Contextualizing the tensions and weaknesses of information privacy and data breach notification laws

Data breach notification laws have detailed numerous failures relating to the protection of personal information that have blighted both corporate and governmental institutions. There are obvious parallels between data breach notification and information privacy law as they both involve the protection of personal information. However, a closer examination of both laws reveals conceptual differences that give rise to vertical tensions between each law and shared horizontal weaknesses within both laws. Tensions emanate from conflicting approaches to the implementation of information privacy law that results in different regimes and the implementation of different types of protections. Shared weaknesses arise from an overt focus on specified types of personal information which results in ‘one size fits all’ legal remedies. The author contends that a greater contextual approach which promotes the importance of social context is required and highlights the effect that contextualization could have on both laws.

Information accountability for online healthcare social networks

Online social networking has become one of the most popular Internet applications in the modern era. They have given the Internet users, access to information that other Internet based applications are unable to. Although many of the popular online social networking web sites are focused towards entertainment purposes, sharing information can benefit the healthcare industry in terms of both efficiency and effectiveness. But the capability to share personal information; the factor which has made online social networks so popular, is itself a major obstacle when considering information security and privacy aspects. Healthcare can benefit from online social networking if they are implemented such that sensitive patient information can be safeguarded from ill exposure. But in an industry such as healthcare where the availability of information is crucial for better decision making, information must be made available to the appropriate parties when they require it. Hence the traditional mechanisms for information security and privacy protection may not be suitable for healthcare. In this paper we propose a solution to privacy enhancement in online healthcare social networks through the use of an information accountability mechanism.

The conceptual and operational compatibility of data breach notification and information privacy laws

Mandatory data breach notification laws are a novel and potentially important legal instrument regarding organisational protection of personal information. These laws require organisations that have suffered a data breach involving personal information to notify those persons that may be affected, and potentially government authorities, about the breach. The Australian Law Reform Commission (ALRC) has proposed the creation of a mandatory data breach notification scheme, implemented via amendments to the Privacy Act 1988 (Cth). However, the conceptual differences between data breach notification law and information privacy law are such that it is questionable whether a data breach notification scheme can be solely implemented via an information privacy law. Accordingly, this thesis by publications investigated, through six journal articles, the extent to which data breach notification law was conceptually and operationally compatible with information privacy law. The assessment of compatibility began with the identification of key issues related to data breach notification law. The first article, Stakeholder Perspectives Regarding the Mandatory Notification of Australian Data Breaches started this stage of the research which concluded in the second article, The Mandatory Notification of Data Breaches: Issues Arising for Australian and EU Legal Developments (‘Mandatory Notification‘). A key issue that emerged was whether data breach notification was itself an information privacy issue. This notion guided the remaining research and focused attention towards the next stage of research, an examination of the conceptual and operational foundations of both laws. The second article, Mandatory Notification and the third article, Encryption Safe Harbours and Data Breach Notification Laws did so from the perspective of data breach notification law. The fourth article, The Conceptual Basis of Personal Information in Australian Privacy Law and the fifth article, Privacy Invasive Geo-Mashups: Privacy 2.0 and the Limits of First Generation Information Privacy Laws did so for information privacy law. The final article, Contextualizing the Tensions and Weaknesses of Information Privacy and Data Breach Notification Laws synthesised previous research findings within the framework of contextualisation, principally developed by Nissenbaum. The examination of conceptual and operational foundations revealed tensions between both laws and shared weaknesses within both laws. First, the distinction between sectoral and comprehensive information privacy legal regimes was important as it shaped the development of US data breach notification laws and their subsequent implementable scope in other jurisdictions. Second, the sectoral versus comprehensive distinction produced different emphases in relation to data breach notification thus leading to different forms of remedy. The prime example is the distinction between market-based initiatives found in US data breach notification laws compared to rights-based protections found in the EU and Australia. Third, both laws are predicated on the regulation of personal information exchange processes even though both laws regulate this process from different perspectives, namely, a context independent or context dependent approach. Fourth, both laws have limited notions of harm that is further constrained by restrictive accountability frameworks. The findings of the research suggest that data breach notification is more compatible with information privacy law in some respects than others. Apparent compatibilities clearly exist as both laws have an interest in the protection of personal information. However, this thesis revealed that ostensible similarities are founded on some significant differences. Data breach notification law is either a comprehensive facet to a sectoral approach or a sectoral adjunct to a comprehensive regime. However, whilst there are fundamental differences between both laws they are not so great to make them incompatible with each other. The similarities between both laws are sufficient to forge compatibilities but it is likely that the distinctions between them will produce anomalies particularly if both laws are applied from a perspective that negates contextualisation.

Tensions in developing a secure collective information practice : the case of Agile Ridesharing

Many current HCI, social networking, ubiquitous computing, and context aware designs, in order for the design to function, have access to, or collect, significant personal information about the user. This raises concerns about privacy and security, in both the research community and main-stream media. From a practical perspective, in the social world, secrecy and security form an ongoing accomplishment rather than something that is set up and left alone. We explore how design can support privacy as practical action, and investigate the notion of collective information-practice of privacy and security concerns of participants of a mobile, social software for ride sharing. This paper contributes an understanding of HCI security and privacy tensions, discovered while “designing in use” using a Reflective, Agile, Iterative Design (RAID) method.

Information sharing in Onesocialweb using a multiple profile manager to better informed medical decision making processes

The study shows an alternative solution to existing efforts at solving the problem of how to centrally manage and synchronise users’ Multiple Profiles (MP) across multiple discrete social networks. Most social network users hold more than one social network account and utilise them in different ways depending on the digital context (Iannella, 2009a). They may, for example, enjoy friendly chat on Facebook1, professional discussion on LinkedIn2, and health information exchange on PatientsLikeMe3 In this thesis the researcher proposes a framework for the management of a user’s multiple online social network profiles. A demonstrator, called Multiple Profile Manager (MPM), will be showcased to illustrate how effective the framework will be. The MPM will achieve the required profile management and synchronisation using a free, open, decentralized social networking platform (OSW) that was proposed by the Vodafone Group in 2010. The proposed MPM will enable a user to create and manage an integrated profile (IP) and share/synchronise this profile with all their social networks. The necessary protocols to support the prototype are also proposed by the researcher. The MPM protocol specification defines an Extensible Messaging and Presence Protocol (XMPP) extension for sharing vCard and social network accounts information between the MPM Server, MPM Client, and social network sites (SNSs). . Therefore many web users need to manage disparate profiles across many distributed online sources. Maintaining these profiles is cumbersome, time-consuming, inefficient, and may lead to lost opportunity. The writer of this thesis adopted a research approach and a number of use cases for the implementation of the project. The use cases were created to capture the functional requirements of the MPM and to describe the interactions between users and the MPM. In the research a development process was followed in establishing the prototype and related protocols. The use cases were subsequently used to illustrate the prototype via the screenshots taken of the MPM client interfaces. The use cases also played a role in evaluating the outcomes of the research such as the framework, prototype, and the related protocols. An innovative application of this project is in the area of public health informatics. The researcher utilised the prototype to examine how the framework might benefit patients and physicians. The framework can greatly enhance health information management for patients and more importantly offer a more comprehensive personal health overview of patients to physicians. This will give a more complete picture of the patient’s background than is currently available and will prove helpful in providing the right treatment. The MPM prototype and related protocols have a high application value as they can be integrated into the real OSW platform and so serve users in the modern digital world. They also provide online users with a real platform for centrally storing their complete profile data, efficiently managing their personal information, and moreover, synchronising the overall complete profile with each of their discrete profiles stored in their different social network sites.

Sense-making across space and time : implications for the organization and findability of information

This paper presents the results from a study of information behaviors, with specific focus on information organisation-related behaviours conducted as part of a larger daily diary study with 34 participants. The findings indicate that organization of information in everyday life is a problematic area due to various factors. The self-evident one is the inter-subjectivity between the person who may have organized the information and the person looking for that same information (Berlin et. al., 1993). Increasingly though, we are not just looking for information within collections that have been designed by someone else, but within our own personal collections of information, which frequently include books, electronic files, photos, records, documents, desktops, web bookmarks, and portable devices. The passage of time between when we categorized or classified the information, and the time when we look for the same information, poses several problems of intra-subjectivity, or the difference between our own past and present perceptions of the same information. Information searching, and hence the retrieval of information from one's own collection of information in everyday life involved a spatial and temporal coordination with one's own past selves in a sort of cognitive and affective time travel, just as organizing information is a form of anticipatory coordination with one's future information needs. This has implications for finding information and also on personal information management.

Privacy in the new era of visible and sharable energy-use information

A new era of visible and sharable electricity information is emerging. Where eco-feedback is installed, households can now visualise many aspects of their energy consumption and share this information with others through Internet platforms such as social media. Despite providing users with many affordances, eco-feedback information can make public previously private actions from within the intimate setting of the family home. This paper represents a study focussing specifically on the privacy aspects of nascent ways for viewing and sharing this new stream of personal information. It explores the nuances of privacy related to eco-feedback both within and beyond the family home. While electricity consumption information may not be considered private itself, the household practices which eco-feedback systems makes visible may be private. We show that breaches of privacy can occur in unexpected ways and have the potential to cause distress. The paper concludes with some suggestions for how to realise the benefits of sharing energy consumption information whist effectively maintaining individuals’ conceptions of adequate privacy.

Surviving the Information Explosion: How People Find Their Electronic Information

We report on a study of how people look for information within email, files, and the Web. When locating a document or searching for a specific answer, people relied on their contextual knowledge of their information target to help them find it, often associating the target with a specific document. They appeared to prefer to use this contextual information as a guide in navigating locally in small steps to the desired document rather than directly jumping to their target. We found this behavior was especially true for people with unstructured information organization. We discuss the implications of our findings for the design of personal information management tools.

THE INFORMATION ERA THREATENS PRIVACY: A Comparative Study of Electronic Money’s Privacy Policies and Privacy Laws

This thesis consists of an analysis of electronic money (e-money), e-money’s privacy policies and relevant privacy laws. The value of information and the development of technology enhance the risk of privacy violations in the information era. Consumer privacy interests with respect to e-money are governed in part by the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada and by the European Union’s Data Protection Directive. The analysis is directed at whether the privacy policies of three kinds of e-money – Octopus Card, PayPal and MasterCard – comply with the spirit and letter of these laws. In light of technology change, the laws should be interpreted to apply broadly to protect privacy interests. Enhanced privacy protection may in fact lead to greater adoption of e-money by consumers.

Openness and privacy in Ontario: an evaluation of the implementation of FIPPA : (The Freedom of Information and Protection of Privacy Act, 1987, Chapter 25 and Ontario Regulation 532/87) /

Since the early 1970's, Canadians have expressed many concerns about the growth of government and its impact on their daily lives. The public has requested increased access to government documents and improved protection of the personal information which is held in government files and data banks. At the same time, both academics and practitioners in the field of public administration have become more interested in the values that public servants bring to their decisions and recommendations. Certain administrative values, such as accountability and integrity, have taken on greater relative importance. The purpose of this thesis is to examine the implementation of Ontario's access and privacy law. It centres on the question of whether or not the Freedom of Information and Protection of Privacy Act, 1987, (FIPPA) has answered the demand for open access to government while at the same time protecting the personal privacy of individual citizens. It also assesses the extent to which this relatively new piece of legislation has made a difference to the people of Ontario. The thesis presents an overview of the issues of freedom of information and protection of privacy in Ontario. It begins with the evolution of the legislation and a description of the law itself. It focuses on the structures and processes which have been established to meet the procedural and administrative demands of the Act. These structures and processes are evaluated in two ways. First, the thesis evaluates how open the Ontario government has become and, second, it determines how Ill carefully the privacy rights of individuals are safeguarded. An analytical framework of administrative values is used to evaluate the overall performance of the government in these two areas. The conclusion is drawn that, overall, the Ontario government has effectively implemented the Freedom of Information and Protection of Privacy Act, particularly by providing access to most government-held documents. The protection of individual privacy has proved to be not only more difficult to achieve, but more difficult to evaluate. However, the administrative culture of the Ontario bureaucracy is shown to be committed to ensuring that the access and privacy rights of citizens are respected.

Articulation of information requirements for personalised knowledge and construction

The quality of information provision influences considerably knowledge construction driven by individual users’ needs. In the design of information systems for e-learning, personal information requirements should be incorporated to determine a selection of suitable learning content, instructive sequencing for learning content, and effective presentation of learning content. This is considered as an important part of instructional design for a personalised information package. The current research reveals that there is a lack of means by which individual users’ information requirements can be effectively incorporated to support personal knowledge construction. This paper presents a method which enables an articulation of users’ requirements based on the rooted learning theories and requirements engineering paradigms. The user’s information requirements can be systematically encapsulated in a user profile (i.e. user requirements space), and further transformed onto instructional design specifications (i.e. information space). These two spaces allow the discovering of information requirements patterns for self-maintaining and self-adapting personalisation that enhance experience in the knowledge construction process.

Personal acquaintance measure : distinguishing among friends and good and bad customers

Evidence from social psychology confirms that strong relationships are founded on deep knowledge of others gained over long periods after sharing personal information. The existence, benefit, and management of relationships are also topics of increasing interest in Marketing. This paper reports on the results of a study of sales persons’ assessments of their personal acquaintance with friends and customers. The results indicate that personal acquaintance as a construct and measure can be successfully employed in a business context and used to distinguish among friends and good and bad customers. The findings open the way for the use of the construct in a commercial context as well as in the development of marketing theory. Limitations and avenues for future research are given.

Personal acquaintances and salespeople in financial services: Differences between customers and friends

The existence, benefit and management of customer–salesperson relationships in the marketing of financial services are topics of increasing interest. Much of the sales and marketing literature implies that because of time spent together, salespeople and some of their customers develop close relationships that are akin to friendships. Evidence from social psychology confirms that strong relationships are founded in deep knowledge of others gained over long periods after sharing personal information. This paper reports on the results of a study of salespeople's assessments of their personal acquaintance with customers and friends in a financial services setting. The results indicate that salespeople do not classify customers as friends on all the dimensions of personal acquaintance. Furthermore, the nature of personal acquaintance differs between ‘good’ customers (those salespeople enjoy serving), and ‘bad’ (those they do not), with the exception of the personal acquaintance dimensions of interaction frequency and personal disclosure. We discuss the implications for practice and make recommendations for future research.

Cost analysis of opt-in consent procedures for the Texas statewide immunization information system, ImmTrac

Background. Childhood immunization programs have dramatically reduced the morbidity and mortality associated with vaccine-preventable diseases. Proper documentation of immunizations that have been administered is essential to prevent duplicate immunization of children. To help improve documentation, immunization information systems (IISs) have been developed. IISs are comprehensive repositories of immunization information for children residing within a geographic region. The two models for participation in an IIS are voluntary inclusion, or "opt-in," and voluntary exclusion, or "opt-out." In an opt-in system, consent must be obtained for each participant, conversely, in an opt-out IIS, all children are included unless procedures to exclude the child are completed. Consent requirements for participation vary by state; the Texas IIS, ImmTrac, is an opt-in system.^ Objectives. The specific objectives are to: (1) Evaluate the variance among the time and costs associated with collecting ImmTrac consent at public and private birthing hospitals in the Greater Houston area; (2) Estimate the total costs associated with collecting ImmTrac consent at selected public and private birthing hospitals in the Greater Houston area; (3) Describe the alternative opt-out process for collecting ImmTrac consent at birth and discuss the associated cost savings relative to an opt-in system.^ Methods. Existing time-motion studies (n=281) conducted between October, 2006 and August, 2007 at 8 birthing hospitals in the Greater Houston area were used to assess the time and costs associated with obtaining ImmTrac consent at birth. All data analyzed are deidentified and contain no personal information. Variations in time and costs at each location were assessed and total costs per child and costs per year were estimated. The cost of an alternative opt-out system was also calculated.^ Results. The median time required by birth registrars to complete consent procedures varied from 72-285 seconds per child. The annual costs associated with obtaining consent for 388,285 newborns in ImmTrac's opt-in consent process were estimated at $702,000. The corresponding costs of the proposed opt-out system were estimated to total $194,000 per year. ^ Conclusions. Substantial variation in the time and costs associated with completion of ImmTrac consent procedures were observed. Changing to an opt-out system for participation could represent significant cost savings. ^

Información personal: la nueva moneda de la economía digital

Technological progress has profoundly changed the way personal data are collected, accessed and used. Those data make possible unprecedented customization of advertising which, in turn, is the business model adopted by many of the most successful Internet companies. Yet measuring the value being generated is still a complex task. This paper presents a review of the literature on this subject. It has been found that the economic analysis of personal information has been conducted up to now from a qualitative perspective mainly linked to privacy issues. A better understanding of a quantitative approach to this topic is urgently needed.