Remapping the Digital Divide

Abstract

Just as the introduction of advanced information technologies—computers, telecommunications, microform systems, video and audio devices—into the realms of business, agriculture, education, various social services, and science has had a decided impact on those vital activities, so are these “tools” and their related methodologies having an effect on emergency management. The growing complexity of our society is necessitating changes in many institutions and processes, and nowhere is this more apparent than in the four phases of emergency management: mitigation, preparedness, response, and recovery. One approach to enhancing governmental preparedness, both at the federal and state‐local levels, is through the selective utilization of devices and networks which facilitate and improve the collection, storage, processing, and dissemination of information vital to those who must anticipate and cope with a range of disasters.     

“Privacy by Design” implementation: Information system engineers’ perspective

In privacy information security literature, Privacy by Design (PbD) is recognized as a positive protection paradigm capable of providing higher privacy protection throughout information products’ entire lifetime. It is becoming the dominant privacy protection pattern. Considered to be a promising development tendency towards the information industry, it is garnering interest among researchers and professionals. However, PbD still lacks specific implementation instructions, and it is not popularized among information system engineers. Weighing the pros and cons leads to information system engineers’ uncertainty regarding PbD adoption, since existing research on the linkage between PbD implementation and information system engineers’ individual factors is inconclusive. Through the lenses of information system engineers, this study aims to advance implementation of PbD by exploring the influence factors of individual and organizational contexts. Real data from 253 practitioners in China’s IT industry were used to understand the antecedent of PbD implementation and interaction effects among different dimensions of engineers’ adopting behaviors. The findings have demonstrated that appropriate incentive mechanism is a critical factor in PbD implementation by promoting engineer’s social influence regarding PbD usage and further affecting both their intentions about adopting PbD and implementing action. This study reveals, for the first time, the role of incentive mechanism in advancing PbD implementation from the information system engineer perspective, and contributes to a deeper understanding of the determinants of PbD adoption by providing a holistic theoretical lens. The findings provide theoretical guidance to IT organizations with guidelines on PbD implementation for higher privacy information protection performance of products.     

Looking Backward and Forward at the Internet

This article reviews accounts of the origins and growth of the global Internet with an interest in their implications for the future. Many accounts take overly restricted views of technical development. For instance, the Internet is often seen simply as the outgrowth of U.S. Defense Department work and popular enthusiasm. Recent interdisciplinary studies of technology present a more complex picture of how innovations are developed. They highlight technical alternatives, contributions of diverse groups, variety in meanings of technologies, and the overall surprising character of technology development. They suggest that the Internet has multiple origins and numerous particular reasons for its spread. Current discussions of the entry of Internet technologies into consumers' homes and the convergence among computing, media, and telecommunications enterprises represent examples of more complex accounts of technology development. Such accounts will likely provide more powerful bases for policy, management, and design.     

Making Sense of Research: The Dynamics of Management Research in France 1

Privacy is universal value. But according to The Economist in 1999 it is finished - killed off by the remarkable capacity of information technology to analyse, trace and re-assemble personal data: affording an unprecedented insight into individual attitudes and activities. Based on the progress made in implementing the OECD Guidelines on Privacy (1980), the author, who chaired the OECD group that devised those Guidelines, reviews their impact, the need to update them and contemporary proposals for new privacy protections suitable to the current technologies. He concludes that the capacity to uphold human values in the context of new technologies, such as informatics and genomics, presents one of the largest ethical questions for the 21st century.     

A meta-analysis to explore privacy cognition and information disclosure of internet users

Based on the Elaboration Likelihood Model (ELM), this study identifies the differences between perceived privacy risks and privacy concern. Furthermore, the study analyses how perceived privacy risks and privacy concerns affect the disclosure intention and the actual information disclosure behavior of Internet users. In addition, the study discusses the moderating effects of platform types, from the perspective of privacy elaboration likelihood. By applying meta-analyses and SEM on 104 independent studies with 42,256 samples from existing empirical studies, we attempt to systematically reveal the relationship between privacy cognition and information disclosure. The results show that perceived privacy risks can significantly reduce personal information disclosure intention, as well as actual information disclosure behavior. However, privacy concerns only affect disclosure intention, but do not have a significant effect on actual information disclosure behavior. The study also verified that platform types have moderating effects on the privacy decision making of Internet users. The findings yield important and useful implications, both for research and for practice.     

Data Retention and the Panoptic Society: The Social Benefits of Forgetfulness

Modern information systems not only capture a seemingly endless amount of transactional data, but also tend to retain it for indefinite periods of time. We argue that privacy policies must address not only collection and access to transactional information, but also its timely disposal. One unintended side effect of data retention is the disappearance of social forgetfulness, which allows individuals a second chance, the opportunity for a fresh start in life. We examine three domains in which social policy has explicitly recognized the importance of such a principle: bankruptcy law, juvenile crime records, and credit reports. In each case, we frame the issue in terms of the social benefits of forgetfulness, rather than in terms of individual privacy protection. We examine how different policy approaches to privacy might handle the retention of data and propose a comprehensive policy that includes a variety of strategies. The broad conclusion of the article is that data retention and disposal should be addressed as a part of a broader and comprehensive policy approach, rather than in a piecemeal fashion or as an afterthought.     

Web Security and Privacy: An American Perspective

Browsing the Web gives one the heady feeling of walking without footprints in cyberspace. Yet data surveillance can be both ubiquitous and transparent to the user. Can those who browse the Web protect their privacy? And does it matter if they cannot? I offer answers to these questions from the American legal tradition. The American legal tradition focuses on a right to privacy, rather than a need for data protection. To answer these questions I begin by delineating the differences among privacy, security, and anonymity. I then discuss what information is transferred during Web browsing. I describe some of the available technology for privacy protection, including public and private key cryptography and Web proxies. I then describe the American tradition of privacy in common, statutory, and constitutional law. With the support of this tradition, I close by arguing that although privacy in Web browsing has no current legal protection in the United States, the right to privacy in the analogue equivalents has been recognized in the American legal tradition.     

Privacy in social networks: An analysis of Facebook

The only way to be aware of the risks and threats of Facebook, the most commonly used social networking site in the world and Turkey, is to be a careful user changing the default settings or simply not to have a Facebook account. In Turkey, there is still no study in which personal information shared though social networking sites has been evaluated in terms of privacy. For this reason, the findings obtained of this study have a great importance in the general picture of the current situation and drawing attention to the risks of the issue in Turkey where there are no legal arrangements effectively protecting the users from such sites. This study aims to investigate the Facebook privacy of information professionals who are members of KUTUP-L, and to determine the sensitivity and level of awareness of information professionals in Turkey. Facebook user profiles of 400 information professionals, all KUTUP-L members, have been analyzed in a study examining 32 different privacy settings. A privacy score has been calculated for each user, and the relations between privacy results have been analyzed. The findings at the end of the study show that information professionals in Turkey do pay attention to privacy, and most of the users change the default settings in order to protect their personal information.     

Mobile application security: Role of perceived privacy as the predictor of security perceptions

Despite mobile applications being at the frontier of mobile computation technologies, security issues pose a threat to their adoption and diffusion. Recent studies suggest that security violations could be mitigated through improved security behaviors and attitudes, not just through better technologies. Existing literature on behavioral security suggests that one of the main predictors of users’ perceptions of security is their perceived privacy concerns. Using communication privacy management theory (CPM), this study examines the effects of privacy-related perceptions, such as privacy risk and the effectiveness of privacy policies, on the security perceptions of mobile app users. To empirically test the proposed theoretical model, two survey studies were conducted using mobile apps requesting less sensitive information (n = 487) and more sensitive information (n = 559). The findings show that the perceived privacy risk negatively influences the perceived security of the mobile apps; the perceived effectiveness of a privacy policy positively influences user perceptions of mobile app security; and perceived privacy awareness moderates the effect of perceived privacy risk on the perceived security of mobile apps. The results also suggest that users have different privacy-security perceptions based on the information sensitivity of the mobile apps. Theoretical and practical implications are discussed.     

Ethics for the New Surveillance

The Principles of Fair Information Practice are almost three decades old and need to be broadened to take account of new technologies for collecting personal information such as drug testing, video cameras, electronic location monitoring, and the Internet. I argue that the ethics of a surveillance activity must be judged according to the means, the context and conditions of data collection, and the uses/goals, and suggest 29 questions related to this. The more one can answer these questions in a way that affirms the underlying principle (or a condition supportive of it), the more ethical the use of a tactic is likely to be. Four conditions are identified that, when breached, are likely to violate an individual's reasonable expectation of privacy. Respect for the dignity of the person is a central factor and emphasis is put on the avoidance of harm, validity, trust, notice, and permission when crossing personal borders.     

Motivating information system engineers’ acceptance of Privacy by Design in China: An extended UTAUT model

Given the serious issues caused by privacy leakage, Privacy by Design (PbD) is gaining the attention of professionals as a new privacy protection paradigm with enormous potential. This study proposes a UTAUT-based integrated model from the perspective of information system (IS) engineers, and explores the determinants of PbD implementation. The implementation of PbD and privacy protection measures relay heavily on IS engineers. However, there is a paucity of research exploring IS engineers’ acceptance of PbD, particularly research that considers engineers’ individualized factors and personal attitudes. Empirical data collected from 261 IS engineers in China demonstrate the rationality of proposed model and the importance of integrating conceptual constructs. The findings suggest that IS engineers’ attitude towards PbD implementation significantly impacts both their behavioral intention and their implementing behavior. IS engineers’ awareness of PbD is a predictor of their effort and performance expectancies, and intention to implement; IS engineers’ effort and performance expectancies concerning PbD usage have significantly impact on their attitude towards PbD. This study reveals the factors that motivate IS engineers to implement PbD into their workflow and proposes for the first time that IS engineers’ attitude towards PbD usage is the key factor for PbD implementation.     

A conceptualisation of privacy risk and its influence on the disclosure of check-in services information

Check-in services (CISs) are a highly relevant part of location-based services that provide customer value greater than other mobile services due to their technical possibilities; conversely, CISs also create various risks to privacy, as they enable the continuous live tracking of users. We investigate these risks and develop a third-order privacy risk construct based on communication privacy management (CPM) theory to explain how a set of concerns violates privacy boundary mechanisms and generates perceived privacy risk. A developmental mixed-method design is used to qualitatively derive the construct qualitatively through 20 interviews and evaluate it quantitatively using a privacy calculus model with structural equation modelling (N = 431). The results confirm the third-order privacy risk construct and reveal new underlying concerns that create this risk. The results of this study are useful for both practitioners and academics, as they provide insights into how context-specific privacy concerns emerge in advanced mobile services, such as CISs.     

The Distribution of Privacy Risks: Who Needs Protection?

It is commonly accepted that the use of personal information in business and government puts individual privacy at risk. However, little is known about these risks-for instance, whether and how they can be measured, and how they vary across social groups and the sectors in which personal data are used. Unless we can gain a purchase on such issues, our knowledge of the societal effects of information technology and systems will remain deficient, and the ability to make and implement better policies for privacy protection, and perhaps for a more equitable distribution of risk and protection, will remain impaired. The article explores this topic, examining conventional paradigms in data protection, including the one-dimensional view of the 'data subject,' that inhibit better conceptualizations and practices. It looks at some comparative survey evidence that casts light on the question of the distribution of privacy risks and concerns. It examines theoretical issues in the literature on risk, raising questions about the objectivity and perception of the risk of privacy invasion.     

A multicultural study of biometric privacy concerns in a fire ground accountability crisis response system

Biometric technology is rapidly gaining popularity as an access control mechanism in the workplace. In some instances, systems relying on biometric technology for access control have not been well received by employees. One potential reason for resistance may be perceived privacy issues associated with organizational collection and use of biometric data. This research draws on previous organizational information handling and procedural fairness literature to frame and examine these underlying privacy issues. Perceived accountability, perceived vulnerability, and distrust were distilled from the previous literature as the primary dimensions of employee privacy concerns related to biometric technology. This study assesses the effects of these privacy concerns, how they vary based on the cultural influences of Anglos and Hispanics.Fire ground accountability is a critical management objective in the firefighting domain. In multi-unit or multi-agency crisis response scenarios, the on-scene incident commander tracks and accounts for each first responder. This research designed and deployed a new fire ground accountability system that tracked firefighters through finger pattern-based biometric logins to their assigned positions on the firefighting apparatus. An instrument measuring level of privacy concern on three underlying dimensions and demographic data was developed, validated and administered in a quasi-experimental field study. A pre-test–post-test survey methodology was employed to detect potential differences in privacy concerns as familiarity with the system increased. The study shows that Anglo and Hispanic subjects frame privacy issues differently associated with use of biometric technology in a fire ground accountability system. Finally, the study showed that some privacy concerns such as distrust and perceived vulnerability can be alleviated through system use with changes in post-use privacy concerns moderated by ethnic affiliation.     

Internet users’ perceptions of information sensitivity – insights from Germany

With the ever-increasing collection of user data, online privacy becomes an urgent matter for users and research across borders. The perception of information sensitivity is central to privacy attitudes and behaviors in different usage contexts. In an online questionnaire, n = 592 German internet users evaluated how sensitive they perceive 40 different data types. The German sensitivity evaluations revealed in this study are compared to results from the US and Brazil (Markos et al., 2017), in order to understand the cultural impact on evaluations. Additionally, we analyze how attitudes and demographic characteristics of the German sample influence the perception of sensitivity on an individual level. Some distinct differences in sensitivity perception between Germany, Brazil, and the US can be observed, but the rank orders of sensitivity of data types is very similar between the countries, indicating that there is a consensus on what constitutes sensitivity across nations. On an individual level, disposition to value privacy, risk propensity, and education level influence the perception of sensitivity. The findings contribute to an understanding of how to design information and communication strategies to inform internet users how to manage their data carefully.     

隐私的道德价值

尊重隐私、保护隐私已逐渐被现实社会所认同,然而对为什么要保护隐私以及隐私的价值仍各有歧见。西方社会对隐私保护的辩护主要有绝对价值论和相对价值论两种思路,两种思路都是从自由主义和个人主义的角度出发的,与以集体主义为背景的中国社会不相符合。在集体主义的框架内,也能对隐私的保护提供有力的辩护。保护隐私不仅能增加个体的福利,而且能增进社会的总体福利,促进社会和谐。     

Information technology and privacy: conceptual muddles or privacy vacuums?

Within a given conversation or information exchange, do privacy expectations change based on the technology used? Firms regularly require users, customers, and employees to shift existing relationships onto new information technology, yet little is known as about how technology impacts established privacy expectations and norms. Coworkers are asked to use new information technology, users of gmail are asked to use GoogleBuzz, patients and doctors are asked to record health records online, etc. Understanding how privacy expectations change, if at all, and the mechanisms by which such a variance is produced will help organizations make such transitions. This paper examines whether and how privacy expectations change based on the technological platform of an information exchange. The results suggest that privacy expectations are significantly distinct when the information exchange is located on a novel technology as compared to a more established technology. Furthermore, this difference is best explained when modeled by a shift in privacy expectations rather than fully technology-specific privacy norms. These results suggest that privacy expectations online are connected to privacy offline with a different base privacy expectation. Surprisingly, out of the five locations tested, respondents consistently assign information on email the greatest privacy protection. In addition, while undergraduate students differ from non-undergraduates when assessing a social networking site, no difference is found when judging an exchange on email. In sum, the findings suggest that novel technology may introduce temporary conceptual muddles rather than permanent privacy vacuums. The results reported here challenge conventional views about how privacy expectations differ online versus offline. Traditionally, management scholarship examines privacy online or with a specific new technology platform in isolation and without reference to the same information exchange offline. However, in the present study, individuals appear to have a shift in their privacy expectations but retain similar factors and their relative importance??the privacy equation by which they form judgments??across technologies. These findings suggest that privacy scholarship should make use of existing privacy norms within contexts when analyzing and studying privacy in a new technological platform.     

Toward a Typology of Internet Users and Online Privacy Concerns

Traditional typologies of consumer privacy concern suggest that consumers fall into three distinct groups: One-fourth of consumers are not concerned about privacy, one-fourth are highly concerned, and half are pragmatic, in that their concerns about privacy depend on the situation presented. This study examines online users to determine whether types of privacy concern online mirror the offline environment. An e-mail survey of online users examined perceived privacy concerns of 15 different situations involving collection and usage of personally identifiable information. Results indicate that the vast majority of online users are pragmatic when it comes to privacy. Further analysis of the data suggested that online users can be segmented into four distinct groups, representing differing levels of privacy concern. Distinct demographic differences were seen. Persons with higher levels of education are more concerned about their privacy online than persons with less education. Additionally, persons over the age of 45 years tended to be either not at all concerned about privacy or highly concerned about privacy. Younger persons tended to be more pragmatic. Content and policy implications are provided.     

Seeing is believing: Towards interactive visual exploration of data privacy in federated learning

Federated learning (FL), as a popular distributed machine learning paradigm, has driven the integration of knowledge in ubiquitous data owners under one roof. Although designed for privacy-preservation by nature, the supposed well-sanitized parameters still convey sensitive information (e.g., reconstruction attack), while existing technical countermeasures provide weak explainability for privacy understanding and protection practices of general users. This work investigates these privacy concerns with an exploratory study and elaborates on data owners’ expectations in FL. Based on the analysis, we design the first interactive visualization system for FL privacy that supports intelligible privacy inspection and adjustment for data owners. Specifically, our proposal facilitates sample recommendation for joint privacy–performance training at cold start. Then it provides visual interpretation and attention rendering of privacy risks in view of multiple attacking channels and a holistic view. Further it supports interactive privacy enhancement involving both user initiative and differential privacy technique, and iterative trade-off with real-time inference accuracy estimation. We evaluate the effectiveness of the system and collect qualitative feedbacks from users. The results demonstrate that 96.7% of users acknowledge the benefits to privacy inspection and adjustment and 90.3% are willing to use our system. More importantly, 87.1% increase the willingness of contributing data for FL.     

Surveillance,Privacy and the Ethics of Vehicle Safety Communication Technologies

Recent advances in wireless technologies have led to the development of intelligent, in-vehicle safety applications designed to share information about the actions of nearby vehicles, potential road hazards, and ultimately predict dangerous scenarios or imminent collisions. These vehicle safety communication (VSC) technologies rely on the creation of autonomous, self-organizing, wireless communication networks connecting vehicles with roadside infrastructure and with each other. As the technical standards and communication protocols for VSC technologies are still being developed, certain ethical implications of these new information technologies emerge: Coupled with the predicted safety benefits of VSC applications is a potential rise in the ability to surveil a driver engaging in her everyday activities on the public roads. This paper will explore how the introduction of VSC technologies might disrupt the “contextual integrity” of personal information flows in the context of highway travel and threaten one’s “privacy in public.” Since VSC technologies and their related protocols and standards are still in the developmental stage, the paper will conclude by revealing how close attention to the ethical implications of the remaining design decisions can inform and guide designers of VSC technologies to create innovate safety applications that increase public safety, but without compromising the value of one’s privacy in public. This work was supported by the National Science Foundation PORTIA Grant No. CNS-0331542, and could not have been completed without the valuable guidance of Prof. Helen Nissenbaum (New York University) and Prof. Dan Boneh (Stanford University). I am grateful to many other colleagues who generously contributed to this work with excellent comments and suggestions, including Emily Clark and Steve Tengler at the VSCC, and Sam Howard-Spink, Joseph Reagle and Tim Weber at New York University. Drafts were further sharpened through opportunities to present at colloquia and conferences sponsored by New York University’s Department of Culture & Communication, the American Association for the Advancement of Science, the Society for Philosophy and Technology, and Computer Ethics: Philosophical Enquiry.