Do Interruptions Pay Off? Effects on Interruptive Ads on Costumers' Willingness to Pay

Acquisti, Alessandro, Spiekermann, Sarah

January 2011

We present the results of a study designed to measure the impact of interruptive advertising on consumers' willingness to pay for products bearing the advertiser's brand. Subjects participating in a controlled experiment were exposed to ads that diverted their attention from a computer game they were testing. We found that ads significantly lowered subjects' willingness to pay for a good associated with the advertised brand. We did not find conclusive evidence that providing some level of user control over the appearance of ads mitigated the negative impact of ad interruption. Our results contribute to the research on the economic impact of advertising, and introduce a method of measuring actual (as opposed to self-reported) willingness to pay in experimental marketing research.

Lost In The Crowd: Are Large Social Graphs Inherently Indistinguishable?

Vadamalai, Subramanian Viswanathan

19 June 2017

Real social graphs datasets are fundamental to understanding a variety of phenomena, such as epidemics, crowd management and political uprisings, yet releasing digital recordings of such datasets exposes the participants to privacy violations. A safer approach to making real social network topologies available is to anonymize them by modifying the graph structure enough as to decouple the node identity from its social ties, yet preserving the graph characteristics in aggregate. At scale, this approach comes with a significant challenge in computational complexity. This thesis questions the need to structurally anonymize very large graphs. Intuitively, the larger the graph, the easier for an individual to be “lost in the crowd”. On the other hand, at scale new topological structures may emerge, and those can expose individual nodes in ways that smaller structures do not. To answer this problem, this work introduces a set of metrics for measuring the indistinguishability of nodes in large-scale social networks independent of attack models and shows how different graphs have different levels of inherent indistinguishability of nodes. Moreover, we show that when varying the size of a graph, the inherent node indistinguishability decreases with the size of the graph. In other words, the larger a graph of a graph structure, the higher the indistinguishability of its nodes.

Graph Anonymization

Privacy Metric

Linkage Covariance

Computer Sciences

Online corruption-reporting, internet censorship, and the limits of responsive authoritarianism

Hoskins, Jack

22 August 2017

This thesis traces the development of the Chinese government’s attempts to solicit corruption reports from citizens via online platforms such as websites and smartphone applications. It argues that this endeavour has proven largely unsuccessful, and what success it has enjoyed is not sustainable. The reason for this failure is that prospective complainants are offered little incentive to report corruption via official channels. Complaints on social media require less effort and are more likely to lead to investigations than complaints delivered straight to the government, though neither channel is particularly effective. The regime’s concern for social stability has led to widespread censorship of corruption discussion on social media, as well as a slew of laws and regulations banning the behaviour. Though it is difficult to predict what the long-term results of these policies will be, it seems likely that the regime’s ability to collect corruption data will remain limited. / Graduate / 2018-07-14

corruption

China

internet privacy

internet law

data crowdsourcing

Formalism of privacy preserving access control

Yang, Naikuo

January 2011

There is often a misalignment between requirements for keeping data owners' information private and real data processing practices, and this can lead to violations of privacy. Specifying and implementing appropriate policies to control a user's access to a system and its resource is critical for keeping data owners' information private. Traditionally, policy specification is isolated from requirements analysis, which often results in data processing practices that are not in compliance with data owners' requirements. This thesis investigates a development scheme that integrates policy specification into requirements analysis and approach design. It suggests that, while we derive specification from requirements analysis, we can also improve requirements and approach design through privacy preservation specification by clarifying ambiguities in the requirements and resolving inconsistencies between requirements and data processing practices. This claim is supported by the requirements analysis and specification of a purpose based access control approach for privacy preservation. The purpose-based access control method consists of an entity of purpose, which expresses requirements for keeping personal information private from a data owner's point of view. The requirements analysis is helped by the specification of the entities, the relationships, the invariants corresponding to the requirements, and the model operations along with proof obligations of their satisfiability. That specification results in a complete purpose based access control model in the case of an intra-organisation scenario. The development scheme has also been applied for privacy preservation in distributed collaborative environments. Distributed computing environments pose further challenges for keeping personal information private. Design considerations are taken for ensuring that personal information is accessed from two or more parties only if agreed privacy policies and privacy preferences are satisfied, and for facilitating privacy policies matching and privacy preference compliance among distributed collaborative organisations. The work presented in this thesis should be of value to researchers on privacy protection methods, to whom the purpose-based access control model has been made available for privacy property verification, and to researchers on privacy specification, who will be able to incorporate specification into the requirements analysis.

621.382

Freedom of the press, or the infringement of the right to privacy?: media coverage of President Kgalema Motlanthe from October 2008 to April 2009 in three newspapers

Gamlashe, Thembinkosi

January 2012

The researcher attempts to assess in which respect the privacy of former President Kgalema Motlanthe may have been invaded during his presidency, in view of journalistic ethics and press codes currently in effect. The study will explore media practices based on media freedom at the time of publication, and assess whether this freedom is understood to suggest the infringement of the right to privacy in the coverage of the private lives of politicians in the media. This study will therefore examine a sample of articles from the Sunday Times, City Press and Mail and Guardian, covering former President Kgalema Motlanthe’s public behaviour that related to his private life, assess which aspects of his demeanour became the subject of media coverage, and correlate such reporting trends with fluctuations in his political career. The researcher will focus on the period when Kgalema Motlanthe was at the helm as the Head of State – from October 2008 to April 2009, and consider particularly the trends in the sampled press reports regarding his private life. The study furthermore examines some of the legislative and normative changes that affected the media in South Africa after democratisation, to correlate the trends observed in the press coverage with legislation. This further serves to identify possible gray areas that arise from reporting on the freedom of the press and may lead to the invasion of privacy.

Freedom of the press

Privacy, Right of

Press law

Data protection -- Law and legislation

Privacy-Preserving Location-Aware Data Availability and Access Authorization in Public Safety Broadband Networks

Ghafghazi, Hamidreza

January 2017

The increased demand for interoperability among Emergency Responders (ERs) and timely accessibility to a large amount of reliable, accurate, context and location aware, and privacy-preserved data (e.g., environmental data, health records, building plan, etc.), mandates the emergence of dedicated Public Safety Broadband Networks (PSBNs). However, realizing PSBNs and addressing such requirements encounters substantial challenges. For example, several security and privacy vulnerabilities have been detected in the Long Term Evolution (LTE) which is the leading enabler of PSBNs. Nonetheless, the more significant challenge lies under the corresponding data requirements. This is because data is unstructured, its volume is enormous, and it includes inaccurate, irrelevant, and context-free data. Moreover, the data sources are heterogeneous and may not be reachable in an emergency. Furthermore, the data contains personally identifiable information for which privacy and access authorization should be respected. In this thesis, we investigate and address the aforementioned challenges. Here, we propose an efficient and secure algorithm to mitigate the main security and privacy vulnerability of LTE. In addition, to provide context and location aware data availability during an emergency, we propose a secure data storage structure and privacy-preserving search scheme. Furthermore, we propose a location-aware data access model to filter irrelevant data with regards to an incident and prevent unauthorized data access. To envision our access model, we propose a location-aware fine grained access authorization scheme. Our security analysis shows that our search scheme is secure against a chosen keyword attack and the proposed authorization scheme is formally proven secure against a selective chosen ciphertext attack. Concerning performance efficiency, our search scheme requires minimal data search and retrieval delay and the proposed authorization scheme imposes constant communication and decryption computation overheads. Finally, we propose a context-aware framework, which fully complies with emergency response requirements, based on the concept of trust to filter-out inaccurate and irrelevant data. The integration of our contributions promises highly reliable, accurate, context and location aware, and privacy-preserved data availability and timely data accessibility.

Actionable information availability

Public Safety Networks

Access Authorization

Privacy

The social, cultural, epistemological and technical basis of the concept of 'private' data

McCullagh, Karen

January 2012

In July 2008, the UK Information Commissioner launched a review of EU Directive 95/46/EC on the basis that: “European data protection law is increasingly seen as out of date, bureaucratic and excessively prescriptive. It is showing its age and is failing to meet new challenges to privacy, such as the transfer of personal details across international borders and the huge growth in personal information online. It is high time the law is reviewed and updated for the modern world.” Legal practitioners such as Bergkamp have expressed a similar sense of dissatisfaction with the current legislative approach: “Data Protection as currently conceived by the EU is a fallacy. It is a shotgun remedy against an incompletely conceptualised problem. It is an emotional, rather than rational reaction to feelings of discomfort with expanding data flows. The EU regime is not supported by any empirical data on privacy risks and demand…A future EU privacy program should focus on actual harms and apply targeted remedies.” Accordingly, this thesis critiques key concepts of existing data protection legislation, namely ‘personal’ and ‘sensitive’ data, in order to explore whether current data protection laws can simply be amended and supplemented to manage privacy in the information society. The findings from empirical research will demonstrate that a more radical change in EU law and policy is required to effectively address privacy in the digital economy. To this end, proposed definitions of data privacy and private data was developed and tested through semi-structured interviews with privacy and data protection experts. The expert responses indicate that Bergkamp et al have indeed identified a potential future direction for privacy and data protection, but that further research is required in order to develop a coherent definition of privacy protection based on managing risks to personal data, and harm from misuse of such information.

300

Polar: proxies collaborating to achieve anonymous web browsing

Tillwick, Heiko Mark

05 July 2007

User tracking and profiling is a growing threat to online privacy. Whilst Internet users can choose to withhold their personal information, their Internet usage can still be traced back to a unique IP address. This study considers anonymity as a strong and useful form of privacy protection. More specifically, we examine how current anonymity solutions suffer from a number of deficiencies: they are not commonly used, are vulnerable to a host of attacks or are impractical or too cumbersome for daily use. Most anonymity solutions are centralised or partially centralised and require trust in the operators. It is additionally noted how current solutions fail to promote anonymity for common Web activities such as performing online search queries and general day-to-day Web browsing. A primary objective of this research is to develop an anonymising Web browsing protocol which aims to be (1) fully distributed, (2) offer adequate levels of anonymity and (3) enable users to browse the Internet anonymously without overly complex mixing techniques. Our research has led to an anonymising protocol called Polar. Polar is a peer-to-peer network which relays Web requests amongst peers before forwarding it to a Web server, thus protecting the requester's identity. This dissertation presents the Polar model. Design choices and enhancements to the model are discussed. The author's implementation of Polar is also presented demonstrating that an implementation of Polar is feasible. / Dissertation (MSc (Computer Science))--University of Pretoria, 2007. / Computer Science / unrestricted

Anonymous web browsing

Privacy-enhancing technology

Proxies

UCTD

South African consumers' information privacy concerns : an investigation in a commercial environment

Jordaan, Yolanda

20 August 2007

Please read the abstract (Synopsis) in the section 00front of this document / Thesis (DCom)--University of Pretoria, 2007. / Marketing Management / DCom / Unrestricted

Privacy right of South Africa

Consumers South Africa

UCTD

Les moyens de surveillance des réseaux criminels en procédure pénale. Vers un droit commun / The means of surveillance of criminal networks in criminal proceedings. Towards a common right

Abbou, Julia

12 December 2018

Le titre XXV du Code de procédure pénale destiné à lutter contre la criminalité et la délinquance organisées a été introduit par la loi du 9 mars 2004, laquelle a créé une notion par son régime. Celui-ci, dérogatoire, comprend un panel d’actes d’investigations, lesquels supposent la mise à disposition de techniques d’enquête permettant d’anticiper, d’agir et de mieux appréhender les modes de fonctionnement de criminels considérablement aguerris. Plus précisément, il s’agit des techniques de surveillance des personnes et des biens, de l’infiltration, de l’enquête sous pseudonyme, des interceptions de correspondances émises par la voie des communications électroniques, de l’accès aux correspondances stockées, de l’IMSI-catcher, de la captation de données informatiques, et de la sonorisation et fixation d’images de certains lieux ou véhicules. Alors que les méthodes utilisées sont particulièrement coercitives, le domaine d’application n’est pas défini. En effet, s’il existe une énumération des infractions concernées par le régime, la criminalité et la délinquance organisées, pour leur part, ne sont pas définies. En réalité, ces infractions toutes décousues comprennent de multiples valeurs protégées, divers quantum de peine, et des circonstances aggravantes variées. Mais, le choix du législateur s’explique puisque l’expression « criminalité organisée » est ancienne et recouvre de multiples acceptions. Si, pour se conformer au principe de légalité criminelle, certains pensent qu’une définition rigoureuse de la notion est souhaitable, d’autres, en revanche, considèrent que le phénomène ne peut être réduit à un unique vocable ou syntagme. Cependant, l’étude démontre que, compte tenu de l’ampleur des disparates manifestations de la criminalité organisée, le législateur n’a cessé d’étendre le périmètre de ce régime en passant de deux à trois articles, et de listes à des groupes d’infractions. Ainsi, près de quinze ans après l’entrée en vigueur de ladite loi, le constat est sans appel, il existe une incapacité matérielle à véritablement saisir ce phénomène. Partant, des catégories d’infractions se recoupent au sein de plusieurs procédures particulières, et ce, pour étendre les moyens de surveillance. Des nouveaux procédés ont été intégrés mais d’autres ont également été multipliés. Dès lors, l’extension de l’une s’accompagne de l’autre. Ainsi, la simplification des dispositions du Code de procédure pénale est devenue essentielle, ce qui a conduit cette étude à s’interroger sur le rapprochement entre les règles dérogatoires et celles de droit commun. Pour appréhender ces techniques d’enquête, il faut procéder par renvois entre les articles puisque la configuration actuelle du Code de procédure pénale ne se limite pas au seul titre XXV. Cette étude propose donc de réorganiser l’emplacement de ces moyens de surveillance en les rationalisant au mieux. Une gradation était nécessaire puisque certes, elles portent toutes atteintes au droit au respect de la vie privée mais pas au même degré. Enfin, dans un objectif de simplification de la procédure, le projet de loi de programmation 2018-2022 envisage une nouvelle extension de ces moyens de surveillance. Bien que l’ambition semble, pour l’heure, inachevée, cela témoigne des perspectives d’évolution de la matière, laquelle doit perpétuellement trouver un juste équilibre entre une lutte efficace contre la criminalité et délinquance organisée et la protection de la vie privée, notamment. / By the law of March 9, 2004, Title XXV of the Code of Criminal Procedure entitled "The procedure applicable to organized crime and delinquency" created a notion by its regime. The latter, derogatory, includes a panel of investigative acts, which involve the provision of investigative techniques to anticipate, act and better apprehend the modes of operation of criminals considerably seasoned. Specifically, these include surveillance of persons and property, infiltration, pseudonym investigation, interception of correspondence via electronic communications, access to stored correspondence, the IMSI-catcher, the capture of computer data, and the sound and image fixation of certain places or vehicles. While the methods used are particularly coercive, the scope is not defined. Indeed, while there is an enumeration of the offenses concerned by the regime, organized crime and delinquency, for their part, are not defined. In reality, these all-encompassing offenses include multiple protected values, varying quantum of sentence, and various aggravating circumstances. But, the choice of the legislator is explained because the expression "organized crime" is old and covers multiple meanings. If, in order to comply with the principle of criminal legality, some people think that a rigorous definition of the notion is desirable, others, on the other hand, consider that the phenomenon can not be reduced to a single word or phrase. However, the study shows that, given the extent of the disparate manifestations of organized crime, the legislator has continued to expand the scope of this regime from two to three articles, and lists to groups offenses. Thus, nearly fifteen years after the entry into force of the said law, the finding is without appeal, there is a material incapacity to truly grasp this phenomenon. As a result, categories of offenses overlap in a number of specific procedures to extend the means of surveillance. New processes have been integrated but others have also been multiplied. From then on, the extension of one is accompanied by the other. Thus, the simplification of the provisions of the Code of Criminal Procedure has become essential, which led this study to question the approximation between the derogating rules and those of common right. To understand these investigative techniques, it is necessary to cross-refer the articles since the current configuration of the Code of Criminal Procedure is not limited to Title XXV alone. This study proposes to reorganize the location of these means of surveillance by rationalizing them at best. A gradation was necessary since, as they all violate the right to respect for private life but not to the same degree. Lastly, with a view to simplifying the procedure, the 2018-2022 programming bill envisages a further extension of these means of surveillance. Although the ambition seems, for the time being, unfinished, this shows the prospects of evolution of the subject, which must perpetually find a right balance between an effective fight against crime and organized crime and the protection of privacy. This statement has never been more true living in our times right now.

Moyens de surveillance

Vie privée

Inaccessibilité

Means of surveillance

Privacy

Inaccessibility