Social networking searching and privacy issues

The explosion of social networking sites has not only changed the way people communicate, but also added a new dimension to the way for searching or investigating people. As users share a wide variety of information on social networking sites, concerns are growing about organisations’ access to personally identifiable data and users are increasingly worried about privacy on social network sites. The main threat with data gathering is not only from where gathering it, but also where it goes afterwards. Neither social network sites providers nor the governments have any way to effectively protect users against privacy violations. However, a variety of efforts need to be explored to change the situation. Social network sites should continue work to strengthen privacy settings. Laws and policies should be improved to regulate the social networking searching in its legality, necessity and proportionality.     

Dirty laundry: privacy issues for IT professionals

Individual online privacy, already a hot button in the political landscape, is no less important for IT professionals. In 1999, the authors distributed a survey to 500 data workers in the healthcare and financial fields. The results of the study suggest that privacy concerns are not confined to consumers, but the employees who access and collect the data are concerned as well. The survey posed 15 questions regarding the responders' attitudes about the organizational practices at their organization. The data collected from the survey reveals that healthcare workers are concerned about organizational practices causing errors in patient information, as well as unsanctioned use of patient information. Similarly, the survey research indicates that employees of financial institutions are concerned with organizational practices that allow improper access to customer information. Given the results in these two fields, IT workers and managers in all fields must be prepared to deal with this issue, for it is likely to confront them soon     

Online privacy issues: The other Tim McVeigh

He has been described as an “outstanding role model” and the “embodiment of Navy core values”.(1) He is a highly decorated Navy officer with a 17-year record of outstanding service, and up 'til recently he was the senior-most enlisted man aboard the US nuclear submarine the USS Chicago.(2) His name is Timothy McVeigh — not the Timothy McVeigh of the Oklahoma City bombing, but the man at the heart of a recent controversy over the gay rights in the military and online privacy issues.     

Exploring privacy issues in Web services discovery/agencies

The increasing discussions concerning Web services privacy often neglect a key building block of the Web services architecture: discovery agencies. This overview of discovery agency privacy issues highlights the various challenges and proposes different technical approaches for addressing them.     

Security and privacy issues in the Portable Document Format

The Portable Document Format (PDF) was developed by Adobe in the early nineties and today it is the de-facto standard for electronic document exchange. It allows reliable reproductions of published materials on any platform and it is used by many governmental and educational institutions, as well as companies and individuals. PDF documents are also credited with being more secure than other document formats such as Microsoft Compound Document File Format or Rich Text Format.This paper investigates the Portable Document Format and shows that it is not immune from some privacy related issues that affect other popular document formats. From a PDF document, it is possible to retrieve any text or object previously deleted or modified, extract user information and perform some actions that may be used to violate user privacy. There are several applications of such an issue. One of them is relevant to the scientific community and it pertains to the ability to overcome the blind review process of a paper, revealing information related to the anonymous referee (e.g., the IP address of the referee).     

A survey on privacy issues and solutions for Voice-controlled Digital Assistants

With the development and increasing deployment of smart home devices, voice control supports comfortable end user interactions. However, potential end users may refuse to use Voice-controlled Digital Assistants (VCDAs) because of privacy concerns. To address these concerns, some manufacturers provide limited privacy-preserving mechanisms for end users; however, these mechanisms are seldom used. We herein provide an analysis of privacy threats resulting from the utilization of VCDAs. We further analyze how existing solutions address these threats considering the principles of the European General Data Protection Regulation (GDPR). Based on our analysis, we propose directions for future research and suggest countermeasures for better privacy protection.     

Security and privacy issues in P2P streaming systems: A survey

Streaming applications over Peer-To-Peer (P2P) systems have gained an enormous popularity. Success always implies increased concerns about security, protection, privacy and all the other ‘side’ properties that transform an experimental application into a service. Research on security for P2P streaming started to flourish, but no comprehensive security analysis over the current P2P solutions has yet been attempted. There are no best practices in system design, no (widely) accepted attack models, no measurement-based studies on security threats to P2P streaming, nor even general surveys investigating specific security aspects for these systems. This paper addresses this last aspect. Starting from existing analyses and security models in the related literature, we give an overview on security and privacy considerations for P2P streaming systems. Our analysis emphasizes two major facts: (i) the Byzantine–Altruistic–Rational (BAR) model offers stronger security guarantees compared to other approaches, at the cost of higher complexity and overhead; and (ii) the general perception (not necessarily the truth, but a commonplace belief) that it is necessary to sacrifice accuracy or performance in order to tolerate faults or misbehaviors, is not always true.     

Online advertising on popular children’s websites: Structural features and privacy issues

This study examined advertisements placed on popular children’s websites. A total of 117 commercial children’s websites, 933 unique ads and 813 advertising websites were included in the sample. Results show that a majority of children’s websites carried advertisements, a third of which were Google ads. Less than half (47%) of the children’s websites and about a quarter (24%) of the advertising websites complied with COPPA when they collected personal information from children. Implications for children’s online safety are discussed.     

Investigating pay-as-you-go to address issues of trust, privacy and security around media use at home

This paper explores the use of a pay-as-you-go (PAYG) concept as a means of addressing issues of trust, privacy, billing and security around media in the home. The findings are based on a study conducted in 2007 and 2008, looking at the media-use habits of 27 families in the Greater London area. The study investigated attitudes towards uses of various forms of media within the home environment, with a particular emphasis on television (TV). To facilitate the study, a rapid prototype of an experimental home media device was produced, asking participants to use and respond to it. The key findings show the desirability of devices and services that incorporate a payment system which would help in regulating spending and allow household members to manage their own media purchases. The PAYG concept was well received by study participants as a means to prevent unauthorised spending and help manage costs. Participants were also enthusiastic about more transparent billing mechanisms and the possibility of monitoring the TV and media use of younger household members.     

Valuating privacy

In several experimental auctions, participants put a dollar value on private information before revealing it to a group. An analysis of results show that a trait's desirability in relation to the group played a key role in the amount people demanded to publicize private information. Because people can easily obtain, aggregate, and disperse personal data electronically, privacy is a central concern in the information age. This concern is clear in relation to financial data and genetic information, both of which can lead to identity abuse and discrimination. However, other relatively harmless information can also be abused, including a person's gender, salary, age, marital status, or shopping preferences. What's unclear is whether it's the fear of such abuse that actually causes people's stated hesitance to reveal their data. Our hypothesis - and the motivation for our study - is that people reveal information when they feel that they're somewhat typical or positively atypical compared to the target group. To test this hypothesis, we conducted experiments that elicit the value people place on their private data. We found, with great significance (more than 95 percent statistical confidence) that a linear relationship exists between an individual's belief about a trait and the value he or she places on it. That is, the less desirable the trait, the greater the price a person demands for releasing the information. Furthermore, we found that small deviations in a socially positive direction are associated with a lower asking price.     

Privacy issues in a psychiatric context: applying the ISD privacy framework to a psychiatric behavioural monitoring system

Privacy issues are frequently discussed amongst researchers, practitioners and patients in healthcare. However, psychiatric patients’ privacy issues get less attention in information system development (ISD), whereby they are one of the most important stakeholders. This paper applies Carew and Stapleton’s ISD privacy framework to psychiatric monitoring systems to understand the issues that are related to monitoring psychiatric patients’ behaviour. By understanding the privacy issues amongst patients, the research will be able to provide guidance to system developers to produce a privacy-sensitive system that can contribute to the system engineering for international stability. We will elaborate each factor in the framework (physical, social, psychological and informational) and then explain the relationship to the privacy of psychiatric patient.     

差分隐私模型的启发式隐私参数设置策略

差分隐私模型是一种强隐私模型,用隐私参数ε度量隐私保护程度及噪声量,近年来成为隐私保护领域的研究热点。但是隐私参数ε的设置只能依赖于实验或专业人士经验,限制了差分隐私模型的使用与推广。针对这个问题,基于(ρ1,ρ2)-隐私模型提出一种启发式的隐私参数ε设置策略（limit privacy breaches in differential privacy,LPBDP）,分析隐私参数ε与(ρ1,ρ2)的内在联系,实现噪声量的添加由(ρ1,ρ2)决定。LPBDP通过如下启发式原则设置隐私参数ε：如果攻击者关于目标受害者的先验概率小于阈值ρ1,攻击者得到差分隐私查询策略返回的加噪结果后,关于目标受害者的后验概率必须小于阈值ρ2。实验表明LPBDP能够更直观地设置隐私参数ε以满足差分隐私约束。     

Towards privacy preserving social recommendation under personalized privacy settings

World Wide Web - Privacy leakage is an important issue for social relationships-based recommender systems (i.e., social recommendation). Existing privacy preserving social recommendation approaches...     

隐私数据验证场景下的隐私保护研究

隐私数据验证场景是信息验证服务下的一类特殊场景,其实用性要求数据在第三方数据库进行存储、发布且有能力处理任意形式声明的验证,其安全性要求数据在存储、更新与证明期间提供有效的隐私保护手段。目前该场景下的隐私保护研究尚且处于空白阶段,因此本文引入可证明数据加密策略的概念,以满足隐私数据验证场景下的实用性与安全性需求。本文主要有三个贡献：（1）对可证明数据加密策略进行讨论并给出形式化定义;（2）基于非交互零知识证明构造出首个可证明数据加密方案,并同时支持高效的数据更新操作;（3）基于承诺方案、非交互零知识证明与全同态加密,提出可证明数据加密策略的两种通用构造框架并给予相关性质证明。     

k-匿名下通过本地差分隐私实现位置隐私保护

针对用户位置隐私保护过程中攻击者利用背景知识等信息发起攻击的问题,提出一种面向移动终端的位置隐私保护方法。该方案通过利用k-匿名和本地差分隐私技术进行用户位置保护,保证隐私和效用的权衡。结合背景知识构造匿名集,通过改进的Hilbert曲线对k-匿名集进行分割,使用本地差分隐私算法RAPPOR扰动划分后的位置集,最后将生成的位置集发送给位置服务提供商获取服务。在真实数据集上与已有的方案从用户位置保护、位置可用性和时间开销方面进行对比,实验结果显示,所提方案在确保LBS服务质量的同时,也增强了位置隐私保护的程度。     

基于差分隐私的数据匿名化隐私保护方法

在保护数据隐私的匿名技术中,为解决匿名安全性不足的问题,即匿名过程中因计算等价类质心遭受同质性和背景知识攻击造成的隐私泄漏,提出了一种基于差分隐私的数据匿名化隐私保护方法,构建了基于差分隐私的数据匿名化隐私保护模型;在利用微聚集MDAV算法划分相似等价类并在匿名属性过程中引入SuLQ框架设计得到ε-MDAV算法,同时选用Laplace实现机制合理控制隐私保护预算。通过对比不同隐私保护预算下可用性和安全性的变化,验证了该方法可以在保证数据高可用性的前提下有效地提升数据的安全性能。