they increase information misuse risks, which can cause privacy boundary turbulence, a key concept of Communication Privacy Management theory. Contrary to previous measurements of turbulence that mostly focus on actual privacy violation experiences, I propose a new measurement scale incorporating the perceived privacy violations. To construct the scale, I first used in-depth interviews ( N = 33) to identify four dimensions of privacy turbulence through coding: sense of surveillance, sense of betrayal, sense of harm, and sense of helplessness. Drawing on interview data, I developed items for each dimension and tested the items to refine the scale. In Study Two ( N = 283), exploratory factor analysis was used to test potential models. Study Three ( N = 687) cross-validated the final factor structure using a separate sample. Study Four ( N = 293) tested the discriminant and predictive validity of the measure by comparing it to the Privacy Management Measure scale.

computer science, information systems,information science & library science

Paola Inverardi,Patrizio Migliarini,Massimiliano Palmiero

2023-07-07

Abstract:In the modern digital world users need to make privacy and security choices that have far-reaching consequences. Researchers are increasingly studying people's decisions when facing with privacy and security trade-offs, the pressing and time consuming disincentives that influence those decisions, and methods to mitigate them. This work aims to present a systematic review of the literature on privacy categorization, which has been defined in terms of profile, profiling, segmentation, clustering and personae. Privacy categorization involves the possibility to classify users according to specific prerequisites, such as their ability to manage privacy issues, or in terms of which type of and how many personal information they decide or do not decide to disclose. Privacy categorization has been defined and used for different purposes. The systematic review focuses on three main research questions that investigate the study contexts, i.e. the motivations and research questions, that propose privacy categorisations; the methodologies and results of privacy categorisations; the evolution of privacy categorisations over time. Ultimately it tries to provide an answer whether privacy categorization as a research attempt is still meaningful and may have a future.

Software Engineering

Maxwell Prybylo,Sara Haghighi,Sai Teja Peddinti,Sepideh Ghanavati

2024-06-09

Abstract:With the increase in the number of privacy regulations, small development teams are forced to make privacy decisions on their own. In this paper, we conduct a mixed-method survey study, including statistical and qualitative analysis, to evaluate the privacy perceptions, practices, and knowledge of members involved in various phases of the Software Development Life Cycle (SDLC). Our survey includes 362 participants from 23 countries, encompassing roles such as product managers, developers, and testers. Our results show diverse definitions of privacy across SDLC roles, emphasizing the need for a holistic privacy approach throughout SDLC. We find that software teams, regardless of their region, are less familiar with privacy concepts (such as anonymization), relying on self-teaching and forums. Most participants are more familiar with GDPR and HIPAA than other regulations, with multi-jurisdictional compliance being their primary concern. Our results advocate the need for role-dependent solutions to address the privacy challenges, and we highlight research directions and educational takeaways to help improve privacy-aware SDLC.

Software Engineering,Human-Computer Interaction

Oleksandra Klymenko,Oleksandr Kosenkov,Stephen Meisenbacher,Parisa Elahidoost,Daniel Mendez,Florian Matthes

DOI: https://doi.org/10.1145/3544902.3546234

2022-08-18

Abstract:Modern privacy regulations, such as the General Data Protection Regulation (GDPR), address privacy in software systems in a technologically agnostic way by mentioning general "technical measures" for data privacy compliance rather than dictating how these should be implemented. An understanding of the concept of technical measures and how exactly these can be handled in practice, however, is not trivial due to its interdisciplinary nature and the necessary technical-legal interactions. We aim to investigate how the concept of technical measures for data privacy compliance is understood in practice as well as the technical-legal interaction intrinsic to the process of implementing those technical measures. We follow a research design that is 1) exploratory in nature, 2) qualitative, and 3) interview-based, with 16 selected privacy professionals in the technical and legal domains. Our results suggest that there is no clear mutual understanding and commonly accepted approach to handling technical measures. Both technical and legal roles are involved in the implementation of such measures. While they still often operate in separate spheres, a predominant opinion amongst the interviewees is to promote more interdisciplinary collaboration. Our empirical findings confirm the need for better interaction between legal and engineering teams when implementing technical measures for data privacy. We posit that interdisciplinary collaboration is paramount to a more complete understanding of technical measures, which currently lacks a mutually accepted notion. Yet, as strongly suggested by our results, there is still a lack of systematic approaches to such interaction. Therefore, the results strengthen our confidence in the need for further investigations into the technical-legal dynamic of data privacy compliance.

Software Engineering

Baobao Song,Mengyue Deng,Shiva Raj Pokhrel,Qiujun Lan,Robin Doss,Gang Li

DOI: https://doi.org/10.48550/arXiv.2302.09258

2023-02-18

Cryptography and Security

Abstract:Users have renewed interest in protecting their private data in the digital space. When they don't believe that their privacy is sufficiently covered by one platform, they will readily switch to another. Such an increasing level of privacy awareness has made privacy preservation an essential research topic. Nevertheless, new privacy attacks are emerging day by day. Therefore, a holistic survey to compare the discovered techniques on attacks over privacy preservation and their mitigation schemes is essential in the literature. We develop a study to fill this gap by assessing the resilience of privacy-preserving methods to various attacks and conducting a comprehensive review of countermeasures from a broader perspective. First, we introduce the fundamental concepts and critical components of privacy attacks. Second, we comprehensively cover major privacy attacks targeted at anonymous data, statistical aggregate data, and privacy-preserving models. We also summarize popular countermeasures to mitigate these attacks. Finally, some promising future research directions and related issues in the privacy community are envisaged. We believe this survey will successfully shed some light on privacy research and encourage researchers to entirely understand the resilience of different existing privacy-preserving approaches.

Giacomo Gori,Lorenzo Rinieri,Andrea Melis,Amir Al Sadi,Franco Callegati,Marco Prandini

DOI: https://doi.org/10.3390/electronics13071208

IF: 2.9

2024-03-26

Electronics

Abstract:Nowadays, as the cyber-threat landscape is evolving and digital assets are proliferating and becoming more and more interconnected with the internet and heterogeneous devices, it is fundamental to be able to obtain a sensible measure of the security of devices, networks, and systems. Industrial cyber–physical systems (ICPSs), in particular, can be exposed to high operational risks that entail damage to revenues, assets, and even people. A way to overcome the open question of measuring security is with the use of security metrics. With metrics it is possible to rely on proven indicators that benchmark systems, identify vulnerabilities, and show practical data to assess the risk. However, security metrics are often proposed with specific contexts in mind, and a set of them specifically crafted for ICPSs is not explicitly available in the literature. For this reason, in this work, we analyze the current state of the art in the selection of security metrics and we propose a systematic methodology to gather, filter, and validate security metrics. Then, we apply the procedure to the ICPS domain, gathering almost 300 metrics from the literature, analyzing the domain to identify the properties useful to filter the metrics, and applying a validation framework to assess the validity of the filtered metrics, obtaining a final set capable of measuring the security of ICPSs from different perspectives.

engineering, electrical & electronic,computer science, information systems,physics, applied

Tobias Hyrup,Anton Danholt Lautrup,Arthur Zimek,Peter Schneider-Kamp

2023-12-19

Abstract:Data sharing is a necessity for innovative progress in many domains, especially in healthcare. However, the ability to share data is hindered by regulations protecting the privacy of natural persons. Synthetic tabular data provide a promising solution to address data sharing difficulties but does not inherently guarantee privacy. Still, there is a lack of agreement on appropriate methods for assessing the privacy-preserving capabilities of synthetic data, making it difficult to compare results across studies. To the best of our knowledge, this is the first work to identify properties that constitute good universal privacy evaluation metrics for synthetic tabular data. The goal of such metrics is to enable comparability across studies and to allow non-technical stakeholders to understand how privacy is protected. We identify four principles for the assessment of metrics: Comparability, Applicability, Interpretability, and Representativeness (CAIR). To quantify and rank the degree to which evaluation metrics conform to the CAIR principles, we design a rubric using a scale of 1-4. Each of the four properties is scored on four parameters, yielding 16 total dimensions. We study the applicability and usefulness of the CAIR principles and rubric by assessing a selection of metrics popular in other studies. The results provide granular insights into the strengths and weaknesses of existing metrics that not only rank the metrics but highlight areas of potential improvements. We expect that the CAIR principles will foster agreement among researchers and organizations on which universal privacy evaluation metrics are appropriate for synthetic tabular data.

Machine Learning,Cryptography and Security,Computers and Society

March Boedihardjo,Thomas Strohmer,Roman Vershynin

2024-05-01

Abstract:Synthetic data are an attractive concept to enable privacy in data sharing. A fundamental question is how similar the privacy-preserving synthetic data are compared to the true data. Using metric privacy, an effective generalization of differential privacy beyond the discrete setting, we raise the problem of characterizing the optimal privacy-accuracy tradeoff by the metric geometry of the underlying space. We provide a partial solution to this problem in terms of the "entropic scale", a quantity that captures the multiscale geometry of a metric space via the behavior of its packing numbers. We illustrate the applicability of our privacy-accuracy tradeoff framework via a diverse set of examples of metric spaces.

Cryptography and Security,Data Structures and Algorithms,Probability

Susanne Barth,Dan Ionita,Pieter Hartel

DOI: https://doi.org/10.1145/3502288

IF: 16.6

2023-04-30

ACM Computing Surveys

Abstract:Privacy visualizations help users understand the privacy implications of using an online service. Privacy by Design guidelines provide generally accepted privacy standards for developers of online services. To obtain a comprehensive understanding of online privacy, we review established approaches, distill a unified list of 15 privacy attributes and rank them based on perceived importance by users and privacy experts. We then discuss similarities, explain notable differences, and examine trends in terms of the attributes covered. Finally, we show how our results provide a foundation for user-centric privacy visualizations, inspire best practices for developers, and give structure to privacy policies.

computer science, theory & methods

Ghazaleh Beigi,Huan Liu

DOI: https://doi.org/10.1145/3343038

2020-03-12

ACM/IMS Transactions on Data Science

Abstract:The increasing popularity of social media has attracted a huge number of people to participate in numerous activities on a daily basis. This results in tremendous amounts of rich user-generated data. These data provide opportunities for researchers and service providers to study and better understand users’ behaviors and further improve the quality of the personalized services. Publishing user-generated data risks exposing individuals’ privacy. Users privacy in social media is an emerging research area and has attracted increasing attention recently. These works study privacy issues in social media from the two different points of views: identification of vulnerabilities and mitigation of privacy risks. Recent research has shown the vulnerability of user-generated data against the two general types of attacks, identity disclosure and attribute disclosure. These privacy issues mandate social media data publishers to protect users’ privacy by sanitizing user-generated data before publishing it. Consequently, various protection techniques have been proposed to anonymize user-generated social media data. There is vast literature on privacy of users in social media from many perspectives. In this survey, we review the key achievements of user privacy in social media. In particular, we review and compare the state-of-the-art algorithms in terms of the privacy leakage attacks and anonymization algorithms. We overview the privacy risks from different aspects of social media and categorize the relevant works into five groups: (1) social graphs and privacy, (2) authors in social media and privacy, (3) profile attributes and privacy, (4) location and privacy, and (5) recommendation systems and privacy. We also discuss open problems and future research directions regarding user privacy issues in social media.

Tamara Dinev,Heng Xu,Jeff H Smith,Paul Hart

DOI: https://doi.org/10.1057/ejis.2012.23

2013-05-01

European Journal of Information Systems

Abstract:Privacy is one of the few concepts that has been studied across many disciplines, but is still difficult to grasp. The current understanding of privacy is largely fragmented and discipline-dependent. This study develops and tests a framework of information privacy and its correlates, the latter often being confused with or built into definitions of information privacy per se. Our framework development was based on the privacy theories of Westin and Altman, the economic view of the privacy calculus, and the identity management framework of Zwick and Dholakia. The dependent variable of the model is perceived information privacy. The particularly relevant correlates to information privacy are anonymity, secrecy, confidentiality, and control. We posit that the first three are tactics for information control; perceived information control and perceived risk are salient determinants of perceived information privacy; and perceived risk is a function of perceived benefits of information disclosure, information sensitivity, importance of information transparency, and regulatory expectations. The research model was empirically tested and validated in the Web 2.0 context, using a survey of Web 2.0 users. Our study enhances the theoretical understanding of information privacy and is useful for privacy advocates, and legal, management information systems, marketing, and social science scholars.

information science & library science,management,computer science, information systems

Bayrem Kaabachi,Jérémie Despraz,Thierry Meurers,Karen Otte,Mehmed Halilovic,Bogdan Kulynych,Fabian Prasser,Jean Louis Raisaro

DOI: https://doi.org/10.1101/2023.11.28.23299124

2024-10-21

Abstract:The use of synthetic data is a promising solution to facilitate the sharing and reuse of health-related data beyond its initial collection while addressing privacy concerns. However, there is still no consensus on a standardized approach for systematically evaluating the privacy and utility of synthetic data, impeding its broader adoption. In this work, we present a comprehensive review and systematization of current methods for evaluating synthetic health-related data, focusing on both privacy and utility aspects. Our findings suggest that there are a variety of methods for assessing the utility of synthetic data, but no consensus on which method is optimal in which scenario. Moreover, we found that most studies included in this review do not evaluate the privacy protection provided by synthetic data, and those that do often significantly underestimate the risks.

Mousa Alfalayleh,Ljiljana Brankovic

DOI: https://doi.org/10.48550/arXiv.1409.2112

2014-09-07

Abstract:It is well recognised that data mining and statistical analysis pose a serious treat to privacy. This is true for financial, medical, criminal and marketing research. Numerous techniques have been proposed to protect privacy, including restriction and data modification. Recently proposed privacy models such as differential privacy and k-anonymity received a lot of attention and for the latter there are now several improvements of the original scheme, each removing some security shortcomings of the previous one. However, the challenge lies in evaluating and comparing privacy provided by various techniques. In this paper we propose a novel entropy based security measure that can be applied to any generalisation, restriction or data modification technique. We use our measure to empirically evaluate and compare a few popular methods, namely query restriction, sampling and noise addition.

Cryptography and Security