Security and privacy concerns for Australian SMEs cloud adoption: empirical study of metropolitan vs regional SMEs

New national infrastructure initiatives such as the National Broadband Network (NBN) allow small and medium-sized enterprises (SMEs) in Australia to have greater access to cost effective Cloud computing. However, the ability of Cloud computing to store data remotely and share services in a dynamic environment brings with it security and privacy concerns. Evaluating these concerns is critical to address the Cloud computing underutilisation issue and leverage the benefits of costly NBN investment. This paper examines the influence of privacy and security factors on Cloud adoption by Australian SMEs in metropolitan and regional area. Data were collected from 150 Australian SMEs (specifically, 79 metropolitan SMEs and 71 regional SMEs) and structural equation modelling was used for the analysis. The findings reveal that privacy and security factors do not significantly influence the decision-making of Australian SMEs in the adoption of Cloud computing. Moreover, the results indicate that Cloud computing adoption is not influenced by the geographical location (i.e., metropolitan or regional location) of the SMEs. The findings extend the current understanding of Cloud computing adoption by Australian SMEs. The results will be useful to SMEs, Cloud service providers and policy makers devising Cloud security and privacy policies.

Privacy aware K-means clustering with high utility

Privacy-preserving data mining aims to keep data safe, yet useful. But algorithms providing strong guarantees often end up with low utility. We propose a novel privacy preserving framework that thwarts an adversary from inferring an unknown data point by ensuring that the estimation error is almost invariant to the inclusion/exclusion of the data point. By focusing directly on the estimation error of the data point, our framework is able to significantly lower the perturbation required. We use this framework to propose a new privacy aware K-means clustering algorithm. Using both synthetic and real datasets, we demonstrate that the utility of this algorithm is almost equal to that of the unperturbed K-means, and at strict privacy levels, almost twice as good as compared to the differential privacy counterpart.

Privacy preserving collaborative filtering for KNN attack resisting

Privacy preserving is an essential aspect of modern recommender systems. However, the traditional approaches can hardly provide a rigid and provable privacy guarantee for recommender systems, especially for those systems based on collaborative filtering (CF) methods. Recent research revealed that by observing the public output of the CF, the adversary could infer the historical ratings of the particular user, which is known as the KNN attack and is considered a serious privacy violation for recommender systems. This paper addresses the privacy issue in CF by proposing a Private Neighbor Collaborative Filtering (PriCF) algorithm, which is constructed on the basis of the notion of differential privacy. PriCF contains an essential privacy operation, Private Neighbor Selection, in which the Laplace noise is added to hide the identity of neighbors and the ratings of each neighbor. To retain the utility, the Recommendation-Aware Sensitivity and a re-designed truncated similarity are introduced to enhance the performance of recommendations. A theoretical analysis shows that the proposed algorithm can resist the KNN attack while retaining the accuracy of recommendations. The experimental results on two real datasets show that the proposed PriCF algorithm retains most of the utility with a fixed privacy budget.

Social Media, Privacy, and the Academic Classroom

We live in a world full of social media and portable technology that allows for the effortless access to, and sharing of, information. While this constant connection can be viewed as a benefit by some, there have been recent, sometimes embarrassing, instances throughout the world that show just how quickly any expectation of privacy can be destroyed. From pictures of poorly dressed shoppers at a grocery store to customers recording interactions with their servers at restaurants, the internet is full of media (all with the potential to go viral) created and posted without consent of all parties captured. This risk to privacy is not just limited to retail and restaurants, as being in any situation amongst people puts you at risk, including being in an academic classroom. Anyone providing in-class instruction, be they professor or librarian, can be at risk for this type of violation of privacy. In addition, the students in the class are also at risk for being unwittingly captured by their classmates. To combat this, colleges and universities are providing recommendations to faculty regarding this issue, such as including suggested syllabus statements about classroom recording by students. In some instances, colleges and universities have instituted formal policies with strict penalties for violators. An overview of current privacy law as it relates to an academic setting is discussed as well as recent, newsworthy instances of student recording in the classroom and the resulting controversies. Additionally, there is a discussion highlighting various recommendations and formal policies that have been issued and adopted by colleges and universities around the country. Finally, advice is offered about what librarians can do to educate students, faculty, and staff about the privacy rights of others and the potential harm that could come from posting to social media and the open web images and video of others without their consent.

Privacy Advocacy in Libraries in the Age of Mass Surveillance

Alison Macrina is the founder and director of the Library Freedom Project, an initiative that aims to make real the promise of intellectual freedom in libraries. The Library Freedom Project trains librarians on the state of global surveillance, privacy rights, and privacy-protecting technology, so that librarians may in turn teach their communities about safeguarding privacy. In 2015, Alison was named one of Library Journal‘s Movers and Shakers. Read more about the Library Freedom Project at libraryfreedomproject.org.

Protecting Your Search Privacy: A Lesson Plan

Each year search engines like Google, Bing and Yahoo, complete trillions of search queries online. Students are especially dependent on these search tools because of their popularity, convenience and accessibility. However, what students are unaware of, by choice or naiveté is the amount of personal information that is collected during each search session, how that data is used and who is interested in their online behavior profile. Privacy policies are frequently updated in favor of the search companies but are lengthy and often are perused briefly or ignored entirely with little thought about how personal web habits are being exploited for analytics and marketing. As an Information Literacy instructor, and a member of the Electronic Frontier Foundation, I believe in the importance of educating college students and web users in general that they have a right to privacy online. Class discussions on the topic of web privacy have yielded an interesting perspective on internet search usage. Students are unaware of how their online behavior is recorded and have consistently expressed their hesitancy to use tools that disguise or delete their IP address because of the stigma that it may imply they have something to hide or are engaging in illegal activity. Additionally, students fear they will have to surrender the convenience of uber connectivity in their applications to maintain their privacy. The purpose of this lightning presentation is to provide educators with a lesson plan highlighting and simplifying the privacy terms for the three major search engines, Google, Bing and Yahoo. This presentation focuses on what data these search engines collect about users, how that data is used and alternative search solutions, like DuckDuckGo, for increased privacy. Students will directly benefit from this lesson because informed internet users can protect their data, feel safer online and become more effective web searchers.

Library Privacy Policies in 2015: Strategies for Renewed Relevance

In recent decades, library associations have advocated for the adoption of privacy and confidentiality policies as practical support to the Library Code of Ethics with a threefold purpose to (1) define and uphold privacy practices within the library, (2) convey privacy practices to patrons and, (3) protect against potential liability and public relations problems. The adoption of such policies has been instrumental in providing libraries with effective responses to surveillance initiatives such as warrantless requests and the USA PATRIOT ACT. Nevertheless, as reflected in recent news stories, the rapid emergence of data brokerage relationships and technologies and the increasing need for libraries to utilize third party vendor services have increased opportunities for data surveillers to access patrons’ personal information and reading habits, which are funneled and made available through multiple online library service platforms. Additionally, the advice that libraries should “contract for the same level of privacy reflected in their privacy policies” is no longer realistic given that the existence of multiple vendor contracts negotiated at arms length is likely to produce varying privacy terms and even varying definitions of what constitutes personal information (PII). These conditions sharply threaten the effectiveness and relevance of library privacy policies and privacy initiatives in that such policies increasingly offer false comfort by failing to reflect privacy weaknesses in the data sharing landscape and vendor contracts when library-vendor contracts fail to keep up with vendor data sharing capabilities. While some argue that library privacy ethics are antiquated and rendered obscure in the current online sharing economy PEW studies point to pronounced public discomfort with increasing privacy erosion. At the same time, new directions in FTC enforcement raise the possibility that public institutions’ privacy policies may serve as swords to unfair or deceptive commercial trade practices – offering the potential of renewed relevance for library privacy and confidentiality policies. This dual coin of public concern and the potential for enhanced FTC enforcement suggests that when crafting privacy polices libraries must now walk the knife’s edge by offering patrons both realistic notice about the limitations of protections the library can ensure while at the same time publicly holding vendors accountable to library privacy ethics and expectations. Potential solutions for how to walk this edge are developed and offered as a subject for further discussion to assist the modification of model policies for both public and academic libraries alike.

New laws for author's rights: adequate for digital preservation?

Introduction. Besides technical and economic-organisational problems, digital preservation also faces legal issues, especially regarding copyright legislation, since all digital preservation strategies involve copying materials and/or using software which is typically copyrighted. The purpose of this paper is to ascertain the extent to which current copyright laws meet the preservation requirements of library materials..Methodology. A cross-sectional analysis of recently updated national copyright laws as well as the impact of the other two protection methods: contractual and technological.Results. Even after the latest updates current copyright legislation is almost useless for digital preservation activities since the opportunities provided by WIPO Copyright Treaty to adapt and extend copyright exceptions and limitations have been used to the full.Conclusion. We need a legislation reform that will make it possible to carry out all required copying and communication activities and software use, even if circumventing technological protection is needed. But that is not enough for licensed works. The best solution for this kind of work is to include specific clauses in the licences that facilitate preservation activities. Thus, cooperation between both parties, libraries and rights' holders, is essential.

CARISPLAN procedure manual: for the use of the personal author record card

Manual de procedimiento para el uso de la tarjeta de registro de autores personales del Sistema de Información en Planificación para el Caribe (CARISPLAN).