網站隱私權政策分析－以台灣網站為例

李俊磊, Li , Chun-Lei

Unknown Date

個人資料的資料流（Data Flows）在網路上的擴散，造成對個人隱私權的威脅，逐漸已經成為社會大眾所關注的議題。在過去幾年中，網站逐漸被要求制定相關的規範以符合大眾的期待。然而，隨著網際網路環境的快速變遷，網站的規範是否提供適當的個人隱私權保護，將會成為社會大眾持續討論的問題。 部分的網站已經滿足隱私權到某種程度。這些網站開始採用一些普遍性的實作。在某些程度上，這些實作依循由隱私權規範創立者所推動的公平資訊實施原則（Fair Information Practice Principle）（FTC，1998a）。 本研究根據文獻探討提及的公平資訊實施原則：告知（notice）、選擇（choice）、存取（access）、與安全（security），對個人使用者感興趣的台灣地區網站進行網站隱私權政策分析與調查研究，探討其對個人隱私揭露的程度。 研究結果指出，樣本中84.1%的網站收集至少一種形式的個人識別資訊（例如：姓名，e-mail address，郵政地址），72.3%收集至少一種形式的人口統計學資訊（例如：性別，喜好，郵遞區號），71.8%的網站兩者接收集，而15.4%的網站兩者皆不收集。隱私揭露方面，67.7%（390個樣本中的264個）刊載至少一種形式的隱私揭露（一個隱私權政策的告示或是一個資訊實施聲明），50.5%這兩種形式的隱私揭露都刊載，有32.3%個網站這兩種形式的隱私揭露皆不刊載。觀察隱私揭露反映公平資訊實施的程度，在264個有收集個人資訊與刊載隱私揭露的網站中，92.8%包含至少一種關於（告知）的調查項目，70.8%包含至少一種關於（選擇）的調查項目，80.7%包含至少一種關於（存取）的調查項目，43.9%包含至少一種關於（安全）的調查項目，以及26.9%包含關於（聯絡資訊）的調查項目。 在本研究中，看待這些網站樣本所得出的結果，應特別注意那些較不滿足公平資訊實施原則的部分，包括對Cookies使用的告知、告知關於外界第三者的相關資訊、選擇、安全以及聯絡資訊等部份所表現出來的結果，而實際上所有台灣網站所表現出的結果，很可能比本研究所得出的結果來得更為不理想，網站若要更能滿足使用者對隱私權保護的期待，就必須更正視這些部份的隱私揭露保護。 資料的收集與使用對網路環境的發展影響甚鉅，網站營運者在思考如何使資料的利用最大化時，必須兼顧使用者的隱私權。唯有在合理，相互尊重的架構下，才能替彼此創造出長遠的利益。本研究的結果希望能對台灣在檢討、發展、建立符合台灣環境及與世界接軌的網路隱私權保護環境上，作出些許的貢獻。 / The spreading of personal data flows over the Internet has threatened many online individuals’ privacy, which also becomes a noticeable topic among the society. For the past few years, there were norms applied to websites in order to protect online users’ privacy. However, could norms provide proper protections along with the rapid improvement of Internet technology? This topic will remain among society’s discussion. Some websites provide certain amount of protections by using popular practices. On a certain level, these practices follow the Fair Information Practice Principle that was supported by the Privacy Norm Entrepreneurs (FTC, 1998). This research is based on the four main elements of Fair Information Practice Principle: Notice, Choice, Access, and Security. The thesis concentrates on analyzing and researching the privacy policy about privacy disclosure provided by websites that were directed and interested to individual user within Taiwan. Based on the result of this research, 84.1% of the sampled websites collected at least one type of personal identifying information (e.g. name, e-mail address, postal address). 72.3% of the sampled websites collected at least one type of demographic information (e.g. gender, preferences, Zip code). 71.8% of the websites collected both types of personal information, and 15.4% collected neither type of personal information. As for privacy disclosure, 67.7% of the websites (264 out of 390 sampled websites) provided at least one type of privacy disclosures (a privacy policy notice or an information practice statement). 50.5% of the websites provided both types of disclosures; and 32.3% of the websites provided none of the above. By studying the researched websites along with the Fair Information Practice Principle, Of the 264 websites that collected personal information and posted a privacy disclosure, 92.8% included at least one survey item for notice, 70.8% contained at least one survey item for choice, 80.7% contained at least one survey item for access, 43.9% contained at least one survey item for security, and 26.9% contained at least one survey item for contact information. While studying the research result, it is important to concentrate on the websites that did not follow the Fair Information Practice Principle. The result includes websites’ notice of Cookies usage, and providing third party related information, choice, security, and contact information, etc. However, the result in reality could be a lot worse than the research result. In order to fulfill online users’ anticipation, websites should pay more attention on privacy policy of these parts. Colleting and using users’data influence the development of online environment greatly. Web owners should consider their customers’ privacy rights while trying to capitalize customers’ information. The only way to generate long and stable benefit for both provider and user is with respect. Hopefully the result of this research will contribute some amount of consideration and development of privacy protection that works for websites and users in Taiwan.

網站

個人資訊

公平資訊實施

隱私權政策

Website

Personal Information

Fair Information Practice

Privacy Policy

Ukradeno 77 milionů účtů služby PlayStation Network, týká se nás to?: analýza internetových diskuzí pod články týkajícími se tématu / 77 millions user accounts have been stolen, should we worry? Analysis of Internet discussions relevant to the topic

Gregor, Filip

January 2013

Diploma thesis 77 million PlayStation Network accounts stolen, does it affect us?: An analysis of Internet discussions revolving around this topic deals with the case of what so far seems to be the biggest case of user information leak on the Internet. The introduction outlines the history and development of PlayStation consoles and maps major attempts to jailbreak the last generation of the console by hackers. The following section presents PlayStation Network itself, whose users were at risk of the loss of their online identity because of the attack and chronologically describes the course of breach-related events including the subsequent theft of user data. It also focuses in detail on the case of GeoHot - a hacker whose dispute with Sony alienated fellow hacker community and initiated retaliatory activities which as a result led to loss of data. Another part of the thesis examines the issue of digital identity and its protection, gives an insight into the history of the formation of the hacker community and further explains the phenomenon of existence and perception of the term hacker in the context of the Internet. The final section is devoted to analysis of selected discussion posts under thematically relevant articles, analyzes them in terms of content relevance, information sentiment and...

Geração de rótulo de privacidade por palavras-chaves e casamento de padrões

Pontes, Diego Roberto Gonçalves de

13 July 2016

Submitted by Alison Vanceto (alison-vanceto@hotmail.com) on 2017-05-08T12:54:39Z No. of bitstreams: 1 DissDRGP.pdf: 2915023 bytes, checksum: 6dc48dd58772bd3d2917206ca9a92646 (MD5) / Approved for entry into archive by Ronildo Prado (ronisp@ufscar.br) on 2017-05-10T14:04:50Z (GMT) No. of bitstreams: 1 DissDRGP.pdf: 2915023 bytes, checksum: 6dc48dd58772bd3d2917206ca9a92646 (MD5) / Approved for entry into archive by Ronildo Prado (ronisp@ufscar.br) on 2017-05-10T14:04:57Z (GMT) No. of bitstreams: 1 DissDRGP.pdf: 2915023 bytes, checksum: 6dc48dd58772bd3d2917206ca9a92646 (MD5) / Made available in DSpace on 2017-05-10T14:09:36Z (GMT). No. of bitstreams: 1 DissDRGP.pdf: 2915023 bytes, checksum: 6dc48dd58772bd3d2917206ca9a92646 (MD5) Previous issue date: 2016-07-13 / Não recebi financiamento / Users do not usually read privacy policies from online services. Among the main reasons for that is the fact that such policies are long and commonly hard to understand, which makes the user lose interest in reading them carefully. In this scenario, users are prone to agree to the policies terms without knowing what kind of data is being collected and why. This dissertation discusses how the policies' content may be presented in a more friendly way, showing information about data collection and usage in a table herein called Privacy Label. The Privacy Label is a table with lines named according to data collection terms and columns named according to expressions that reveal how the data is used by the service. The table content shows if the policy collects a particular data to a particular usage. To generate the Privacy Label, a study was made in a set of privacy policies to identify which terms repeat more often along the texts. To do so, we used techniques to find keywords, and from these keywords we were able to create privacy categories. The categories define which kind of data is being collected and why, which are represented by cells in the Privacy Label. Using word comparison techniques, a privacy policy can be analyzed and important information can be extracted by comparing its terms with the terms from the privacy categories. For each category we find, we show it in the Privacy Label. To assess the proposed approach we developed an application prototype, herein called PPMark, that analyzes a particular privacy policy, extract its keywords and generates the Privacy Label automatically. The information extracted was analyzed regarding its quality using three metrics: precision, recall and f-measure. The results show that the approach is a viable functional alternative to generate the Privacy Label and present privacy policies in a friendly manner. There are evidences of time saving by using our approach, which facilitates the process of decision making. / Comumente, os usuários não leem as políticas de privacidade dos serviços online que utilizam. Entre as principais causas estão os textos longos, muitas vezes de difícil compreensão, desestimulando o interesse pela leitura atenciosa e integral. Neste cenário, os usuários, muitas vezes, concordam com os termos sem saber os tipos de dados que estão sendo coletados e o porquê. Esta dissertação discute como o conteúdo das políticas de privacidade pode ser apresentado de forma mais sintética para o usuário, com as informações sobre a coleta e a utilização dos dados sendo exibidas em uma tabela, denominada Rótulo de Privacidade. O Rótulo de Privacidade é uma tabela com linhas nomeadas por termos de coleta de dados e colunas nomeadas por expressões que denotam finalidade das coletas. O conteúdo da tabela informa se a política contempla a coleta de dados para a finalidade especificada. Para ser possível a geração do Rótulo de Privacidade, foi feito um estudo em um conjunto de políticas de privacidade para verificar quais termos mais se repetem nos textos. Para isto foram utilizadas técnicas para encontrar palavras-chave e com estas foram criadas categorias de privacidade. As categorias definem tipos de dados coletados e propósitos da coleta, que no Rótulo de Privacidade são representados pelas células da tabela. Utilizando técnicas de comparação de palavras, uma política de privacidade a ser lida pelo usuário pode ser analisada pela abordagem, extraindo informações importantes por meio das comparações de seus termos com os termos das categorias de privacidade elaboradas. Para cada categoria encontrada na política de privacidade, a informação é ilustrada no Rótulo de Privacidade. Para a avaliação da abordagem proposta, foi desenvolvido um protótipo de uma aplicação, denominada PPMark, que analisa uma particular política de privacidade, extrai as palavras-chave e gera o Rótulo de Privacidade de forma automatizada. As informações extraídas foram analisadas quanto à qualidade utilizandose três métricas que são empregadas para a avaliação de classificadores, sendo elas precisão, recall e f-measure. Os resultados mostraram que a abordagem proposta é uma alternativa funcional para o preenchimento do Rótulo de Privacidade e a apresentação das políticas de privacidade. Há evidências de economia de tempo com a leitura e entendimento das políticas, possibilitando suporte para a tomada de decisões.

Política de privacidade

Rótulo de privacidade

Tabela

Casamento de padrões

Palavras-chave

Privacidade

Privacy policy

Privacy label

Table

Pattern matching

Keywords

Privacy

Privacy Policy : Att skapa förtroende för en uppkopplad värld / Privacy Policy : Building trust on the Internet

Jacobsson, Andreas, Lundström, Andreas

January 2001

Förtroende har sitt ursprung i trygghet och säkerhet. För att lämna ifrån sig personlig information krävs att man känner förtroende och således även trygghet och säkerhet. Tillgång till personlig information är en viktig konkurrensfördel för ett företag. Samtidigt utgör den personliga informationen ett problem eftersom många kunder känner en oro att lämna ifrån sig denna. Oron beror på osäkerhet om vad som kan hända med den information man lämnar, denna oro kan i sin tur leda till brist på förtroende. Chansen är med andra ord större att kunden väljer att fullfölja en registrering om den känner förtroende. I USA presenterar de flesta stora webbplatser en integritetspolicy, även om tillämpningen av dem varierar något, i syfte att skapa förtroende. I Sverige existerar företeelsen inte alls i samma utsträckning. Kundernas oro för att lämna ifrån sig personlig information gör att det finns ett behov av att informera dem om hur erlagd information hanteras. Genom att presentera en integritetspolicy (enligt rekommend ationerna) kan man öka Internetanvändarnas kunskap om vad som händer med deras personliga information. Således minskar även användarnas osäkerhet och förtroende kan byggas. / 0707-94 66 52 / 0703-64 15 00

Elektroniska transaktioner

förtroende

Socialt Kapital

Trust

E-handel

Personlig information

Integritet

Privacy Policy

Integritetspolicy

Business Administration

Företagsekonomi

Human Computer Interaction

Bör du v(AR)a rädd för framtiden? : En studie om The privacy Paradox och potentiella integritetsrisker med Augmented Reality / Should you be sc(AR)ed of the future? : A study about The Privacy Paradox and potential risks with Augmented Reality

Madsen, Angelica, Nymanson, Carl

January 2021

I en tid där digitaliseringen är mer utbredd än någonsin ökar också mängden data som samlas och delas online. I takt med att nya tekniker utvecklas öppnas det upp för nya utmaningar för integritetsfrågor. En aktiv användare online ägnar sig med störst sannolikhet också åt ett eller flera sociala medier, där ändamålen ofta innebär att dela med sig av information till andra. Eftersom tekniker Augmented Reality används mer frekvent i några av de största sociala medierapplikationerna blev studiens syfte att undersöka potentiella integritetsproblem med Augmented Reality.l Studiens tillvägagångsätt har bestått av en empirisk datainsamling för att skapa ett teoretiskt ramverk för studien. Utifrån detta har det genomförts en digital enkät samt intervjuer för att närmare undersöka användarens beteende online och The Privacy Paradox. Utifrån undersökningens resultat kunde The Privacy Paradox bekräftas och ge en bättre förståelse för hur användaren agerar genom digitala kanaler. I studien behandlas olika aspekter kring integritetsfrågor såsom användarvillkor, sekretessavtal, datamäklare, framtida konsekvenser och vad tekniken möjliggör. Studien kom fram till att användare, företaget och dagens teknik tillåter att en känsligare information kan utvinnas genom ett dataintrång. Även om det ännu inte har inträffat ett dataintrång som grundat sig i Augmented Reality före denna studie, finns det en risk att det endast handlar om en tidsfråga innan det sker. / In a time when digitalization is more widespread than ever, the amount of data collected and shared is increasing. As new technologies develop, challenges for privacy concerns arises. An active online user is likely to engage in one or many social media platforms, where the purpose often involves sharing information with others. Since Augmented Reality is more frequently supported in some the biggest social media applications, the purpose of this study was to investigate potential privacy concerns with Augmented Reality. The study's approach consisted of an empirical data collection to create a theoretical framework for the study. Based on this, a digital survey and interviews were conducted to further investigate the user's behavior online and The Privacy Paradox. Based on the results of the survey, The Privacy Paradox could be confirmed and a better understanding of how the user interacts through digital channels was achieved. The study treats different aspects of privacy concerns such as user terms, privacy policies, data brokers, future consequences and what technology enables. The study reached the conclusion that users, buisnesses and today's technology allow a more sensitive type of information to be collected through a data breach. Even if there has not yet occurred a data breach enabled by Augmented Reality prior to this study, there is a risk that it is only a matter of time until it happens.

Augmented Reality

The Privacy Paradox

Privacy policy

Data Collection

Biometrisk Data

Augmented Reality

The Privacy Paradox

Integritetsfrågor

Datainsamling

Biometrisk data

Media and Communications

Medie- och kommunikationsvetenskap

Priv-C : une politique de confidentialité personnalisable

Lawani, Oluwa Sosso

01 1900

Les politiques de confidentialité définissent comment les services en ligne collectent, utilisent et partagent les données des utilisateurs. Bien qu’étant le principal moyen pour informer les usagers de l’utilisation de leurs données privées, les politiques de confidentialité sont en général ignorées par ces derniers. Pour cause, les utilisateurs les trouvent trop longues et trop vagues, elles utilisent un vocabulaire souvent difficile et n’ont pas de format standard. Les politiques de confidentialité confrontent également les utilisateurs à un dilemme : celui d’accepter obligatoirement tout le contenu en vue d’utiliser le service ou refuser le contenu sous peine de ne pas y avoir accès. Aucune autre option n’est accordée à l’utilisateur. Les données collectées des utilisateurs permettent aux services en ligne de leur fournir un service, mais aussi de les exploiter à des fins économiques (publicités ciblées, revente, etc). Selon diverses études, permettre aux utilisateurs de bénéficier de cette économie de la vie privée pourrait restaurer leur confiance et faciliter une continuité des échanges sur Internet. Dans ce mémoire, nous proposons un modèle de politique de confidentialité, inspiré du P3P (une recommandation du W3C, World Wide Web Consortium), en élargissant ses fonctionnalités et en réduisant sa complexité. Ce modèle suit un format bien défini permettant aux utilisateurs et aux services en ligne de définir leurs préférences et besoins. Les utilisateurs ont la possibilité de décider de l’usage spécifique et des conditions de partage de chacune de leurs données privées. Une phase de négociation permettra une analyse des besoins du service en ligne et des préférences de l’utilisateur afin d’établir un contrat de confidentialité. La valeur des données personnelles est un aspect important de notre étude. Alors que les compagnies disposent de moyens leur permettant d’évaluer cette valeur, nous appliquons dans ce mémoire, une méthode hiérarchique multicritères. Cette méthode va permettre également à chaque utilisateur de donner une valeur à ses données personnelles en fonction de l’importance qu’il y accorde. Dans ce modèle, nous intégrons également une autorité de régulation en charge de mener les négociations entre utilisateurs et services en ligne, et de générer des recommandations aux usagers en fonction de leur profil et des tendances. / Privacy policies define the way online services collect, use and share users’ data. Although they are the main channel through which users are informed about the use of their private data, privacy policies are generally ignored by them. This is due to their long and vague content, their difficult vocabulary and their no standard format. Privacy policies also confront users to a dilemma. Indeed, they must agree to all their content in order to use the service or reject it, and in this case they do not have access to the service. No other alternative is given to the user. Online services process data collected from users to provide them a service, but they also exploit those data for economic purposes (targeted advertising, resale, etc.). According to various studies, allowing users to benefit from the use of their data could restore their trust towards online services and facilitate data exchanges on the Internet. In this work, we propose a new model of privacy policy, inspired by the P3P (a World Wide Web Consortium - W3C Recommendation) but increasing its functionalities and reducing its complexity. This model defines a specific structure allowing users and online services to define their preferences and needs. Users have the opportunity to decide for each of their private data, specifying how it will be used and shared. A negotiation phase will allow a needs analysis of the online service and preferences of the user to establish a confidentiality agreement. The value of personal data is also an important aspect of our study. While companies have resources allowing them to rate this value, we apply in this thesis, a hierarchical multi-criteria method. This method will allow each user to give value to his personal data according to the importance he attaches to it. In this model, we also integrate a regulation authority. It is in charge of conducting negotiations between users and online services, and generate recommendations to users based on their profile and current trends.

Politique de confidentialité

Personnalisation

Options

Négociation

Économie de la vie privée

Incitations économiques

Privacy Policy

Personalisation

Options

Negotiation

Economics of privacy

Economic incentives

Sind wir fit für das 21. Jahrhundert? : Die aus den neuen Technologien erwachsenden Anforderungen an die Archive / Are we prepared for the 21st century : the challenges for archives arising due to new technologies

17 March 2011

Der Tagungsband beschäftigt sich mit den aus den neuen Technologien erwachsenden Anforderungen an die Archive. Er fasst mehrere Aufsätze zusammen, die sich aus unterschiedlichen Perspektiven mit diesen Herausforderungen beschäftigen. Das Eingangsreferat von Norbert Becker wertet eine Umfrage zu Erwartungen der Benutzer im Hinblick auf die modernen Medien und Informationstechnologien aus. Kerstin Arnold stellt das Projekt zur Schaffung eines Archivportals für die Bundesrepublik Deutschland vor. In zwei weiteren Beiträgen werden konkrete Digitalisierungsprojekte bzw. –strategien vorgestellt. Susanne Knoblich, Berlin, stellt einen Werkstattbericht zur Übernahme von elektronischen Unterlagen in das Landesarchiv Berlin vor. Abgerundet wird der Band durch einen Beitrag von Kerstin Orantek zu den Problemen des Datenschutzes in einer digitalisierten Welt. / The proceedings of the conference are concerned with the requirements for archives arising due to new technologies. It comprises several papers addressing these challenges from different perspectives. The opening address by Norbert Becker evaluates a survey on user expectations concerning modern media and information technologies. Kerstin Arnold describes a project to create the archive portal of the Federal Republic of Germany. In two other contributions, specific digitisation projects or strategies are discussed. Susanne Knoblich from Berlin presents a working report on the transfer of electronic documents for the National Archives of Berlin. Kerstin Orantek completes the volume with a contribution on the problem of data protection in a digital world.

Benutzererwartungen

Archivportal

elektronische Unterlagen

archival user expectations

digital conversion

archive portal

electronic records

privacy policy

ddc:000

Digitalisierung

Datenschutz

Hochschularchiv

Sind wir fit für das 21. Jahrhundert? : Die aus den neuen Technologien erwachsenden Anforderungen an die Archive

Luther, Stephan

17 March 2011

Der Tagungsband beschäftigt sich mit den aus den neuen Technologien erwachsenden Anforderungen an die Archive. Er fasst mehrere Aufsätze zusammen, die sich aus unterschiedlichen Perspektiven mit diesen Herausforderungen beschäftigen. Das Eingangsreferat von Norbert Becker wertet eine Umfrage zu Erwartungen der Benutzer im Hinblick auf die modernen Medien und Informationstechnologien aus. Kerstin Arnold stellt das Projekt zur Schaffung eines Archivportals für die Bundesrepublik Deutschland vor. In zwei weiteren Beiträgen werden konkrete Digitalisierungsprojekte bzw. –strategien vorgestellt. Susanne Knoblich, Berlin, stellt einen Werkstattbericht zur Übernahme von elektronischen Unterlagen in das Landesarchiv Berlin vor. Abgerundet wird der Band durch einen Beitrag von Kerstin Orantek zu den Problemen des Datenschutzes in einer digitalisierten Welt.:Stephan Luther: Einleitung 7 Norbert Becker: Perspektiven, Benutzererwartungen und neue Aufgaben der Archive zu Beginn des 21. Jahrhunderts. Ergebnisse einer Benutzerumfrage 11 Kerstin Arnold: Auf dem Weg zum Archivportal Deutschland. Die Referenzanwendung aus dem DFG-Projekt zum „Ausbau des Netzwerks SED-/FDGB-Archivgut“ 37 Marek Ďurčanský: Die tschechischen Spezialarchive und die Digitalisierung 53 Matthias Röschner: Auf dem Weg ins Internet – Digitalisierungsprojekte im Archiv 65 Susanne Knoblich: Übernahme und Archivierung elektronischer Unterlagen durch das Landesarchiv Berlin – Ein Werkstattbericht 83 Kerstin Orantek: Probleme des Datenschutzes in einer digitalisierten Welt – Neue Anforderungen für Archive? 91 / The proceedings of the conference are concerned with the requirements for archives arising due to new technologies. It comprises several papers addressing these challenges from different perspectives. The opening address by Norbert Becker evaluates a survey on user expectations concerning modern media and information technologies. Kerstin Arnold describes a project to create the archive portal of the Federal Republic of Germany. In two other contributions, specific digitisation projects or strategies are discussed. Susanne Knoblich from Berlin presents a working report on the transfer of electronic documents for the National Archives of Berlin. Kerstin Orantek completes the volume with a contribution on the problem of data protection in a digital world.:Stephan Luther: Einleitung 7 Norbert Becker: Perspektiven, Benutzererwartungen und neue Aufgaben der Archive zu Beginn des 21. Jahrhunderts. Ergebnisse einer Benutzerumfrage 11 Kerstin Arnold: Auf dem Weg zum Archivportal Deutschland. Die Referenzanwendung aus dem DFG-Projekt zum „Ausbau des Netzwerks SED-/FDGB-Archivgut“ 37 Marek Ďurčanský: Die tschechischen Spezialarchive und die Digitalisierung 53 Matthias Röschner: Auf dem Weg ins Internet – Digitalisierungsprojekte im Archiv 65 Susanne Knoblich: Übernahme und Archivierung elektronischer Unterlagen durch das Landesarchiv Berlin – Ein Werkstattbericht 83 Kerstin Orantek: Probleme des Datenschutzes in einer digitalisierten Welt – Neue Anforderungen für Archive? 91

info:eu-repo/classification/ddc/000

ddc:000

Bör du v(AR)a rädd för framtiden? : En studie om The Privacy Paradox och potentiella integritetsrisker med Augmented Reality / Should you be sc(AR)ed of the future? : A study about The Privacy Paradox and potential risks with Augmented Reality

Madsen, Angelica, Nymanson, Carl

January 2021

I en tid där digitaliseringen är mer utbredd än någonsin ökar också mängden data som samlas och delas online. I takt med att nya tekniker utvecklas öppnas det upp för nya utmaningar för integritetsfrågor. En aktiv användare online ägnar sig med största sannolikhet också åt ett eller flera sociala medier, där ändamålen ofta innebär att dela med sig av information till andra. Eftersom tekniken Augmented Reality används mer frekvent i några av de största sociala medieapplikationerna blev studiens syfte att undersöka potentiella integritetsproblem med Augmented Reality. Studiens tillvägagångssätt har bestått av en empirisk datainsamling för att skapa ett teoretiskt ramverk för studien. Utifrån detta har det genomförts en digital enkät samt intervjuer för att närmare undersöka användarens beteende online och The Privacy Paradox. Utifrån undersökningens resultat kunde The Privacy Paradox bekräftas och ge en bättre förståelse för hur användaren agerar genom digitala kanaler. I studien behandlas olika aspekter kring integritetsfrågor såsom användarvillkor, sekretessavtal, datamäklare, framtida konsekvenser och vad tekniken möjliggör. Studien kommer fram till att användare, företaget och dagens teknik tillåter att en känsligare information kan utvinnas genom ett dataintrång. Även om det ännu inte har inträffat ett dataintrång som grundat sig i Augmented Reality före denna studie, finns det en risk att det endast handlar om en tidsfråga innan detta sker. / In a time when digitalization is more widespread than ever, the amount of data collected and shared is increasing. As new technologies develop, challenges for privacy concerns arises. An active online user is likely to engage in one or many social media platforms, where the purpose often involves sharing information with others. Since Augmented Reality is more frequently supported in some of the biggest social media applications, the purpose of this study was to investigate potential privacy concerns with Augmented Reality. The study’s approach consisted of an empirical data collection to create a theoretical framework for the study. Based on this, a digital survey and interviews were conducted to further investigate the user's behavior online and The Privacy Paradox. Based on the results of the survey, The Privacy Paradox could be confirmed and a better understanding of how the user interacts through digital channels was achieved. The study treats different aspects of privacy concerns such as user terms, privacy policies, data brokers, future consequences and what technology enables. The study reached the conclusion that users, businesses and today's technology allow a more sensitive type of information to be collected through a data breach. Even if there has not yet occurred a data breach enabled by Augmented Reality prior to this study, there is a risk that it is only a matter of time until this happens.

Augmented Reality

User Agreements

Privacy Policy

The Privacy Paradox

Privacy Concerns

Facial Recognition

Deep Fakes

Biometric Data

Data Collection

Augmented Reality

Användaravtal

Sekretessavtal

The Privacy Paradox

Integritetsfrågor

Ansiktsigenkänning

Deep Fakes

Biometrisk Data

Datainsamling

Media and Communication Technology

Medieteknik

An Information Privacy Examination of the Practices of Pharmaceutical Companies Regarding Use of Information Collected Through Their Websites

Brown, Shonda Dellena

01 May 2015

Consumers have begun to take a more proactive approach to their healthcare by accessing pharmaceutical companies Websites to obtain health and drug information, support groups, rebates, coupons, as well as free drug trials. In exchange for these benefits, companies require consumers to voluntarily disclose information. However, research has shown that consumers continue to be concerned about how their information is managed, used, and distributed by companies, especially if accessed via the Web. To date, there has been limited empirical research to examine the actual online practices of companies when it comes to privacy, especially those of pharmaceutical companies. Using Delphi expert panel process, the components of a benchmarking index were identified to examine the documented and actual online practices of 100 Website registrations with pharmaceutical companies. The evolution for the development of an index to measure the personal information privacy violations of pharmaceutical companies is presented. Second, empirical evidence is provided regarding the magnitude of voluntary adherence to the Fair Information Practices (FIPs) by pharmaceutical companies based upon the personal information privacy violations. The results revealed that companies with headquarters in Europe had fewer personal information privacy violations than those in Asia, UK, and the US. Moreover, the results indicate that fewer personal information privacy violations occur for chronic conditions than for non-chronic conditions, as well as fewer violations occur with Website registrations for updates than for discounts. Finally, both Europe and UK demonstrated more overall adherence to FIPs than the US and Asia. This suggests that self-regulation may not be sufficient, while more enforcement may be necessary to decrease personal information privacy violations.

Consumer Control

Fair Information Practices

Information Privacy

Information Sharing

Personal Information Privacy Violations

Privacy Policy

Information science

Organizational behavior

Marketing

Computer Sciences

Health Information Technology

Marketing

Medicine and Health Sciences

Organizational Behavior and Theory

Pharmacy and Pharmaceutical Sciences