User-Oriented Privacy Policies: An Optimal Tool for Mitigating the Risks of Collecting User Data from Californians

The presence of user contact applications in the community as a means of preventing and overcoming the spread of COVID-19 can pose another risk to the potential dangers of protecting data privacy from contact tracing. This research examines more deeply related to user privacy policies through 3 (three) samples of android-based user contact applications that are used as a means of preventing, overcoming and controlling the spread of the COVID-19 virus in today's society and by reviewing the rules contained in the Presidential Regulation of the Republic. Indonesian No. 95 of 2018 concerning Electronic-Based Government Systems (SPBE). The study in this study was prepared using the method of literature study, observation and qualitative analysis. A comparison was made regarding the data privacy of the three samples, which was then evaluated and matched with the form of the privacy policy according to Presidential Regulation No. 95 of 2018 concerning Electronic-Based Government Systems (SPBE) and according to the ideal form of data privacy policy based on several experts. Comparative data is obtained through related applications and other electronic media which are then discussed together to conclude and evaluate the data privacy policies of the three sample applications. Based on this research, it can be concluded that privacy intervention to deal with damage and save lives is legal as long as its use is in accordance with regulations in the health, disaster, telecommunications, informatics and other related fields; in this case listed in the Presidential Decree No. 95 of 2018 concerning Electronic-Based Government Systems (SPBE) and there needs to be an increase in efforts to maintain the security and confidentiality of user data privacy through continuous system and data maintenance, encryption of data privacy storage in the manager's data warehouse and added with other data privacy policies can guarantee the security and confidentiality of the privacy of user data.

Download Full-text

Examination of Social Media Platforms in Terms of Privacy Policy

CTC 2021 PROCEEDINGS BOOK ◽

10.17932/ctcspc.21/ctc21.013 ◽

2021 ◽

Author(s):

Sema Bulat Demir ◽

Ayten Övür

Keyword(s):

Social Media ◽

Data Privacy ◽

Personal Data ◽

Privacy Policy ◽

Privacy Policies ◽

Content Analysis Method ◽

User Data ◽

Social Media Platforms ◽

Data Policy ◽

Google Play

Nowadays, social media platforms are frequently being used on the Internet. When the users create an account for these platforms, they are required to accept the data privacy policy. With the approval of the data policy, major problems may arise such as observing every activity of users on the platform, violations of security and protection of personal data, and sharing user data with third parties for commercial purposes. In this regard, it is significant to examine the privacy policies of social media platforms in detail. In this research, we examined the privacy policies of the five most popular free applications on the communication section of the Google Play Store on January 30th, 2021. The privacy policies of these applications were analyzed with the content analysis method, and the research aims to reveal the area of utilization of the data that the users provide, with or without the permission of the user.

Download Full-text

Abstract P201: Evaluating Data Sharing And Privacy Policies Of Diabetes Mobile Apps: Where Is The Data Going?

Hypertension ◽

10.1161/hyp.76.suppl_1.p201 ◽

2020 ◽

Vol 76 (Suppl_1) ◽

Author(s):

Khaled Abdelrahman ◽

Josh Bilello ◽

Megna Panchbhavi ◽

Mohammed S Abdullah

Keyword(s):

Data Sharing ◽

Mobile Applications ◽

Mobile Apps ◽

Third Party ◽

Privacy Policy ◽

Privacy Policies ◽

Privacy Concerns ◽

App Store ◽

User Data ◽

Do So

Introduction: Diabetes mobile applications (apps) that help patients monitor disease have led to privacy concerns. We aimed to assess privacy policies for diabetes mobile applications with a focus on data transmission to outside parties. Methods: The App Store was used to gather apps pertaining to diabetes by searching “diabetes” and “blood sugar”. Two readers evaluated privacy policies (PP) including data sharing and storing techniques for mention of 27 predetermined criteria. All network traffic generated while loading and using the app was intercepted by a man-in-the-middle attack to listen to data delivered between the sender and receiver of data transmissions. A packet analyzer determined contents of transmission, where data was sent, and if transmission contained user data. Results: Of 35 apps evaluated, 29 (83%) had PP. The most frequent transmission destinations were Google (n=130 transmissions), Kamai Technologies (n=53), Facebook (n=38) and Amazon (n=33). 35 of 35 apps (100%) were transmitting data to a third party. 2 of 2 (100%) of those who had a privacy policy without mention of a third party transmitted data to a third party. 8 of 8 (100%) apps who mentioned they would not transmit to a third party were found to do so. 19 of 19 (100%) apps who mentioned they would transmit data to a third party were found to do so. All apps (n=6) without a privacy policy were found to be transmitting data to a third party. Conclusion: Most diabetes apps on the App store have accessible PP. All apps evaluated transmitted data to a third party, even when the policy stated this would not occur. As mobile applications are increasingly utilized by patients, it is important to warn of privacy implications.

Download Full-text

Tracking sex: The implications of widespread sexual data leakage and tracking on porn websites

New Media & Society ◽

10.1177/1461444820924632 ◽

2020 ◽

Vol 22 (11) ◽

pp. 2018-2038

Author(s):

Elena Maris ◽

Timothy Libert ◽

Jennifer R Henrichsen

Keyword(s):

Content Analysis ◽

Sexual Identity ◽

Vulnerable Populations ◽

College Education ◽

Third Party ◽

Privacy Policies ◽

User Data ◽

Quantitative Results ◽

Privacy Risks ◽

Affirmative Consent

This article explores tracking and privacy risks on pornography websites. Our analysis of 22,484 pornography websites indicated that 93% leak user data to a third-party. Tracking on these sites is highly concentrated by a handful of major companies, which we identify. We successfully extracted privacy policies for 3856 sites, 17% of the total. The policies were written such that one might need a 2-year college education to understand them. Our content analysis of the sample’s domains indicated 44.97% of them expose or suggest a specific gender/sexual identity or interest likely to be linked to the user. We identify three core implications of the quantitative results: (1) the unique/elevated risks of porn data leakage versus other types of data, (2) the particular risks/impact for “vulnerable” populations, and (3) the complications of providing consent for porn site users and the need for affirmative consent in these online sexual interactions.

Download Full-text

Privacy awareness issues in user data collection by digital libraries

IFLA Journal ◽

10.1177/0340035218777275 ◽

2018 ◽

Vol 44 (3) ◽

pp. 170-182 ◽

Cited By ~ 1

Author(s):

Elaine Parra Affonso ◽

Ricardo César Gonçalves Sant’Ana

Keyword(s):

Data Collection ◽

South America ◽

Digital Libraries ◽

Research Method ◽

User Interaction ◽

Exploratory Research ◽

Privacy Policies ◽

User Data ◽

Privacy Issues ◽

Country Specific

This work has the objective of investigating privacy aspects in the collection of data by the National Digital Libraries of South America. Country-specific digital libraries were examined using an exploratory research method to identify data these libraries collected both with the user’s awareness and in the explicit presence of privacy policies within their environments. Brazil’s National Digital Library environment was also examined by using the Wireshark tool to identify possible data collected implicitly during user interaction. We identified that only two of the examined digital libraries provide privacy guidance, and in relation to the collection process, the data that are collected without the knowledge of the user stand out more than the data that the user makes available consciously. It is concluded that privacy issues can be influenced by low user awareness of when, how and where data collection takes place, and the availability of privacy policies becomes essential in digital libraries to raise awareness about this process.

Download Full-text

Facebook gives social scientists unprecedented access to its user data

Nature ◽

10.1038/d41586-019-01447-5 ◽

2019 ◽

Author(s):

Heidi Ledford

Keyword(s):

Social Scientists ◽

User Data

Download Full-text

Student Perceptions of Facebook’s Privacy Policies & Rights

Journal of Social Media Studies ◽

10.15340/2147336621850 ◽

2015 ◽

Vol 2 (1) ◽

pp. 15-26

Author(s):

Christina L. Wissinger ◽

Keyword(s):

Student Perceptions ◽

Privacy Policies

Download Full-text

The Cost of Lost Privacy: Search, Antitrust and the Economics of the Control of User Data

SSRN Electronic Journal ◽

10.2139/ssrn.2265026 ◽

2013 ◽

Cited By ~ 8

Author(s):

Nathan Newman

Keyword(s):

User Data ◽

The Cost

Download Full-text

A New User-controlled and Efficient Encrypted Data Sharing Model in Cloud Storage

Recent Patents on Engineering ◽

10.2174/1872212113666190215143537 ◽

2019 ◽

Vol 13 (4) ◽

pp. 356-363

Author(s):

Yuezhong Wu ◽

Wei Chen ◽

Shuhong Chen ◽

Guojun Wang ◽

Changyun Li

Keyword(s):

Data Sharing ◽

Data Security ◽

Cloud Storage ◽

Screening Program ◽

Original Data ◽

Third Party ◽

Active System ◽

Encrypted Data ◽

Active User ◽

User Data

Background: Cloud storage is generally used to provide on-demand services with sufficient scalability in an efficient network environment, and various encryption algorithms are typically applied to protect the data in the cloud. However, it is non-trivial to obtain the original data after encryption and efficient methods are needed to access the original data. Methods: In this paper, we propose a new user-controlled and efficient encrypted data sharing model in cloud storage. It preprocesses user data to ensure the confidentiality and integrity based on triple encryption scheme of CP-ABE ciphertext access control mechanism and integrity verification. Moreover, it adopts secondary screening program to achieve efficient ciphertext retrieval by using distributed Lucene technology and fine-grained decision tree. In this way, when a trustworthy third party is introduced, the security and reliability of data sharing can be guaranteed. To provide data security and efficient retrieval, we also combine active user with active system. Results: Experimental results show that the proposed model can ensure data security in cloud storage services platform as well as enhance the operational performance of data sharing. Conclusion: The proposed security sharing mechanism works well in an actual cloud storage environment.

Download Full-text

Tracing or Tracking? A Preliminary Analysis of COVID-19 Outbreak Tracker Apps on Android and User Privacy (Preprint)

10.2196/preprints.19662 ◽

2020 ◽

Author(s):

Alex Akinbi ◽

Ehizojie Ojie

Keyword(s):

Preliminary Analysis ◽

Service Providers ◽

User Participation ◽

Memory Storage ◽

Phone Call ◽

Contact Tracing ◽

Privacy Rights ◽

User Privacy ◽

Android Apps ◽

User Data

BACKGROUND Technology using digital contact tracing apps has the potential to slow the spread of COVID-19 outbreaks by recording proximity events between individuals and alerting people who have been exposed. However, there are concerns about the abuse of user privacy rights as such apps can be repurposed to collect private user data by service providers and governments who like to gather their citizens’ private data. OBJECTIVE The objective of our study was to conduct a preliminary analysis of 34 COVID-19 trackers Android apps used in 29 individual countries to track COVID-19 symptoms, cases, and provide public health information. METHODS We identified each app’s AndroidManifest.xml resource file and examined the dangerous permissions requested by each app. RESULTS The results in this study show 70.5% of the apps request access to user location data, 47% request access to phone activities including the phone number, cellular network information, and the status of any ongoing calls. 44% of the apps request access to read from external memory storage and 2.9% request permission to download files without notification. 17.6% of the apps initiate a phone call without giving the user option to confirm the call. CONCLUSIONS The contributions of this study include a description of these dangerous permissions requested by each app and its effects on user privacy. We discuss principles that must be adopted in the development of future tracking and contact tracing apps to preserve the privacy of users and show transparency which in turn will encourage user participation.

Download Full-text