DOCSLIB.ORG

A Methodology for Internal Web Ethics

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Methodology for Internal Web Ethics A methodology for internal Web ethics Michalis Vafopoulos Petros Stefaneas Ioannis Anagnostopoulos National Technical University of Athens National Technical University of Athens University of Central Greece 9 Heroon Polytechneiou st. 9 Heroon Polytechneiou st. 2-4 Papasiopoulou st. 15773, Zografou Campus, Greece 15773, Zografou Campus, Greece 35100, Galaneika – Lamia, Greece +302107722538 +302107721869 +302231066937 [email protected] [email protected] [email protected] Kieron O'Hara University of Southampton University campus, Southampton SO17 1BJ, United Kingdom +4402380592582 [email protected] ABSTRACT update its content. Controversies have been also transferred to the The vigorous impact of the Web in time and space arises from the legal battlefields. Contentious legal initiatives (e.g. SOPA) are fact that it motivates massive creation, editing and distribution of causing both small and gigantic power games among information by Users with little knowledge. This unprecedented governments, industries and non-governmental organizations. continuum provides novel opportunities for innovation but also Concerns about identity, privacy and security are more often in puts under jeopardy its survival as a stable construct that nurtures the headlines. Although technically right solutions exist, these are a complex system of connections. We examine the Web as an have not been adopted yet (e.g. PKI, P3P, eID). HTML5 seems to ethics determined space by demonstrating Hayek’s theory of gain interest well beyond technological outsets, and Open Data freedom in a three-leveled Web: technological, contextualized and initiatives are revolutionizing science, business and government. economic. Our approach accounts for the co-dependence of code Diverse debates and discussions are indirectly or directly and values, and assumes that the Web is a self-contained system connected to the Web ecosystem and outspread across the social that exists in and by itself. This view of internal Web ethics discourse. Symbolically, all these issues are gathered under the directly connects the concept of freedom with issues like rhetoric of online access as an emerging universal human right. centralization of traffic and data control, rights on visiting log file, Lately, national constitutions have started to incorporate it as a custom User profiles and the interplay among function, structure basic right (e.g. Norway). Internet and Web pioneers share and morality of the Web. It is also demonstrated, in the case of different views on the issue, thus driving a creative dialogue about Net Neutrality, that generic freedom-coercion trade-offs are our live with the Web. This dialogue has raised, in various incomplete in treating specific cases at work. different ways and on as many different occasions, the following question: what kind of Web is more beneficial for society? Surely, Categories and Subject Descriptors as the transformational impact of the Web across society grows, WSSC: “webscience.org/2010/E.4.3 Ethics in the Web” the pressure to define its technological principles and the underlying moral values will escalate. Otherwise, we run the risk Keywords of ending up with a restrained, fragmented and autistic Web. Web ethics, freedom, economic Web, contextualized Web, centralization of traffic and data control. 2. THE NEED FOR WEB ETHICS Generic questions about Web’s transformational potential have 1. INTRODUCTION been brought into the agenda of many disciplines. Philosophical The amount of information on the Web is growing exponentially. thinking and engineering should be in the front line by forming Only in YouTube, 48 hours of video are uploaded every minute or the main questions and setting the research framework. On this nearly 8 years of content per day. Users’ demands for a fast, campaign single-sided analysis (i.e. technological or social) is not secure, reliable, all-inclusive, trustworthy and general-purpose sufficient to tackle these complex and multifarious issues. Web are uncontrollable. In 2010, the top 10 Web sites accounted Domain-specific analysis should be orchestrated by more generic for about 75 percent of all US traffic, compared to the 31% in approaches, expanding the solution range. Having defined 2001. Business controversies on issues like the monetization of existence, time and space in the Web [36], the next relevant quest links and excessive market power in searching and mobile is to consider its moral aspects. applications are coming to the fore, whilst novel business models Ethics is the branch of philosophy that deals with the study of are changing the market rules (e.g. peer production, good and evil. Its fundamental questions are often repeated crowdfunding). Some executives and interest groups are still through time, adaptive to the historical and social conditions. trying to conquer the Web by limiting the freedom to connect and These fundamental questions include the definition of good and PhiloWeb2012 workshop in 21st World Wide Web Conference’12 evil, the relation between morality and truth, the limits of freedom (WWW 2012), April 17, 2012, Lyon, France. of will, the definition of right and wrong etc. Applied ethics is the branch of philosophy concerning the application of ethics to specific problems or classes of problems. From 1960’s till today should be thoroughly investigated in order to become a handy the field of applied ethics has seen remarkable growth. Business compass for Users, entrepreneurs and governments to direct their ethics, biomedical ethics, computer ethics, animal rights and decisions towards prosperous ways. environmental ethics are some of the most active areas in modern applied ethics [21]. The Vietnam War, the great progress in 3. INTERNAL WEB ETHICS technology, the wide spread of drugs and contraceptives, the Web has been evolved from a piece of software code to a degradation of the environment, have raised a series of questions dynamical ecosystem of Users and multi-purpose functionalities. that could not be answered by traditional theories of ethics. An Despite its profound importance, Web ethics is still an unexplored important contribution of applied ethics to the field of law is “A research field. As such, it requires systematic research by Theory of Justice” [33]. Computer ethics is the branch of applied determined experts. ethics, which examines the social and ethical impact of The core of our methodology consists of two parts, firstly, the information technology [18, 23]. More particularly, it focuses on historical evolution of the Web and, secondly, a three-leveled the social impact that information technology has on our lives, the approach thereof as this will be introduced below. The Web in its nature of such impact, and the utilization of technology in an early stages was meant to address mainly technological needs, ethical manner. Examples include issues related to the cybercrime, such as an interlinked bulleting board with low levels of the protection of privacy, copyright and patents, the digital divide, interaction. In subsequent years, though, the Web evolved and and the use of computers in the workplace. The variety of became a construct of multiple interlocking contexts, and was technological applications creates new and unexpected situations even used to enable financial transactions. Users not only post and and possibilities, thus causing new ethical dilemmas and values to link digital content, but also communicate, comment, work, emerge. For example, protection of personal data by electronic advertise, exchange information and physical goods in and devices is of particular relevance to our society - to remember that through the Web. The social aspects of the Web are fashioned as only fifteen years ago the relative sensitivity was rudimentary. the ability to create contexts, and an important part of them, Lately, information ethics [12, 13] shed new light on many economic contexts. Intense social and economic online traditional ethical issues in computing. transactions result into a dynamic magma of values and code. This The last twenty years there is a growing literature on the study of fundamental standard implies that Web ethics should be studied the ethics of the cyberspace encompassing all kinds of interactions under the assumption of inherent codependence between User and among Users and the Internet [14, 31, 35]. Indicative topics System (or equivalently Actor and Network [22]). Also, a sound include the ethics of blogging, free Speech and anonymity, definition regarding existence, time and space is necessary to pornography, censorship, intellectual property, privacy and describe the moral values tied to the Web as a system [36] In regulation, spam and advertising, Internet as a medium of order to focus on our the methodology we propose in this paper, communication, accountability and trust, hacking, and the Internet we assume that the Web is the only system existing in the access as a basic human right. universe (“manna from heaven” hypothesis”). Let us call this methodology the internal Web ethics analysis. Our approach The Web has been built on the Internet stack, enabling the inter- extents the Web science perspective, which investigates the Web linkage of digital beings. Despite the fact that it shares some as a self-standing techno-social artifact [5, 38]. common characteristics with its underlying technologies, creates a new feasibility and actuality space. The Web is sufficiently 3.1 Magma of Users and code unusual, transformative and necessary to human existence,
Load more

Recommended publications
  • Canvas Developer Guide
    Canvas Developer Guide Version 53.0, Winter ’22 @salesforcedocs Last updated: August 5, 2021 © Copyright 2000–2021 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com, inc., as are other names and marks. Other marks appearing herein may be trademarks of their respective owners. CONTENTS GETTING STARTED . 1 Chapter 1: Introducing Canvas . 1 Canvas Scenarios . 3 Where Canvas Apps Appear . 3 Supported Browsers . 4 Supported Salesforce Editions . 4 User Permissions Required . 5 User Interface Considerations . 5 Canvas App Process . 6 Canvas Personal Apps . 8 Canvas Personal App Process . 8 Enabling Canvas Personal Apps within an Organization . 9 Making an App a Canvas Personal App . 10 Uninstalling a Canvas Personal App . 10 Chapter 2: Quick Start . 12 Prerequisites . 13 Create the App . 13 Set the App Location . 14 Chapter 3: Quick Start—Advanced . 16 Prerequisites . 17 Clone the Project from GitHub . 17 Run the Web App Locally . 18 Create the Canvas App . 19 Configure Who Can Access the Canvas App . 21 Deploy the Web App to Heroku . 22 Update the Canvas App . 23 Package the Canvas App . 24 Upload the Canvas App Package . 25 Install the Canvas App . 25 Configure Who Can Access the Installed Canvas App . 26 USING CANVAS . 27 Chapter 4: Canvas SDK . 27 Referencing the Canvas SDK . 28 Authentication . 28 Signed Request Authentication . 28 Contents OAuth Authorization . 36 SAML Single Sign-On for Canvas Apps . 40 Getting Context in Your Canvas App . 40 Cross-Domain XHR . 41 Getting a List of Chatter Users . 41 Posting to a Chatter Feed . 42 Alternatives to Cookies for User Tracking .
    [Show full text]
  • Reflections on Cyberethics Education for Millennial Software Engineers
    Reflections on Cyberethics Education for Millennial Software Engineers Claudia de O. Melo Thiago C. de Sousa Faculty of Technology Urbanism and Technology Center University of Bras´ılia State University of Piau´ı Bras´ılia, Brazil Teresina, Brazil Email: [email protected] Email: [email protected] Abstract—Software is a key component of solutions for challenges to educating millennial software engineers, which 21st Century problems. These problems are often “wicked”, requires continuous innovation in educational systems and complex, and unpredictable. To provide the best possible solution, curricula delivery [2], [7]. millennial software engineers must be prepared to make ethical decisions, thinking critically, and acting systematically. This Moreover, the design of software systems comes with reality demands continuous changes in educational systems and a special set of responsibilities to society that are much curricula delivery, as misjudgment might have serious social broader than those described in existing codes of ethics for impact. This study aims to investigate and reflect on Software computing professionals [8]. While the potential return on Engineering (SE) Programs, proposing a conceptual framework investment in technology is usually high, the increasing pace for analyzing cyberethics education and a set of suggestions on how to integrate it into the SE undergraduate curriculum. of technological innovation raises ethical questions about its development and use [9]. Information and Communications Keywords-cyberethics; millennial software
    [Show full text]
  • Rishi.Narang (At) Thirdbrigade.Com +91 988.6982.678
    END USER PRIVACY BREACHES Rishi Narang Vulnerability Research Analyst Third Brigade Security Labs rishi.narang (at) thirdbrigade.com +91 988.6982.678 OWASP 06th September, 2007 Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation http://www.owasp.org HAWK‟S EYE Web Application Security - 10 Steps to Secure - IE vs. Firefox Competition Common User Behaviors - Warnings & Error Messages - SURVEY: What End Users Say About Warnings Security Products vs. Attacks - Current Security Architecture - Security Myths Ideal World vs. Real World - Security Awareness (Geographically) - Plans & Actions + Prime Focus Privacy Approach - Data Gathering - Privacy Policies & Drives OWASP 2 WEB APPLICATION SECURITY … lot many web apps, but are they secured ?? Can they live together ?? OWASP 3 10 STEPS TO SECURE WEB 2.0 brings Threat 2.0 STEP 01. Policy: Fair policy @ every Gateway STEP 02. Tuning the Policy: Tuning as per custom applications STEP 03. Dealing with Malwares: HOST level protection against Malwares STEP 04. Block Undesirable URLs: Block Black-Listed and undesirables STEP 05. File Format Scans: Protection against malicious file downloads STEP 06. Upload Scans: Upload scan log for malicious activities STEP 07. IM traffic scans: IM traffic scan for file sharing and scripts STEP 08. Web Activity Monitoring: Passive monitoring for Anomalies STEP 09. Policy Enforcements: User Education and simplified process STEP 10. Emerging Web Activities: Keep an Eye on it ! OWASP 4 BROWSER VULNERABILITIES Source: Internet Security Threat Report Volume XI, Symantec Corporation IE & FIREFOX reported high number of vulnerabilities as compared to other browsers.
    [Show full text]
  • The Society of Enhanced Legal Scholars, Seven of Nine, and Some Regulatory Challenges for Future Generations by Roger Brownsword
    The Society of Enhanced Legal Scholars, Seven of Nine, and some regulatory challenges for future generations by Roger Brownsword INTRODUCTION REGULATORY LEGITIMACY: THREE evelopments in information and communication SCHOOLS OF THOUGHT technologies have transformed the way that Where human enhancement is simply cheating by Dlawyers work. Nowadays, the electronic resources another name, we should obviously take a negative view. are so swift, comprehensive and convenient that However, if the rules permit enhancement, or if the researching the law only occasionally involves consulting situation is not competitive, is a negative view still the hard copy sources in the library. Imagine, though, that appropriate? If regulators permit (even encourage) further developments of this kind, coupled with physical and intellectual improvement, why prohibit developments in biotechnologies and nanotechnologies, as technologies for human enhancement? Does it make sense, well as in human brain/machine interfacing, reach a stage for example, to argue that regulators should permit the at which all legal source materials are on a tiny chip connected to the human brain. With such enabling application of technologies to correct impairment (such as technology, the lawyers of the future will be more than failing eyesight) but not to enhance human capacities (for advanced, they will be enhanced. Should we welcome example, to equip a person with X-ray or all-round vision)? enhancing developments of this kind? Should we try to How do we sort out the ethical wheat from the chaff? resist them or confine them? How should regulators What is the appropriate standard of regulatory legitimacy? respond? What kind of regulatory environment should be Broadly speaking, ethical argument adopts one of three set for a community of potentially enhanced citizens, basic forms: namely, goal-orientated (consequentialism), lawyers, and law-enforcers? rights-based and duty-based forms.
    [Show full text]
  • Bibliography of Erik Wilde
    dretbiblio dretbiblio Erik Wilde's Bibliography References [1] AFIPS Fall Joint Computer Conference, San Francisco, California, December 1968. [2] Seventeenth IEEE Conference on Computer Communication Networks, Washington, D.C., 1978. [3] ACM SIGACT-SIGMOD Symposium on Principles of Database Systems, Los Angeles, Cal- ifornia, March 1982. ACM Press. [4] First Conference on Computer-Supported Cooperative Work, 1986. [5] 1987 ACM Conference on Hypertext, Chapel Hill, North Carolina, November 1987. ACM Press. [6] 18th IEEE International Symposium on Fault-Tolerant Computing, Tokyo, Japan, 1988. IEEE Computer Society Press. [7] Conference on Computer-Supported Cooperative Work, Portland, Oregon, 1988. ACM Press. [8] Conference on Office Information Systems, Palo Alto, California, March 1988. [9] 1989 ACM Conference on Hypertext, Pittsburgh, Pennsylvania, November 1989. ACM Press. [10] UNIX | The Legend Evolves. Summer 1990 UKUUG Conference, Buntingford, UK, 1990. UKUUG. [11] Fourth ACM Symposium on User Interface Software and Technology, Hilton Head, South Carolina, November 1991. [12] GLOBECOM'91 Conference, Phoenix, Arizona, 1991. IEEE Computer Society Press. [13] IEEE INFOCOM '91 Conference on Computer Communications, Bal Harbour, Florida, 1991. IEEE Computer Society Press. [14] IEEE International Conference on Communications, Denver, Colorado, June 1991. [15] International Workshop on CSCW, Berlin, Germany, April 1991. [16] Third ACM Conference on Hypertext, San Antonio, Texas, December 1991. ACM Press. [17] 11th Symposium on Reliable Distributed Systems, Houston, Texas, 1992. IEEE Computer Society Press. [18] 3rd Joint European Networking Conference, Innsbruck, Austria, May 1992. [19] Fourth ACM Conference on Hypertext, Milano, Italy, November 1992. ACM Press. [20] GLOBECOM'92 Conference, Orlando, Florida, December 1992. IEEE Computer Society Press. http://github.com/dret/biblio (August 29, 2018) 1 dretbiblio [21] IEEE INFOCOM '92 Conference on Computer Communications, Florence, Italy, 1992.
    [Show full text]
  • Internet Explorer 9 Features
    m National Institute of Information Technologies NIIT White Paper On “What is New in Internet Explorer 9” Submitted by: Md. Yusuf Hasan Student ID: S093022200027 Year: 1st Quarter: 2nd Program: M.M.S Date - 08 June 2010 Dhaka - Bangladesh Internet Explorer History Abstract: In the early 90s—the dawn of history as far as the World Wide Web is concerned—relatively few users were communicating across this Internet Explorer 9 (abbreviated as IE9) is the upcoming global network. They used an assortment of shareware and other version of the Internet Explorer web browser from software for Microsoft Windows operating system. In 1995, Microsoft Microsoft. It is currently in development, but developer hosted an Internet Strategy Day and announced its commitment to adding Internet capabilities to all its products. In fulfillment of that previews have been released. announcement, Microsoft Internet Explorer arrived as both a graphical Web browser and the name for a set of technologies. IE9 will have complete or nearly complete support for all 1995: Internet Explorer 1.0: In July 1995, Microsoft released the CSS 3 selectors, border-radius CSS 3 property, faster Windows 95 operating system, which included built-in support for JavaScript and embedded ICC v2 or v4 color profiles dial-up networking and TCP/IP (Transmission Control support via Windows Color System. IE9 will feature Protocol/Internet Protocol), key technologies for connecting to the hardware accelerated graphics rendering using Direct2D, Internet. In response to the growing public interest in the Internet, Microsoft created an add-on to the operating system called Internet hardware accelerated text rendering using Direct Write, Explorer 1.0.
    [Show full text]
  • An Introduction to Cybersecurity Ethics MODULE AUTHOR: Shannon Vallor, Ph.D
    An Introduction to Cybersecurity Ethics MODULE AUTHOR: Shannon Vallor, Ph.D. William J. Rewak, S.J. Professor of Philosophy, Santa Clara University TABLE OF CONTENTS Introduction 2-6 PART ONE: What are the important ethical issues in cybersecurity? 7-12 Case Study 1 13-15 PART TWO: Common ethical challenges for cybersecurity professionals 15-21 Case Study 2 21-24 Case Study 3 24-28 PART THREE: What are cybersecurity professionals’ obligations to the public? 29-34 Case Study 4 34-38 PART FOUR: What ethical frameworks can guide cybersecurity practice? 38-47 PART FIVE: What are ethical best practices in cybersecurity? 48-56 Case Study 5 57-60 Case Study 6 60-61 APPENDIX A: Relevant Professional Ethics Codes & Guidelines (Links) 62 APPENDIX B: Bibliography/Further Reading 63-65 1 An Introduction to Cybersecurity Ethics MODULE AUTHOR: Shannon Vallor, Ph.D. William J. Rewak, S.J. Professor of Philosophy, Santa Clara University 1. What do we mean when we talk about ‘ethics’? Ethics in the broadest sense refers to the concern that humans have always had for figuring out how best to live. The philosopher Socrates is quoted as saying in 399 B.C. that “the most important thing is not life, but the good life.”1 We would all like to avoid a bad life, one that is shameful and sad, fundamentally lacking in worthy achievements, unredeemed by love, kindness, beauty, friendship, courage, honor, joy, or grace. Yet what is the best way to obtain the opposite of this – a life that is not only acceptable, but even excellent and worthy of admiration? How do we identify a good life, one worth choosing from among all the different ways of living that lay open to us? This is the question that the study of ethics attempts to answer.
    [Show full text]
  • Privacy Knowledge Modelling for Internet of Things
    Privacy Knowledge Modelling for Internet of Things: A Look Back Charith Perera (Open University), Chang Liu (CSIRO), Rajiv Ranjan (Newcastle University), Lizhe Wang (China University of Geosciences), Albert Y. Zomaya (University of Sydney) Abstract Internet of Things (IoT) and cloud computing together give us the ability to sense, collect, process, and analyse data so we can use them to better understand behaviours, habits, preferences and life patterns of users and lead them to consume resources more efficiently. In such knowledge discovery activities, privacy becomes a significant challenge due to the extremely personal nature of the knowledge that can be derived from the data and the potential risks involved. Therefore, understanding the privacy expectations and preferences of stakeholders is an important task in the IoT domain. In this paper, we review how privacy knowledge has been modelled and used in the past in different domains. Our goal is not only to analyse, compare and consolidate past research work but also to appreciate their findings and discuss their applicability towards the IoT. Finally, we discuss major research challenges and opportunities. Keywords: Internet of Things, Privacy Preferences, Knowledge Modelling Introduction The Internet of Things allows people and things to be connected anytime, anyplace, with anything and anyone, ideally using any path, any network and any service [1]. Over the last few years, a large number of Internet of Things (IoT) solutions have come to the IoT marketplace [2]. These IoT solutions together collect a large amount of data that can be used to derive useful but extremely personal knowledge about users [3]. On the other hand, cloud computing provides ubiquitous, convenient, on- demand access to a shared pool of configurable computing resources.
    [Show full text]
  • Recommendations for Businesses and Policymakers Ftc Report March 2012
    RECOMMENDATIONS FOR BUSINESSES AND POLICYMAKERS FTC REPORT FEDERAL TRADE COMMISSION | MARCH 2012 RECOMMENDATIONS FOR BUSINESSES AND POLICYMAKERS FTC REPORT MARCH 2012 CONTENTS Executive Summary . i Final FTC Privacy Framework and Implementation Recommendations . vii I . Introduction . 1 II . Background . 2 A. FTC Roundtables and Preliminary Staff Report .......................................2 B. Department of Commerce Privacy Initiatives .........................................3 C. Legislative Proposals and Efforts by Stakeholders ......................................4 1. Do Not Track ..............................................................4 2. Other Privacy Initiatives ......................................................5 III . Main Themes From Commenters . 7 A. Articulation of Privacy Harms ....................................................7 B. Global Interoperability ..........................................................9 C. Legislation to Augment Self-Regulatory Efforts ......................................11 IV . Privacy Framework . 15 A. Scope ......................................................................15 1. Companies Should Comply with the Framework Unless They Handle Only Limited Amounts of Non-Sensitive Data that is Not Shared with Third Parties. .................15 2. The Framework Sets Forth Best Practices and Can Work in Tandem with Existing Privacy and Security Statutes. .................................................16 3. The Framework Applies to Offline As Well As Online Data. .........................17
    [Show full text]
  • Florian Schaub Riva Cur P Ity Le L B a a B S O U R a B T a March 17, 2015 O L
    17 – Usability of privacy policies and CyLab the dimensions of privacy notice Engineering & Public Policy Lorrie Cranor, Blase Ur, and Rich Shay cy & Se w/ special guest Florian Schaub riva cur P ity le L b a a b s o U r a b t a March 17, 2015 o L r y y C H 05-436 / 05-836 / 08-534 / 08-734 ! T U T D P .E Usable Privacy and Security" :// U CUPS.CS.CM 1 Notice and choice Protect privacy by giving people control over their information Choices about allowing their Notice about data data to be collected and used collection and use in that way 2 Nobody wants to read privacy policies “the notice-and-choice model, as implemented, has led to long, incomprehensible privacy policies that consumers typically do not read, let alone understand” # "Protecting Consumer Privacy in an Era of Rapid Change. Preliminary FTC Staff Report. December 2010. 3 Towards a privacy “nutrition label” • Standardized format – People learn where to find answers – Facilitates policy comparisons • Standardized language – People learn terminology • Brief – People find info quickly • Linked to extended view – Get more details if needed 4 Iterative design process • Series of studies – Focus groups – Lab studies – Online studies • Metrics – Reading-comprehension (accuracy) – Time to find information – Ease of policy comparison – Subjective opinions, ease, fun, trust P.G. Kelley, J. Bresee, L.F. Cranor, and R.W. Reeder. A “Nutrition Label” for Privacy. SOUPS 2009. P.G. Kelley, L.J. Cesca, J. Bresee, and L.F. Cranor. Standardizing Privacy Notices: An Online Study of the Nutrition Label Approach.
    [Show full text]
  • Alessandro Acquisti - Curriculum Vitae Heinz College, Carnegie Mellon University Acquisti @ Andrew.Cmu.Edu |
    Alessandro Acquisti - Curriculum Vitae Heinz College, Carnegie Mellon University acquisti @ andrew.cmu.edu | www.heinz.cmu.edu/~acquisti Trustees Professor of Information Technology and Public Policy Director, Privacy Economics Experiments Lab (PeeX) Faculty Chair, Master of Science in Information Security Policy & Management Steering Committee, CMU Center for Behavioral Decision Research (CBDR) Positions Trustees Professor of Information Technology and Public Policy, 2020 - present Heinz College, Carnegie Mellon University Faculty Director, CMU Digital Transformation and Innovation Center Sponsored by PwC, 2017 - 2020 Carnegie Mellon University PwC William W. Cooper Professor of Risk and Regulatory Innovation, 2017 - 2020 Heinz College, Carnegie Mellon University Professor of Information Technology and Public Policy, 2014 - 2020 Heinz College, Carnegie Mellon University Tenured Associate Professor of Information Technology and Public Policy, 2012 - 2014 Heinz College, Carnegie Mellon University Associate Professor of Information Technology and Public Policy, 2009 - 2012 Heinz College, Carnegie Mellon University Assistant Professor of Information Technology and Public Policy, 2003 - 2009 Heinz College, Carnegie Mellon University Visiting Scientist, Spring 2012 Google, Mountain View Visiting Fellow, Spring 2012 Becker/Friedman Institute for Research in Economics, University of Chicago Visiting Scholar, Fall 2011 Institute for Quantitative Social Science, Harvard University Visiting Researcher, Fall 2011 Microsoft Research, New England Visiting
    [Show full text]
  • Privacy Negotiations with P3P Sören Preibusch German Institute for Economic Research (DIW) Königin-Luise-Str
    Privacy Negotiations with P3P Sören Preibusch German Institute for Economic Research (DIW) Königin-Luise-Str. 5, 14195 Berlin, Germany [email protected] ABSTRACT preferences. A privacy-focused “meta-personalization” does This paper examines how negotiation techniques can not take place.1 resolve the trade-off between service providers’ persona- lization efforts and users’ individual privacy concerns and Posting “privacy policies” on websites is a rigid approach demonstrates how they can be integrated into existing and hampers users providing an informed consent as the technologies to overcome the shortcomings of static privacy compensation for data disclosure is not apparent. The policies. The analysis includes the identification of relevant empirical proof of users’ stated privacy preferences and negotiable privacy dimensions. An extension to P3P is diverging from their actual behaviour is a symptom of this proposed that allows a simple expression and implemen- burden [14]. tation of negotiation processes. Support for this extension Our contribution is to depict how negotiation techniques has been developed for the Mozilla Web browser. can overcome current drawbacks of static privacy policies, and reconcile privacy and personalization. We investigate INTRODUCTION how negotiations can be implemented using existing The Web’s complexity both in size and diversity has led technologies, namely P3P. online retailers to offer their customers individually targeted products and services. Personalization efforts have been The implementation of PRINT by extending W3C’s implemented in the vast majority of popular sites. Their Platform for Privacy Preferences (P3P) is soundly explained inherent need for personal information and the long-time and detailed information is provided how language support storage of these data drew attention to the induced privacy for PRINT can be integrated in P3P in a straightforward issues.
    [Show full text]