Modern Socio-Technical Perspectives On Privacy

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

This book provides researchers and professionals with a foundational understanding of online privacy as well as insight into the socio-technical privacy issues that are most pertinent to modern information systems, covering several modern topics (e.g., privacy in social media, IoT) and underexplored areas (e.g., privacy accessibility, privacy for vulnerable populations, cross-cultural privacy). The book is structured in four parts, which follow after an introduction to privacy on both a technical and social level: Privacy Theory and Methods covers a range of theoretical lenses through which one can view the concept of privacy. The chapters in this part relate to modern privacy phenomena, thus emphasizing its relevance to our digital, networked lives. Next, Domains covers a number of areas in which privacy concerns and implications are particularly salient, including among others social media, healthcare, smart cities, wearable IT, and trackers. The Audiences section then highlights audiences that have traditionally been ignored when creating privacy-preserving experiences: people from other (non-Western) cultures, people with accessibility needs, adolescents, and people who are underrepresented in terms of their race, class, gender or sexual identity, religion or some combination. Finally, the chapters in Moving Forward outline approaches to privacy that move beyond one-size-fits-all solutions, explore ethical considerations, and describe the regulatory landscape that governs privacy through laws and policies. Perhaps even more so than the other chapters in this book, these chapters are forward-looking by using current personalized, ethical and legal approaches as a starting point for re-conceptualizations of privacy to serve the modern technological landscape. The book’s primary goal is to inform IT students, researchers, and professionals about both the fundamentals of online privacy and the issues that are most pertinent to modern information systems. Lecturers or teachers can assign (parts of) the book for a “professional issues” course. IT professionals may select chapters covering domains and audiences relevant to their field of work, as well as the Moving Forward chapters that cover ethical and legal aspects. Academics who are interested in studying privacy or privacy-related topics will find a broad introduction in both technical and social aspects.

Author(s): Bart P. Knijnenburg, Xinru Page, Pamela Wisniewski, Heather Richter Lipford, Nicholas Proferes, Jennifer Romano
Edition: 1
Publisher: Springer
Year: 2022

Language: English
Commentary: TruePDF
Pages: 459
Tags: Privacy; Information Systems Applications (Incl. Internet); Communication Studies; Computers And Society

Foreword
Acknowledgement
Contents
1 Introduction and Overview
1.1 Introduction
1.2 What Is Privacy?
1.3 Privacy Theory and Methods
1.4 Domains
1.5 Audiences
1.6 Moving Forward
1.7 Conclusion
References
Part I Privacy Theory and Methods
2 Privacy Theories and Frameworks
2.1 Introduction
2.2 Privacy as Information Disclosure
2.2.1 Privacy Calculus: Assessing the Benefit vs. Cost of Information Disclosures
2.2.2 Privacy Paradox: The Discrepancy Between Users' Privacy Concerns and Information Disclosure Behavior
2.2.3 Westin's Privacy Taxonomy: The Classification of Consumers' Privacy Knowledge and Preferences
2.3 Privacy as an Interpersonal Boundary Regulation Process
2.3.1 Altman's Conceptualization of Privacy
2.3.2 Petronio's Communication Privacy Management Theory
2.4 Privacy as Social Context, Norms, and Values
2.4.1 Considering Social Contexts
2.4.2 Identifying Privacy Norms and Human Values in Design
2.4.3 Applying Contextual Integrity to Practice
2.5 A Privacy Affordance and Design Perspective
2.5.1 Privacy Affordances
2.5.2 Privacy by Design
2.6 The Future of Modern Privacy: Individual Differences and User-Centered Privacy
2.7 Guidelines for Applying Privacy Frameworks in Practice
2.8 Chapter Summary
References
3 Revisiting APCO
3.1 Introduction
3.2 The APCO Model
3.2.1 The Antecedents of Privacy Concerns
3.2.2 Privacy Concerns
3.2.3 Measuring Privacy Concerns
3.2.4 Trust and Privacy Calculus
3.3 Enhanced APCO: An Expanded View on Privacy Research
3.4 The Research Landscape After APCO
3.4.1 Evolution of Technology and Personalization of Services
3.5 Conclusion and Avenues of Future Research
References
4 Privacy and Behavioral Economics
4.1 Introduction
4.2 Uncertainty
4.3 Context-Dependence
4.4 Malleability and Influence
4.5 Conclusions
References
5 The Development of Privacy Norms
5.1 Introduction
5.2 Privacy and Challenges in Relation to Technology
5.3 Privacy as Contextual Integrity
5.4 Building Expectations
5.5 Negotiating Norms and Negotiating Technology
5.6 Conclusion
References
6 Privacy Beyond the Individual Level
6.1 Introduction
6.2 Types of Groups and Types of Group Privacy
6.2.1 Types of Groups: Self-Constituted Groups and Algorithmically Determined Groups
6.2.2 Types of Group Privacy: “Their” Privacy and “Its” Privacy
6.2.3 Distinguishing Between Types and Levels of Privacy
6.3 Contemporary Practices That Influence the Privacy of Multiple Actors or Groups
6.4 Dynamics of Multi-stakeholder Privacy Decision-Making
6.5 Tensions Between Privacy Rights of Individuals Versus Groups
6.6 Recommendations for Tools and Mechanisms to Protect Privacy Beyond the Individual Level
6.7 Conclusion
References
Part II Domains
7 Social Media and Privacy
7.1 Introduction
7.2 A Brief History of Social Media
7.3 Privacy Challenges in Social Media
7.3.1 Information Disclosure/Control over Who Sees What
7.3.2 Unique Considerations for Managing Disclosures Within Social Media
7.3.3 Reputation Management Through Self-Presentation
7.3.4 Access to Oneself
7.3.5 Privacy Paradox
7.4 Reconceptualizing Social Media Privacy as Boundary Regulation
7.4.1 Boundary Regulation on Social Media
7.4.2 Coping with Social Media Privacy Violations
7.5 Addressing Privacy Challenges
7.5.1 Understanding People and Their Privacy Concerns
7.5.2 Measuring Privacy Concerns
7.5.3 Designing Privacy Features
7.5.4 Privacy Concerns and Social Disenfranchisement
7.5.5 Guidelines for Designing Privacy-Sensitive Social Media
7.6 Chapter Summary
References
8 Privacy-Enhancing Technologies
8.1 Introduction
8.2 Secure Messaging
8.3 Secure Email
8.4 HTTPS
8.4.1 HTTPS Warning Messages
8.4.2 HTTPS Development and Deployment
8.4.3 HTTPS Interception
8.5 Two-Factor Authentication
8.6 Anonymity
8.7 Summary
References
9 Tracking and Personalization
9.1 Introduction
9.2 Aspects of Personalization
9.2.1 Goals of Personalization
9.2.2 Personalization Environments
9.2.2.1 Web Personalization
9.2.2.2 Mobile Personalization
9.3 Online Tracking
9.3.1 Tracking Contexts
9.3.2 Tracking Entities
9.3.2.1 First-Party Tracking
9.3.2.2 Third-Party Tracking
9.3.3 Tracking Techniques
9.3.3.1 Deployed Tracking Techniques
9.3.3.2 Potential Tracking Techniques
9.3.4 Behavioral Tracking: State of the Art
9.4 Personalization via Online Tracking
9.4.1 Relationship
9.4.2 Privacy Implications of Personalization
9.4.3 Balancing Privacy and Personalization
9.4.3.1 Privacy-by-Design
9.4.3.2 Privacy Tools
9.5 Conclusion
References
10 Healthcare Privacy
10.1 Privacy in Healthcare
10.2 Risks
10.2.1 Data, Protected Health Information, and Applications
10.2.2 Sources and Stakeholders
10.2.3 Process and Services
10.2.4 Trade-Offs
10.3 Regulations
10.3.1 Acts
10.3.2 Legislation, Administrative Agencies, and Rules
10.3.3 Safeguards, Policies, Procedures, and Forms
10.4 Limitations and Challenges in Current Practices
10.5 Recommendations
10.5.1 Healthcare Practitioners
10.5.2 Patients and Caregivers
10.5.3 Insurance Companies
10.5.4 Technologists
10.5.5 Regulators
10.5.6 Third-Party Organizations
10.6 Conclusion
References
11 Privacy and the Internet of Things
11.1 Defining IoT
11.1.1 Wearable IoT Domain
11.1.2 Household IoT Domain
11.1.3 Public IoT Domain
11.1.4 Outline
11.2 Privacy Challenges
11.2.1 No Awareness/No Interface
11.2.2 Accumulation and Inference of Data
11.2.3 Multiple Users
11.2.4 Little Control
11.2.5 (In)Security of IoT Devices
11.3 Case Studies
11.3.1 Fitness Trackers
11.3.2 Smart Voice Assistants
11.3.3 Security Cameras
11.4 Solutions and Guidelines
11.4.1 Privacy Notices and Awareness Mechanisms
11.4.2 On Device Controls
11.4.3 Data Privacy
11.4.4 Community-Oriented Controls
11.4.5 Context-Adaptive and User-Tailored Privacy
11.5 Conclusion
References
Part III Audiences
12 Cross-Cultural Privacy Differences
12.1 Introduction
12.2 How to Study Culture
12.2.1 Cultural Dimensions
12.2.2 Cultural Differences in Behaviors
12.2.3 Cultural Differences in Perceptions
12.2.3.1 Step 1: Define a Factor Model Based on the Items in a Questionnaire
12.2.3.2 Step 2: Configural Invariance
12.2.3.3 Step 3: Metric Invariance
12.2.3.4 Step 4: Scalar Invariance
12.2.3.5 Step 5: Full Invariance
12.3 Cross-Cultural Privacy Differences in Social Media
12.3.1 Cultural Differences in Sharing with Different Social Relationships
12.3.2 Cultural Differences in Collective Privacy Management
12.3.2.1 Cultural Differences in Interpretations of Collective Privacy Management Strategies
12.3.2.2 Cultural Differences in Perceptions of Others' or Group Privacy
12.3.3 Design Implications
12.3.3.1 Invest More Effort to Support Collective Privacy Management in Collectivistic Countries
12.3.3.2 Differentiate Considerations in Audience Control in Different Cultures
12.3.3.3 Provide More Privacy Support to Protect Others' Privacy in Collectivistic Countries
12.3.3.4 Secure Individual Privacy in Individualistic Countries
12.4 Cross-Cultural Privacy Differences in Users' Information Disclosure to Organizations
12.4.1 Cultural Differences in Data Collection Entities
12.4.2 Cultural Differences in Usage Purpose
12.4.3 Cultural Differences in Collection Methods
12.4.4 Cultural Differences in Value Exchange from Data Collection
12.4.5 Cultural Differences in Third-Party Accountability
12.4.6 Design Implications
12.4.6.1 Customize Data Collection Strategies in Different Countries
12.4.6.2 Enable Different Options in Different Countries to Control Personal Data Flow
12.4.6.3 Differentiate Relationships Between Privacy Perceptions and Privacy Decisions in Different Cultures
12.5 Conclusions
References
13 Accessible Privacy
13.1 Introduction
13.2 Privacy and Underserved Populations
13.2.1 Models of Disability
13.2.2 People with Visual Impairments
13.2.3 Are Existing Privacy-Enhancing Technologies Sufficient?
13.2.4 Intersectional Privacy
13.2.5 People with Hidden Disabilities
13.2.6 People with Other Disabilities
13.3 Why Is Accessible Privacy Difficult?
13.4 Working Towards Accessible Privacy
13.5 Future Directions
References
14 Privacy in Adolescence
14.1 Introduction
14.1.1 The Developmental Stage of Adolescence
14.1.2 Adolescence as a “Privacy Paradox”
14.2 Teens and Networked Privacy: Empirical Evidence
14.2.1 Privacy Turbulence Within Families
14.2.2 Risk as a Learning Process and the Suppressive Effect of Restrictive Parental Mediation During Adolescence
14.3 Designing Sociotechnical Systems to Support Adolescence
14.4 Design Guidelines for Privacy and Risk-Taking During Adolescence
14.5 Summary
References
15 Privacy and Vulnerable Populations
15.1 Introduction
15.2 How Technology Reinforces and Promotes Inequality
15.3 Who Is Vulnerable: Defining Unique Privacy Concerns
15.3.1 Sexuality as Vulnerability
15.3.2 Domestic Abuse as Vulnerability
15.3.3 Race as Vulnerability
15.3.4 Intersections of Vulnerabilities
15.4 Privacy, the Self and Social Norms
15.4.1 How Existing Privacy Frameworks Are Inadequate
15.5 Better Frameworks for Vulnerable Populations
15.6 Actionable Guidelines
15.6.1 A Thought Experiment
15.6.2 Reimagining Privacy for Inclusivity
References
Part IV Moving Forward
16 User-Tailored Privacy
16.1 Introduction
16.1.1 The Limitations of Technical Solutions to Privacy
16.1.2 The Limitations of Privacy by Design
16.1.3 The Limitations of Notice and Choice
16.1.4 The Limitations of Privacy Nudging
16.1.5 A Case for User-Tailored Privacy
16.2 The UTP Framework
16.3 Measuring the User
16.3.1 The Data (What)
16.3.2 The User (Who)
16.3.3 The Recipient (To Whom)
16.3.4 Other Factors
16.4 Modeling Privacy
16.4.1 Types of Input
16.4.2 Algorithms
16.4.3 The Adaptation Target: What Should UTP Try to Accomplish?
16.5 Adapting the System
16.5.1 Intelligent Privacy Settings
16.5.2 Augmented Privacy Notices
16.5.3 Adaptive Privacy-Setting Interfaces
16.5.4 Privacy-Aware Personalization
16.6 What Should Be the End-Goal of UTP?
16.6.1 Support the User
16.6.2 Teach the User
16.6.3 Help the Recipient
16.6.4 Reconciling the Differences
16.7 Problems That May Arise When Implementing UTP
16.7.1 Problems Related to Privacy Modeling
16.7.2 Problems Related to Adapting the System
16.8 Conclusion
References
17 The Ethics of Privacy in Research and Design: Principles, Practices, and Potential
17.1 Introduction
17.2 Eras of Privacy Ethics
17.2.1 Research Ethics and Emerging Technologies
17.2.2 Changing Contexts of Concern
17.2.2.1 Privacy 1.0
17.2.2.2 Privacy 2.0
17.2.2.3 Privacy 3.0
17.2.2.4 Privacy 4.0
17.2.2.5 Privacy 5.0
17.3 Ethical Decision-Making and Key Issues
17.3.1 Principles and Patients: Reception
17.3.2 Action and Agents: Transmission
17.3.3 Privacy's Network and Hub
17.4 Reframing Privacy Ethics: Emerging Ethical Challenges
17.4.1 Autonomy as Dignity: From Data Protection to Multifaceted Forms of Intrusion
17.4.2 Autonomy as Agency: From Consent to Access
17.4.3 Justice: From Material Risk to Fairness and Due Process
17.4.4 Non-maleficence and Beneficence: From Individual Risk to Collective Societal Good
17.4.4.1 Non-maleficence
17.4.4.2 Beneficence
17.4.5 Explicability: From Data Transparency to Process Intelligibility
17.5 Guidelines for Research and Practice
17.5.1 Technical Standards
17.5.2 Statements of Principles
17.5.3 Codes of Conduct
17.5.4 Curricular Programs
17.6 Conclusion
References
18 EU GDPR: Toward a Regulatory Initiative for Deploying a Private Digital Era
18.1 Introduction
18.2 Data Protection in EU
18.2.1 General Data Protection Regulation (EU) 2016/679
18.2.2 Introduction of the New Concepts of the GDPR
18.2.3 Ten Steps for Compliance of Data Processors and Data Controllers
18.3 Global Privacy Landscape
18.4 Conclusions
References
19 Reflections: Bringing Privacy to Practice
19.1 Introduction
19.2 Why Industry-Academic Partnerships Are Valuable
19.2.1 Applied Research Benefiting from Academic Research
19.2.2 Academic Research Benefiting from Applied Research
19.2.3 How Academics Can Best Contribute to Applied Outcomes
19.2.4 Successful Relationships
19.3 Why These Partnerships Are Challenging
19.4 Actionable Strategies for Making These Partnerships Work
19.4.1 Provide Funding Sources
19.4.2 Invest in the Next Generation of Scholars
19.4.3 Sharing Work
19.4.4 Sharing Data and Resources