Ok, so what about Implementation?

Research on privacy architecture and location based privacy / ubiquitous computing is particularly helpful to measurement.   Guarda and Zannone provide a unique contribution to the field of privacy with an excellent description of privacy engineering concepts, and a focus on privacy requirements engineering.  Privacy requirements engineering can be used as a basis for comprehensive privacy architecture, …

Research on Implementation

The second section is by far the largest in CS, and focuses on presenting technical system implementations.  Implementations vary widely, to assist the reader they have been loosely classified into papers that propose privacy product and system architecture, applied techniques for online privacy, location-based privacy issues, and (as mentioned earlier) a set of papers on artificial …

Ok, so what about Representation?

While the Popp and Poindexter approach is common within the CS domain, it fails to recognize the instances where security and privacy do not converge, and may in fact conflict.  While the authors highlight the typical privacy protections: privacy appliances, data transformations, anonymization, selective revelation, immutable audit and self-reporting data, they fail to demonstrate an understanding …

Attempts at Representation

CS research that attempts to represent privacy typically takes one of two approaches: policy based proposals and / or ontological frameworks. Policy The policy-based research generally falls within privacy policy creation, breaches and assessment processes.  Popp and Poindexter focus on the creation of policies, arguing for the coordination of security and privacy policies (Popp & Poindexter, 2006).  They …

Looking Outside Computer Science

The literature review is grouped thematically to illustrate four different kinds of research: Let’s go….

Workable Models Can Exist

These types of issues may arise because organizations have treated privacy as a problem to be solved (Baker, 2009, 2012; Dribben, 2012; Nissenbaum, 1998; Orcutt, 2012; Pope, 2010; Solis, 2013; Tavani, 2005).  Even the current mechanisms for evaluating and measuring privacy (see an overview discussed in the Case Study) focus on organizational activities. However, the multitude of …

Increasing Data Collection

As wireless computing functions are increasingly embedded, for example, FitBit for our wrists and smart meters for our homes, data collection can originate from every electronic device in our environment.  Each one collects or infers some information about the humans that interact with that device.  Visions of future computing environments involve integrating tiny microelectronic processors and …

Patterns of Privacy Enforcement

The less transparent organizations are about their privacy practices, the more difficult it is for a data subject to make a decision about who to trust with their personal information. By being transparent about informational privacy practices in legislation, the data subject can make more informed decisions about who and when to release their own …

Dissonance

Many countries have privacy legislation.   Specific to Canada, the enforcement of this legislation is largely through complaint mechanisms.  For example, a consumer is unhappy with a company’s data protection practices and they file a complaint with the Office of the Privacy Commissioner of Canada.  This process heavily relies on the consumer to be educated about both privacy …

Missed Expectations

Being online not only makes it easier for organizations to share data in privacy policies, it also makes it easier for data subjects to disclose more information – or have data inferred about their behaviour.  Organizations are incentivized to get privacy right; the more a user trusts an SNS for example, the more data they will …