Bör du v(AR)a rädd för framtiden? : En studie om The privacy Paradox och potentiella integritetsrisker med Augmented Reality / Should you be sc(AR)ed of the future? : A study about The Privacy Paradox and potential risks with Augmented Reality

Madsen, Angelica, Nymanson, Carl

January 2021

I en tid där digitaliseringen är mer utbredd än någonsin ökar också mängden data som samlas och delas online. I takt med att nya tekniker utvecklas öppnas det upp för nya utmaningar för integritetsfrågor. En aktiv användare online ägnar sig med störst sannolikhet också åt ett eller flera sociala medier, där ändamålen ofta innebär att dela med sig av information till andra. Eftersom tekniker Augmented Reality används mer frekvent i några av de största sociala medierapplikationerna blev studiens syfte att undersöka potentiella integritetsproblem med Augmented Reality.l Studiens tillvägagångsätt har bestått av en empirisk datainsamling för att skapa ett teoretiskt ramverk för studien. Utifrån detta har det genomförts en digital enkät samt intervjuer för att närmare undersöka användarens beteende online och The Privacy Paradox. Utifrån undersökningens resultat kunde The Privacy Paradox bekräftas och ge en bättre förståelse för hur användaren agerar genom digitala kanaler. I studien behandlas olika aspekter kring integritetsfrågor såsom användarvillkor, sekretessavtal, datamäklare, framtida konsekvenser och vad tekniken möjliggör. Studien kom fram till att användare, företaget och dagens teknik tillåter att en känsligare information kan utvinnas genom ett dataintrång. Även om det ännu inte har inträffat ett dataintrång som grundat sig i Augmented Reality före denna studie, finns det en risk att det endast handlar om en tidsfråga innan det sker. / In a time when digitalization is more widespread than ever, the amount of data collected and shared is increasing. As new technologies develop, challenges for privacy concerns arises. An active online user is likely to engage in one or many social media platforms, where the purpose often involves sharing information with others. Since Augmented Reality is more frequently supported in some the biggest social media applications, the purpose of this study was to investigate potential privacy concerns with Augmented Reality. The study's approach consisted of an empirical data collection to create a theoretical framework for the study. Based on this, a digital survey and interviews were conducted to further investigate the user's behavior online and The Privacy Paradox. Based on the results of the survey, The Privacy Paradox could be confirmed and a better understanding of how the user interacts through digital channels was achieved. The study treats different aspects of privacy concerns such as user terms, privacy policies, data brokers, future consequences and what technology enables. The study reached the conclusion that users, buisnesses and today's technology allow a more sensitive type of information to be collected through a data breach. Even if there has not yet occurred a data breach enabled by Augmented Reality prior to this study, there is a risk that it is only a matter of time until it happens.

Augmented Reality

The Privacy Paradox

Privacy policy

Data Collection

Biometrisk Data

Augmented Reality

The Privacy Paradox

Integritetsfrågor

Datainsamling

Biometrisk data

Media and Communications

Medie- och kommunikationsvetenskap

Mom, Dad, Let’s Be (Facebook) Friends: Exploring Parent/Child Facebook Interaction from a Communication Privacy Management Perspective

Westermann, David A.

29 April 2011

No description available.

Communication

Families and Family Life

Mass Media

Communication

Communication Privacy Management theory

privacy management

Facebook

family privacy orientation

relational quality

parental trust

role theory

boundary management

Is the Dystopian World of George Orwell Coming? : Examining Swedish Youths Knowledge and Attitude RegardingDigital Privacy

Collin, Linus, Rydén, Michael

January 2024

This thesis examined how aware upper secondary school students are of how the informationthey share on social media platforms is handled, what concerns are raisedregarding the personal data collected and used by corporations and authorities andhow upper secondary school students view the future education of digital privacy.Questions in the thesis are answered by performing a study using questionnaires asa data collection method. The conclusion is that upper secondary school students inSweden are fairly unaware of how their information is handled in the digital worldand what regulations are in place to protect their data. Some concerns are raisedaround the participants’ lack of knowledge and how their trust in authorities haslowered due to digital surveillance, the lack of mitigating actions against abuse ofsurveillance, and the debate regarding mass surveillance. In the future, the participantswant more education about digital privacy, and they believe it should be partof the curriculum in upper secondary school.

privacy

eIDAS

FRA

GDPR

surveillance

mass surveillance

online surveillance

digital competence

privacy issues

social media

social media privacy

education

education for digital competence

Computer and Information Sciences

Data- och informationsvetenskap

The impact of privacy regulations on the development of electronic commerce in Jordan and the UK

Aljaber, Maher

January 2012

Improvement in information communication technology (ICT) is one of the factors behind growth in economic productivity. A major dimension of this is the use of the Internet in e-commerce, allowing companies to collect, store, and exchange personal information obtained from visitors to their websites. Electronic commerce has many different variants, and is believed by many governments throughout the world to be the engine of economic stability in the future. While electronic commerce has many benefits, there is evidence to suggest privacy concerns are an inhibitor to its adoption in Jordan and the UK. According to Campbell (1997, p.45), privacy in this context can be defined as “the ability of individuals to determine the nature and extent of information about them which is being communicated to others”. The importance of information in e-commerce has increased, because the main success factor for the completion of transactions between businesses and consumers is the companies’ ability to access consumers’ personal details. This conflicts with the consumers’ fear of providing personal information to un-trusted parties, which makes them disinterested in entering contracts via the internet. This research discusses privacy concerns as an inhibitor for electronic commerce by providing a comparison between UK and Jordanian regulations, to establish the impact that these regulations have ameliorating privacy concerns regarding the development of electronic commerce in Jordan and the UK. The interpretive grounded theory approach has allowed the researcher to gain a deep understanding about privacy perceptions of electronic commerce held by the main stakeholders: government, businesses and consumers. Furthermore, through implementing the Straussian grounded theory approach as a data collection and analysis method, two grounded theories have emerged as giving deeper understanding of the situation in Jordan and the UK regarding privacy concerns and how this affects electronic commerce development in both countries.

004

Privacy Protecting Surveillance: A Proof-of-Concept Demonstrator / Demonstrator för integritetsskyddad övervakning

Fredrik, Hemström

January 2015

Visual surveillance systems are increasingly common in our society today. There is a conflict between the demands for security of the public and the demands to preserve the personal integrity. This thesis suggests a solution in which parts of the surveillance images are covered in order to conceal the identities of persons appearing in video, but not their actions or activities. The covered parts could be encrypted and unlocked only by the police or another legal authority in case of a crime. This thesis implements a proof-of-concept demonstrator using a combination of image processing techniques such as foreground segmentation, mathematical morphology, geometric camera calibration and region tracking. The demonstrator is capable of tracking a moderate number of moving objects and conceal their identity by replacing them with a mask or a blurred image. Functionality for replaying recorded data and unlocking individual persons are included. The concept demonstrator shows the chain from concealing the identities of persons to unlocking only a single person on recorded data. Evaluation on a publicly available dataset shows overall good performance.

privacy protection

computer vision

foreground segmentation

integrity preserving

Privacy-preserving computation for data mining

Brickell, Justin Lee

01 June 2010

As data mining matures as a field and develops more powerful algorithms for discovering and exploiting patterns in data, the amount of data about individuals that is collected and stored continues to rapidly increase. This increase in data heightens concerns that data mining violates individual privacy. The goal of data mining is to derive aggregate conclusions, which should not reveal sensitive information. However, the data-mining algorithms run on databases containing information about individuals which may be sensitive. The goal of privacy-preserving data mining is to provide high-quality aggregate conclusions while protecting the privacy of the constituent individuals. The field of "privacy-preserving data mining" encompasses a wide variety of different techniques and approaches, and considers many different threat and trust models. Some techniques use perturbation, where noise is added (either directly to the database that is the input to the algorithm or to the output of queries) to obscure values of sensitive attributes; some use generalization, where identifying attributes are given less specific values; and some use cryp- tography, where joint computations between multiple parties are performed on encrypted data to hide inputs. Because these approaches are applied to different scenarios with different threat models, their overall e ectiveness and privacy properties are incomparable. In this thesis I take a pragmatic approach to privacy-preserving data mining and attempt to determine which techniques are suitable to real-world problems that a data miner might wish to solve, such as evaluating and learning decision-tree classifiers. I show that popular techniques for sanitizing databases prior to publication either fail to provide any meaningful privacy guarantees, or else degrade the data to the point of having only negligible data-mining utility. Cryptographic techniques for secure multi-party computation are a natural alternative to sanitized data publication, and guarantee the privacy of inputs by performing computations on encrypted data. Because of its heavy reliance on public-key cryptography, it is conventionally thought to be too slow to apply to real-world problems. I show that tailor-made protocols for specific data-mining problems can be made fast enough to run on real-world problems, and I strengthen this claim with empirical runtime analysis using prototype implementations. I also expand the use of secure computation beyond its traditional scope of applying a known algorithm to private inputs by showing how it can be used to e ciently apply a private algorithm, chosen from a specific class of algorithms, to a private input. / text

Data mining

Privacy preservation

Sanitized data

Cryptographic techniques

The influence of live customer service on consumers' likelihood of disclosing personal information

Li, Dan, active 21st century

08 August 2014

Live customer service has been used by many e-commerce brands as a method to gain consumers personal information. Previous research has found that live service agents have a positive influence on consumer perceived service quality and trust. This research aims to examine if certain type of live customer service generate better website and brand perceptions from the consumer and ultimately help in gaining consumer personal information. Results of this experimental design show that avatar selection and exposure did not significantly differ for service quality, trust, attitudes, purchase intention, and likelihood of disclosing personal information. It was also found that customers have a significant likelihood of selecting agents of the same gender. / text

Live customer service

Online privacy

Database marketing

E-commerce

Private environments for programs

Dunn, Alan Mark

25 September 2014

Commodity computer systems today do not provide system support for privacy. As a result, given the creation of new leak opportunities by ever-increasing software complexity, leaks of private data are inevitable. This thesis presents Suliban and Lacuna, two systems that allow programs to execute privately on commodity hardware. These systems demonstrate different points in a design space wherein stronger privacy guarantees can be traded for greater system usability. Suliban uses trusted computing technology to run computation-only code privately; we refer to this protection as "cloaking". In particular, Suliban can run malicious computations in a way that is resistant to analysis. Suliban uses the Trusted Platform Module and processor late launch to create an execution environment entirely disjoint from normal system software. Suliban uses a remote attestation protocol to demonstrate to a malware distribution platform that the environment has been correctly created before the environment is allowed to receive a malicious payload. Suliban's execution outside of standard system software allows it to resist attackers with privileged operating system access and those that can perform some forms of physical attack. However, Suliban cannot access system services, and requires extra case-by-case measures to get outside information like the date or host file contents. Nonetheless, we demonstrate that Suliban can run computations that would be useful in real malware. In building Suliban, we uncover which defenses are most effective against it and highlight current problems with the use of the Trusted Platform Module. Lacuna instead aims at achieving forensic deniability, which guarantees that an attacker that gains full control of a system after a computation has finished cannot learn answers to even binary questions (with a few exceptions) about the computation. This relaxation of Suliban's guarantees allows Lacuna to run full-featured programs concurrently with non-private programs on a system. Lacuna's key primitive is the ephemeral channel, which allows programs to use peripherals while maintaining forensic deniability. This thesis extends the original Lacuna work by investigating how Linux kernel statistics leak private session information and how to mitigate these leaks. / text

System-level privacy

Code obfuscation

Data leaks

Trusted computing

Virtualization

Communication strategies to restore or preserve informational and psychological privacy; the effects of privacy invasive questions in the health care context

Le Poire, Beth Ann, 1964-

January 1988

This investigation explored the role of informational and psychological privacy in the health context by examining the relationship between type of relationship (physician versus acquaintance), type of observation (self-report versus observation), and communication strategies used to restore or preserve privacy (interaction control, dyadic strategies, expressions of negative arousal, blocking and avoidance, distancing, and confrontation). It was hypothesized and confirmed that individuals report exhibiting more behaviors to restore or preserve informational privacy in response to an informationally privacy-invasive question posed by an acquaintance than by a physician. The hypothesis that presentation of an informationally privacy invasive question by the physician causes patients to exhibit more communication strategies after the privacy invasive question than before, was unsupported. Finally, the hypothesis that individuals actually exhibit more privacy restoration behaviors than they report using in a similar situation with their physician was also unsupported. Patients reported using more communication strategies than they actually exhibited. One confound to the self reports was that videotaped participants reported the use of fewer direct privacy restoring communication strategies than non-videotaped.

Privacy, Right of.

Patient compliance.

Physician and patient.

Acceptance of a Remote Desktop Access System to Increase Workspace Awareness

Williams, Jennifer

January 2000

Awareness systems are being designed and implemented to improve employee connections. This study examines the variables that affect the acceptance of an awareness system. The awareness system that was used for this research was a remote desktop access system. The independent variables investigated were the degree of detail that can be viewed on a desktop, whether the users can control who can access their desktops, whether the users can control when others have access to their desktops, the equality of access to others' desktops, and task-technology fit. In determining the effect of the independent variables on acceptance, the dependent variable, the mediating variables of privacy and fairness were taken into account. There was a preliminary survey conducted to determine appropriate situations to be used in the scenario descriptions for the survey for the main study. The methodology of policy-capturing surveys was utilized to conduct the survey for the main study in order to investigate the model developed in this study. The policy-capturing survey was pre-tested on University of Waterloo students. The main study was conducted in two different organizations, the subjects for the first study were employees from the Information Systems and Technology Department at the University of Waterloo and the subjects for the second study were employees from Ciber Incorporated. Results indicate that perceptions of privacy and perceptions of fairness have significant effects on acceptance. Also, perceptions of privacy and fairness are related to details in the design of the remote desktop access system. This research may be a contribution to this field since little research has been conducted in this area and implications can be drawn for future research on acceptance of awareness systems.

Management

awareness systems

privacy

fairness

acceptance

activity-based