Behind the curtains of privacy calculus on social networking sites: the study of Germany and the USA

As social networking sites (SNSs) become increasingly global, the issues of cultural differences in participation patterns become acute. However, current research offers only limited insights into the role of culture behind SNS usage. Aiming to fill this gap, this study adopts a ‘privacy calculus’ perspective to study the differences between German and American SNS users. Results of structural equation modeling and multi-group analysis reveal distinct variability in the cognitive patterns of American and German subjects. We contribute to the theory by rejecting the universal nature of privacy-calculus processes. From a practical standpoint, our results signal that SNS providers cannot rely on the “proven” means in ensuring user participation when crossing geographic boundaries. When financial means are limited, SNS providers should direct their investments into enhancing platform enjoyment and granting users with more control and, paradoxically, lobbying for more legalistic safeguards of user privacy.

Leveraging Trust and Privacy Concerns in Online Social Networks: an Empirical Study

Unprecedented success of Online Social Networks, such as Facebook, has been recently overshadowed by the privacy risks they imply. Weary of privacy concerns and unable to construct their identity in the desired way, users may restrict or even terminate their platform activities. Even though this means a considerable business risk for these platforms, so far there have been no studies on how to enable social network providers to address these problems. This study fills this gap by adopting a fairness perspective to analyze related measures at the disposal of the provider. In a Structural Equation Model with 237 subjects we find that ensuring interactional and procedural justice are two important strategies to support user participation on the platform.

Privacy Calculus on Social Networking Sites: Explorative Evidence from Germany and USA

Worldwide social networks, like Facebook, face fierce competition from local platforms when expanding globally. To remain attractive social network providers need to encourage user self-disclosure. Yet, little research exists on how cultural differences impact selfdisclosure on these platforms. Addressing this gap, this study explores the differences in perceptions of disclosure-relevant determinants between German and US users. Survey of Facebook members indicates that German users expect more damage and attribute higher probability to privacy-related violations. On the other hand, even though American users show higher level of privacy concern, they extract more benefits from their social networking activities, have more trust in the service provider and legal assurances as well as perceive more control. These factors may explain a higher level of self-disclosure indicated by American users. Our results provide relevant insights for the social network providers who can adjust their expansion strategy with regard to cultural differences.

Investigating the value of privacy on online social networks: conjoint analysis

Popularity of Online Social Networks has been recently overshadowed by the privacy problems they pose. Users are getting increasingly vigilant concerning information they disclose and are strongly opposing the use of their information for commercial purposes. Nevertheless, as long as the network is offered to users for free, providers have little choice but to generate revenue through personalized advertising to remain financially viable. Our study empirically investigates the ways out of this deadlock. Using conjoint analysis we find that privacy is indeed important for users. We identify three groups of users with different utility patterns: Unconcerned Socializers, Control-conscious Socializers and Privacy-concerned. Our results provide relevant insights into how network providers can capitalize on different user preferences by specifically addressing the needs of distinct groups in the form of various premium accounts. Overall, our study is the first attempt to assess the value of privacy in monetary terms in this context.

Privacy-Preserving Optimal Meeting Location Determination on Mobile Devices

Equipped with state-of-the-art smartphones and mobile devices, today's highly interconnected urban population is increasingly dependent on these gadgets to organize and plan their daily lives. These applications often rely on current (or preferred) locations of individual users or a group of users to provide the desired service, which jeopardizes their privacy; users do not necessarily want to reveal their current (or preferred) locations to the service provider or to other, possibly untrusted, users. In this paper, we propose privacy-preserving algorithms for determining an optimal meeting location for a group of users. We perform a thorough privacy evaluation by formally quantifying privacy-loss of the proposed approaches. In order to study the performance of our algorithms in a real deployment, we implement and test their execution efficiency on Nokia smartphones. By means of a targeted user-study, we attempt to get an insight into the privacy-awareness of users in location-based services and the usability of the proposed solutions.

Effectiveness of Justice-Based Measures in Managing Trust and Privacy Concerns on Social Networking Sites: Intercultural Perspective

The unprecedented success of social networking sites (SNSs) has been recently overshadowed by concerns about privacy risks. As SNS users grow weary of privacy breaches and thus develop distrust, they may restrict or even terminate their platform activities. In the long run, these developments endanger SNS platforms’ financial viability and undermine their ability to create individual and social value. By applying a justice perspective, this study aims to understand the means at the disposal of SNS providers to leverage the privacy concerns and trusting beliefs of their users—two important determinants of user participation on SNSs. Considering that SNSs have a global appeal, empirical tests assess the effectiveness of justice measures for three culturally distinct countries: Germany, Russia and Morocco. The results indicate that these measures are particularly suited to address trusting beliefs of SNS audience. Specifically, in all examined countries, procedural justice and the awareness dimension of informational justice improve perceptions of trust in the SNS provider. Privacy concerns, however, are not as easy to manage, because the impact of justice-based measures on privacy concerns is not universal. Beyond theoretical value, this research offers valuable practical insights into the use of justice-based measures to promote trust and mitigate privacy concerns in a cross-cultural setting.

Privacy Policies and Users’ Trust: Does Readability Matter?

Over the years, a drastic increase in online information disclosure spurs a wave of concerns from multiple stakeholders. Among others, users resent the “behind the closed doors” processing of their personal data by companies. Privacy policies are supposed to inform users how their personal information is handled by a website. However, several studies have shown that users rarely read privacy policies for various reasons, not least because limitedly readable policy texts are difficult to understand. Based on our online survey with over 440 responses, we examine the objective and subjective readability of privacy policies and investigate their impact on users’ trust in five big Internet services. Our findings show the stronger a user believes in having understood the privacy policy, the higher he or she trusts a web site across all companies we studied. Our results call for making readability of privacy policies more accessible to an average reader.

Privacy Preserving Probabilistic Record Linkage (P3RL): a novel method for linking existing health-related data and maintaining participant confidentiality.

BACKGROUND Record linkage of existing individual health care data is an efficient way to answer important epidemiological research questions. Reuse of individual health-related data faces several problems: Either a unique personal identifier, like social security number, is not available or non-unique person identifiable information, like names, are privacy protected and cannot be accessed. A solution to protect privacy in probabilistic record linkages is to encrypt these sensitive information. Unfortunately, encrypted hash codes of two names differ completely if the plain names differ only by a single character. Therefore, standard encryption methods cannot be applied. To overcome these challenges, we developed the Privacy Preserving Probabilistic Record Linkage (P3RL) method. METHODS In this Privacy Preserving Probabilistic Record Linkage method we apply a three-party protocol, with two sites collecting individual data and an independent trusted linkage center as the third partner. Our method consists of three main steps: pre-processing, encryption and probabilistic record linkage. Data pre-processing and encryption are done at the sites by local personnel. To guarantee similar quality and format of variables and identical encryption procedure at each site, the linkage center generates semi-automated pre-processing and encryption templates. To retrieve information (i.e. data structure) for the creation of templates without ever accessing plain person identifiable information, we introduced a novel method of data masking. Sensitive string variables are encrypted using Bloom filters, which enables calculation of similarity coefficients. For date variables, we developed special encryption procedures to handle the most common date errors. The linkage center performs probabilistic record linkage with encrypted person identifiable information and plain non-sensitive variables. RESULTS In this paper we describe step by step how to link existing health-related data using encryption methods to preserve privacy of persons in the study. CONCLUSION Privacy Preserving Probabilistic Record linkage expands record linkage facilities in settings where a unique identifier is unavailable and/or regulations restrict access to the non-unique person identifiable information needed to link existing health-related data sets. Automated pre-processing and encryption fully protect sensitive information ensuring participant confidentiality. This method is suitable not just for epidemiological research but also for any setting with similar challenges.

Privacy-preserving genomic testing in the clinic: a model using HIV treatment

PURPOSE The implementation of genomic-based medicine is hindered by unresolved questions regarding data privacy and delivery of interpreted results to health-care practitioners. We used DNA-based prediction of HIV-related outcomes as a model to explore critical issues in clinical genomics. METHODS We genotyped 4,149 markers in HIV-positive individuals. Variants allowed for prediction of 17 traits relevant to HIV medical care, inference of patient ancestry, and imputation of human leukocyte antigen (HLA) types. Genetic data were processed under a privacy-preserving framework using homomorphic encryption, and clinical reports describing potentially actionable results were delivered to health-care providers. RESULTS A total of 230 patients were included in the study. We demonstrated the feasibility of encrypting a large number of genetic markers, inferring patient ancestry, computing monogenic and polygenic trait risks, and reporting results under privacy-preserving conditions. The average execution time of a multimarker test on encrypted data was 865 ms on a standard computer. The proportion of tests returning potentially actionable genetic results ranged from 0 to 54%. CONCLUSIONS The model of implementation presented herein informs on strategies to deliver genomic test results for clinical care. Data encryption to ensure privacy helps to build patient trust, a key requirement on the road to genomic-based medicine.Genet Med advance online publication 14 January 2016Genetics in Medicine (2016); doi:10.1038/gim.2015.167.

PEPSI: Privacy-Enhanced Participatory Sensing Infrastructure.

Participatory Sensing combines the ubiquity of mobile phones with sensing capabilities of Wireless Sensor Networks. It targets pervasive collection of information, e.g., temperature, traffic conditions, or health-related data. As users produce measurements from their mobile devices, voluntary participation becomes essential. However, a number of privacy concerns -- due to the personal information conveyed by data reports -- hinder large-scale deployment of participatory sensing applications. Prior work on privacy protection, for participatory sensing, has often relayed on unrealistic assumptions and with no provably-secure guarantees. The goal of this project is to introduce PEPSI: a Privacy-Enhanced Participatory Sensing Infrastructure. We explore realistic architectural assumptions and a minimal set of (formal) privacy requirements, aiming at protecting privacy of both data producers and consumers. We design a solution that attains privacy guarantees with provable security at very low additional computational cost and almost no extra communication overhead.

Hummingbird: Privacy at the time of Twitter

In the last several years, micro-blogging Online Social Networks (OSNs), such as Twitter, have taken the world by storm, now boasting over 100 million subscribers. As an unparalleled stage for an enormous audience, they offer fast and reliable centralized diffusion of pithy tweets to great multitudes of information-hungry and always-connected followers. At the same time, this information gathering and dissemination paradigm prompts some important privacy concerns about relationships between tweeters, followers and interests of the latter. In this paper, we assess privacy in today?s Twitter-like OSNs and describe an architecture and a trial implementation of a privacy-preserving service called Hummingbird. It is essentially a variant of Twitter that protects tweet contents, hashtags and follower interests from the (potentially) prying eyes of the centralized server. We argue that, although inherently limited by Twitter?s mission of scalable information-sharing, this degree of privacy is valuable. We demonstrate, via a working prototype, that Hummingbird?s additional costs are tolerably low. We also sketch out some viable enhancements that might offer better privacy in the long term.

Engineering privacy requirements valuable lessons from another realm

The Privacy by Design approach to systems engineering introduces privacy requirements in the early stages of development, instead of patching up a built system afterwards. However, 'vague', 'disconnected from technology', or 'aspirational' are some terms employed nowadays to refer to the privacy principles which must lead the development process. Although privacy has become a first-class citizen in the realm of non-functional requirements and some methodological frameworks help developers by providing design guidance, software engineers often miss a solid reference detailing which specific, technical requirements they must abide by, and a systematic methodology to follow. In this position paper, we look into a domain that has already successfully tackled these problems -web accessibility-, and propose translating their findings into the realm of privacy requirements engineering, analyzing as well the gaps not yet covered by current privacy initiatives.

Smart meter privacy by suprression of low power frequency components

This paper focuses on the problems associated with privacy protection in smart grid. We will give an overview of a possible realization of a privacy-preserving approach that encompasses privacy-utility tradeoff into a single model. This approach proposes suppression of low power frequency components as a solution to reduce the amount of information leakage from smart meter readings. We will consider the applicability of the procedure to hide the appliance usage with respect to the type of home devices.

Trust and Privacy Solutions Based on Holistic Service Requirements

The products and services designed for Smart Cities provide the necessary tools to improve the management of modern cities in a more efficient way. These tools need to gather citizens’ information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. This paper presents one of the possible solutions to manage this heterogeneity, bearing in mind these types of networks, such as Wireless Sensor Networks, have important resource limitations. A knowledge and ontology management system is proposed to facilitate the collaboration between the business, legal and technological areas. This will ease the implementation of adequate specific security and privacy policies for a given service. All these security and privacy policies are based on the information provided by the deployed platforms and by expert system processing.