Two workshops

by ian.brown | November 24th, 2011

As PVN draws to a close, we will be having two final workshops to disseminate some our results. Please join us!

Anonymity, Privacy, and Open Data
Wednesday 7 December 2011 16:00 – 18:00
Location: Church House Conference Centre, Dean’s Yard, Westminster, London SW1P 3NZ.

This event will consider how anonymity can protect privacy, and how effective “anonymisation” algorithms can be in protecting published health, education and other types of sensitive data. Speakers include Dr Kieron O’Hara, author of the Cabinet Office’s Transparency and Privacy Review; Ross Anderson, professor of security engineering at the University of Cambridge; and Jim Killock, executive director of the Open Rights Group. Also featured are Steve Wood, who is leading the Information Commissioner’s Office work on a code of practice on anonymisation; and Professor Graham Greenleaf from the University of New South Wales, on the legal right to transactional anonymity in privacy principles.

Midata or Their Data? Controlling Your Own Customer Record
Wednesday 14 December 2011 14:00 – 17:00
Location: Room 051, Computer Science Department, Wolfson Building, Parks Road, OX1 3QD.

The UK government’s Midata initiative will see 26 major businesses give customers access to their personal data in portable, electronic format. This should allow consumers to better understand their own behaviour (supporting, for example, energy efficiency), and to shop around for better deals. Consumer groups including Which? have been developing privacy principles for this service, while start-ups like Mydex are developing technology to let individuals manage their own personal data ‘lockers’. At this workshop we will hear from some of the key Midata government, industry and civil society stakeholders, and discuss how to maximise benefits to individuals and the economy while minimising risks of data spills and other threats.

Unconference on privacy and financial inclusion

by ian.brown | September 7th, 2011

PVN is organising an ‘unconference’ on 20th September at Birkbeck College in London. This will be an informal event whose theme will be ‘the role of privacy in achieving social inclusion through financial inclusion’. The aim of the day is to foster innovations and the creation and development of new ideas by bringing together key groups of interested individuals.

Dave Birch will be chairing the day, so there promises to be a plethora of lively and informative discussion. The event will run from 10am until 4pm, with registration from 9:30am.

As this is a Not for Profit event, there will be a nominal fee of £10 to attend, as a contribution towards reading materials and refreshments. You can register here. To encourage discussion in advance of the event, we have also opened a meetup page.

Best Short Paper Award at British HCI Conference 2011

by anne-marie.oostveen | July 9th, 2011

My short paper ‘The Internet as an Empowering Technology for Stigmatized Groups: a Case Study of Weight Loss Bloggers’ has won the Best Short Paper Award at the 25th BCS Conference on Human Computer Interaction HCI 2011. HCI 2011 is the leading conference in the field of Human Computer Interaction in the UK. It covers the design, evaluation and application of techniques and approaches for interacting with devices and services. This year the conference reflected on the theme of Health, Wealth and Happiness.

Part of my work on the PVN project has focused on online self-disclosure. This particular paper describes a case study of disclosure among weight loss bloggers. Research shows that obesity has a social stigma in western society which leads to discriminatory attitudes towards overweight and obese people. In real life overweight people are in Goffmans’ terms (1968) discredited individuals (e.g. their differentness is evident on the spot). On the Internet however, their weight problems are not immediately perceivable by those they communicate with: in this context they have become discreditable individuals who can actively manage information about their overweight by either telling or not telling.

Despite the offline reluctance of individuals to talk openly about weight issues, there is an abundance of personal weblogs about weight loss with remarkably open accounts of everything to do with overweight. While the widespread use of personal blogs offer opportunities for interaction and communication they also raise privacy concerns. There are both potential positive and negative consequences for stigmatized individuals of online (self-) disclosure.

The paper uses a survey with both open-ended and closed questions to examine the extent of online disclosure among adult weight loss bloggers. We are interested to find out why people are willing to disclose information which has a social stigma offline? Do the bloggers remain anonymous or do they disclose their identities? The research shows that weight loss blogs empower many of its writers to use their voice to gain more self-confidence and become more open about stigmatized issues. Overall, weight loss blogging seems to bring more positives than negatives for our respondents. Instead of ‘careless relinquishment of privacy’ by individuals, it seems to be more a case of what Koskela (2004) calls ‘empowering exhibitionism’ whereby the bloggers receive benefits due to their voluntary disclosure of personal information. They make social connections and build up a community of likeminded people which helps them in their struggle to lose their excess weight. Finding a strong online community with likeminded people who give moral support, feedback and reinforcement, does not only boost self-esteem and feelings of happiness, but will also help weight loss bloggers reach their goal. Studies have shown that those who have a social support system in place lose more weight than those who do not. In this sense the internet can be utilized as a technology for the improvement of well-being. In our follow-up study whereby we will interview bloggers and analyse their blogs we will examine in further detail whether these gains are constrained to the online context or whether they also have an impact in the offline interpersonal context.

Members of the Privacy Value Networks project presented papers at the Privacy and Usability Methods (PUMP) Workshop, organised in Dundee, Scotland as part of the British HCI Conference 2010. Here are the two papers I co-authored:

The first paper reports on work-in-progress towards the development of an automated privacy dictionary, led by Dr Asimina Vasalou at the University of Bath. In a previous study, the prototype theory from the field of linguistics was applied, in order to construct a set of sufficient and inclusive criteria for the conceptualization of privacy. Building on the features emanating from this privacy prototype, the paper explains how the research team will adopt a linguistic approach to study privacy relevant discourse. Apart from its theoretical contribution, this work aims at contributing a new methodological tool to accurately identify privacy relevant language.

The second paper is co-authored by Fadhila Mazanderani, Dr Ian Brown and myself at the University of Oxford. We report on the qualitative research practices employed in the two empirical studies we carried out in relation to technology development and use in HIV care. The discussion focuses on the methodological challenges involved in the study of privacy within this environment. We approach the topic with an ethnographically informed view and emphasise on four themes: the role of institutional, organisational and personal gatekeepers; identity politics around research topics, researchers and participants; the temporal and spatial contingency of access and disclosure; and micro-negotiations around privacy in interview settings. Apart from studying how research subjects understand and enact privacy in their environment, research interactions themselves involve a significant amount of information as to how privacy can be conceptualized. This paper stresses the importance of reflexivity around the ways researchers and participants enact privacy within research interactions. By including this understanding in the analysis of data collected during fieldwork, we can enrich the study of privacy and rethink broader methodological problems of the field.

Tom Scott has produced a graphic demonstration of the way Facebook’s complicated, opt-out privacy settings are exposing information that users might prefer remain private — in this case, phone numbers:

Thanks GB for the tip!

Posted in News | 1 Comment »

Facebook Privacy Settings

by Dave Houghton | May 18th, 2010

After seeing the last two posts about Facebook and their idea of privacy settings, when I came across the following link I thought I should post it here, too.

The link came through in one of my Twitter feeds (danah boyd I believe). It is a tool that scans your Facebook privacy settings within your browser and informs you in a clear way which elements of Facebook are open to all and which are private.

Despite it saying that you must add a bookmark to your browser, you can simply copy and paste the link into the address bar once you are logged into Facebook.

It doesn’t send any data anywhere, running only within your browser.

Posted in News | 1 Comment »

Bye, bye Facebook

by adam.joinson | May 14th, 2010

As mentioned in the previous post by Tristan, Facebook is facing all kinds of trouble at the moment. I’ve just deactivated my account, and will shift it to deleted in a few weeks (once I have the time to scrape off my contacts). As an early adopter of Facebook, this was a tough decision to make – it’s been a fantastic way to reconnect with old friends, make some new ones, and to share news, photos and ideas. But, recent events have made it obvious that the benefits no longer outweigh the costs. In particular, the shift to public ‘pages’ and the searchable status updates, alongside the recently announced ‘open social’ approach to sharing friends’ data with external web sites has made it almost impossible (in some cases actually impossible) to control the leakage of information across Internet sites that I as a user have not consented to give my information to.

As a user, there are a number of choices available to us when faced with these decisions. One is to just walk away, and leave a moribund account. The problem here is that information is still leaked. Option two is to delete information in the profile, and replace with either fake information or no information at all. This obviously has downsides for Facebook since much of their USP is the wealth of relatively accurate information available for marketing types. But, for users there’s a downside too – for us, the USP of Facebook was about connecting with people we had a connection to in ‘real life’ – so, once we attempt to achieve privacy through obfuscation or deception, the actual utility of the site is also reduced for us. So, it’s a loss-loss situation. That leave the final option – deletion or deactivation – the route I chose.

I’ve researched how people use Facebook (relatively) extensively (e.g. this paper) – and one of the core lessons from the more recent work is that it only works if people can protect their privacy via the site, rather than via their actions. When they don’t do it through the site (whether because it’s too complicated, or not possible, or they don’t trust the settings), then they’ll do it through their actions. In the cases I looked at, this was by engaging with the site in a more shallow way. But, if this isn’t feasible, then the only option left is to quit. The management of Facebook (in particular the CEO) seem to have forgotten that if our private spaces are made public, there’s really not much chance that we’ll ‘dance like there’s no-one looking’ – instead we’ll become self-conscious, awkward, and eventually sit down in a corner looking a little embarrassed. My version of that is retreating to a locked Twitter account…

Why the change of tune, Facebook?

by Tristan Henderson | May 14th, 2010

Today is “Kill your Facebook Page” day. Pundits across the blogosphere are loudly criticising the social network giant. What is going on?

Last year, Facebook, under pressure from its users, introduced a new set of principles that included all sorts of good things like equality, ownership and freedom. But these principles have been thrown out of the window as Facebook has gone “rogue”, making previously-private data public in an attempt to monetise its users’ social graphs and self-declared preferences.

What now? Will Facebook cave in to pressure once again? So far they are alternating between arrogance and silence.

Meanwhile, demand grows for an alternative. While big companies such as Google offer little comfort for privacy-aware social network users, a group of undergraduate students have raised over US$100,000 based on little more than a flashy web site with some nascent plans for a decentralised OSN. While these ideas are nothing new, hopefully they will use some of their funds to develop a system that is usable by “silver surfers” as well as holders of Computer Science PhDs.

So maybe the market will decide. Perhaps Facebook has underestimated the costs of their users’ privacy and will suffer a loss in market share and business as a result. Or perhaps their users would actually prefer more of their data to be public, and the privacy-aware competitors will fall by the wayside. Either way, these social network site builders would no doubt have benefited from a privacy value network framework to help understand the costs of privacy.

Data-mining the data miners

by ian.brown | April 16th, 2010

Wendy Grossman has written this week’s net.wars about the Privacy Open Space conference we hosted earlier this week in Oxford, with several mentions of Privacy Value Networks:

So privacy is hard: to define, to value, to implement. As Seda Gürses, studying how to incorporate privacy into social networks, said, privacy is a process, not an event. “You can’t do x and say, Now I have protected privacy.”

Here are the slides I used in a short presentation on how privacy issues are being debated in the UK’s current general election:

Information Privacy Challenges in Healthcare

by chrysanthi.papoutsi | April 4th, 2010

The poster I co-authored with Dr Ian Brown and presented recently at the IADIS e-Society 2010 conference in Portugal, aims at illustrating the background to information privacy risks in healthcare. This research is part of the work undertaken for one of the project’s case studies and the focus of my doctoral thesis.

The extensive discussion in the literature on information privacy produced little consensus on how the concept should be articulated and how it should be balanced against other values. It remains an elusive term and its use is contextual and situated. The objective of this work is to provide a nuanced understanding of information privacy perspectives and practices in the context of HIV clinics.

Healthcare consists of information intensive organisations, where professionals collect personal data and medical histories, perform operations, tests and prescribe treatments that feed information into patients’ files. Information cannot remain secret but acquires value by use and sharing. Medical needs require information to be at the right time at the right place within and outside the environment of specific clinics in a hospital. At the same time, the inherent sensitivity of health information cannot be ignored. In this context, information privacy is associated with patient confidentiality, one of the most important values of the medical community. However, it is difficult to balance critical medical needs of information disclosure under uncertainty, with patients’ claims for privacy protection. As confidentiality seems to be emergent and enacted within the everyday work routine, where people act in conflicting and dynamic groups, a range of perspectives and practices can be identified.

This research study is currently under way. Further steps include three case studies of HIV clinics, using qualitative methods such as document analysis, in-depth, semi-structured interviews, focus groups, as well as quantitative measures, like repertory grids. Participants will primarily be health professionals, health workers, administrative employees and IT staff in HIV clinics of NHS Hospitals. In addition, the views of stakeholders from the NHS and community organisations will be examined.