Search results

Research on online user privacy shows that empirical evidence on how privacy literacy relates to users' information privacy empowerment is missing. To fill this gap, this paper investigated the respective influence of two primary dimensions of online privacy literacy – namely declarative and procedural knowledge – on online users' information privacy empowerment.

An empirical analysis is conducted using a dataset collected in Europe. This survey was conducted in 2019 among 27,524 representative respondents of the European population.

The main results show that users' procedural knowledge is positively linked to users' privacy empowerment. The relationship between users' declarative knowledge and users' privacy empowerment is partially supported. While greater awareness about firms and organizations practices in terms of data collections and further uses conditions was found to be significantly associated with increased users' privacy empowerment, unpredictably, results revealed that the awareness about the GDPR and user’s privacy empowerment are negatively associated. The empirical findings reveal also that greater online privacy literacy is associated with heightened users' information privacy empowerment.

While few advanced studies made systematic efforts to measure changes occurred on websites since the GDPR enforcement, it remains unclear, however, how individuals perceive, understand and apply the GDPR rights/guarantees and their likelihood to strengthen users' information privacy control. Therefore, this paper contributes empirically to understanding how online users' privacy literacy shaped by both users' declarative and procedural knowledge is likely to affect users' information privacy empowerment. The study empirically investigates the effectiveness of the GDPR in raising users' information privacy empowerment from user-based perspective. Results stress the importance of greater transparency of data tracking and processing decisions made by online businesses and services to strengthen users' control over information privacy. Study findings also put emphasis on the crucial need for more educational efforts to raise users' awareness about the GDPR rights/guarantees related to data protection. Empirical findings also show that users who are more likely to adopt self-protective approaches to reinforce personal data privacy are more likely to perceive greater control over personal data. A broad implication of this finding for practitioners and E-businesses stresses the need for empowering users with adequate privacy protection tools to ensure more confidential transactions.

The General Data Protection Regulation (GDPR) introduces significant data protection obligations on all organizations within the European Union (EU) and those transacting with EU citizens. This paper presents the GDPR privacy label and uses two empirical studies to examine the effectiveness of this approach in influencing consumers' privacy perceptions and related behavioral intentions.

The paper tests the efficacy of two GDPR privacy label designs, a consent-based label and a static label. Study 1 examines the effects of each label on perceptions of risk, control and privacy. Study 2 investigates the influence of consumers' privacy perceptions on perceived trustworthiness and willingness to interact with the organization.

The findings support the potential of GDPR privacy labels for positively influencing perceptions of risk, control, privacy and trustworthiness and enhancing consumers' willingness to transact and disclose data to online organizations.

The findings are useful for organizations required to comply with the GDPR and present a solution to requirements for transparent communications and explicit consent.

This study examines and demonstrates the efficacy of visualized privacy policies in impacting consumer privacy perceptions and behavioral intentions.

In response to food supply constraints resulting from coronavirus disease 2019 (COVID-19) restrictions, in the year 2020, the project developed automated household Aquaponics units to guarantee food self-sufficiency. However, the automated aquaponics solution did not fully comply with data privacy and portability best practices to protect the data of household owners. The purpose of this study is to develop a data privacy and portability layer on top of the previously developed automated Aquaponics units.

Design Science Research (DSR) is the research method implemented in this study.

General Data Protection and Privacy Regulations (GDPR)-inspired principles empowering data subjects including data minimisation, purpose limitation, storage limitation as well as integrity and confidentiality can be implemented in a federated learning (FL) architecture using Pinecone Matrix home servers and edge devices.

The literature reviewed for this study demonstrates that the GDPR right to data portability can have a positive impact on data protection by giving individuals more control over their own data. This is achieved by allowing data subjects to obtain their personal information from a data controller in a format that makes it simple to reuse it in another context and to transmit this information freely to any other data controller of their choice. Data portability is not strictly governed or enforced by data protection laws in the developing world, such as Zimbabwe's Data Protection Act of 2021.

Privacy requirements can be implemented in end-point technology such as smartphones, microcontrollers and single board computer clusters enabling data subjects to be incentivised whilst unlocking the value of their own data in the process fostering competition among data controllers and processors.

The use of end-to-end encryption with Matrix Pinecone on edge endpoints and fog servers, as well as the practical implementation of data portability, are currently not adequately covered in the literature. The study acts as a springboard for a future conversation on the topic.

The purpose of this paper is to develop a usable configuration management for Archistar, which utilizes secret sharing for redundantly storing data over multiple independent storage clouds in a secure and privacy-friendly manner. Selecting the optimal secret sharing parameters, cloud storage servers and other settings for securely storing the secret data shares, while meeting all of end user’s requirements and other restrictions, is a complex task. In particular, complex trade-offs between different protection goals and legal privacy requirements need to be made.

A human-centered design approach with structured interviews and cognitive walkthroughs of user interface mockups with system administrators and other technically skilled users was used.

Even technically skilled users have difficulties to adequately select secret sharing parameters and other configuration settings for adequately securing the data to be outsourced.

Through these automatic settings, not only system administrators but also non-technical users will be able to easily derive suitable configurations.

The authors present novel human computer interaction (HCI) guidelines for a usable configuration management, which propose to automatically set configuration parameters and to solve trade-offs based on the type of data to be stored in the cloud. Through these automatic settings, not only system administrators but also non-technical users will be able to easily derive suitable configurations.

There is significant national interest in tackling issues surrounding the needs of vulnerable children and adults. This paper aims to argue that much value can be gained from the application of new data-analytic approaches to assist with the care provided to vulnerable children. This paper highlights the ethical and information governance issues raised in the development of a research project that sought to access and analyse children’s social care data.

The paper documents the process involved in identifying, accessing and using data held in Birmingham City Council’s social care system for collaborative research with a partner organisation. This includes identifying the data, its structure and format; understanding the Data Protection Act 1998 and 2018 (DPA) exemptions that are relevant to ensure that legal obligations are met; data security and access management; the ethical and governance approval process.

The findings will include approaches to understanding the data, its structure and accessibility tasks involved in addressing ethical and legal obligations and requirements of the ethical and governance processes.

The aim of this research is to highlight the potential use of use new data-analytic techniques to examine the flow of children’s social care data from referral, through the assessment process, to the resulting service provision. Data held by Birmingham City Council are used throughout, and this paper highlights key ethical and information governance issues which were addressed in preparing and conducting the research. The findings provide insight for other data-led studies of a similar nature.

This paper aims to spark a debate by presenting the need for developing data ecosystems in Europe that meet the social and public good while committing to democratic and ethical standards; suggesting a taxonomy of data infrastructures and institutions to support this need; using the case study of Barcelona as the flagship city trailblazing a critical policy agenda of smart cities to show the limitations and contradictions of the current state of affairs; and ultimately, proposing a preliminary roadmap for institutional and governance empowerment that could enable effective data ecosystems in Europe.

This paper draws on lessons learned in previous publications available in the sustainability (Calzada, 2018), regions (Calzada and Cowie, 2017; Calzada, 2019), Zenodo (Calzada and Almirall, 2019), RSA Journal (Calzada, 2019) and IJIS (Calzada, 2020) journals and ongoing and updated fieldwork about the Barcelona case study stemming from an intensive fieldwork action research that started in 2017. The methodology used in these publications was based on the mixed-method technique of triangulation via action research encompassing in-depth interviews, direct participation in policy events and desk research. The case study was identified as the most effective methodology.

This paper, drawing from lessons learned from the Barcelona case study, elucidates on the need to establish pan-European data infrastructures and institutions – collectively data ecosystems – to protect citizens’ digital rights in European cities and regions. The paper reveals three main priorities proposing a preliminary roadmap for local and regional governments, namely, advocacy, suggesting the need for city and regional networks; governance, requiring guidance and applied, neutral and non-partisan research in policy; and pan-European agencies, leading and mobilising data infrastructures and institutions at the European level.

From the very beginning, this paper acknowledges its ambition, and thus its limitations and clarifies its attempt to provide just an overview rather than a deep research analysis. This paper presents several research limitations and implications regarding the scope. The paper starts by presenting the need for data ecosystems, then structures this need through two taxonomies, all illustrated through the Barcelona case study and finally, concludes with a roadmap consisting of three priorities. The paper uses previous published and ongoing fieldwork findings in Barcelona as a way to lead, and thus encourage the proliferation of more cases through Cities Coalition for Digital Rights (CCDR).

This paper presents practical implications for local and regional authorities of the CCDR network. As such, the main three priorities of the preliminary roadmap could help those European cities and regions already part of the CCDR network to establish and build operational data ecosystems by establishing a comprehensive pan-European policy from the bottom-up that aligns with the timely policy developments advocated by the European Commission. This paper can inspire policymakers by providing guidelines to better coordinate among a diverse set of cities and regions in Europe.

The leading data governance models worldwide from China and the USA and the advent of Big Data are dramatically reshaping citizens’ relationship with data. Against this backdrop and directly influenced by the General Data Protection Regulation (GDPR), Europe has, perhaps, for the first time, spoken with its own voice by blending data and smart city research and policy formulations. Inquiries and emerging insights into the potential urban experiments on data ecosystems, consisting of data infrastructures and institutions operating in European cities and regions, become increasingly crucial. Thus, the main social implications are for those multi-stakeholder policy schemes already operating in European cities and regions.

In previous research, data ecosystems were not directly related to digital rights amidst the global digital geopolitical context and, more specifically, were not connected to the two taxonomies (on data infrastructures and institutions) that could be directly applied to a case study, like the one presented about Barcelona. Thus, this paper shows novelty and originality by also opening up (based on previous fieldwork action research) a way to take strategic action to establish a pan-European strategy among cities and regions through three specific priorities. This paper can ultimately support practice and lead to new research and policy avenues.

The voices of children and young people have been largely neglected in discussions of the extent to which the internet takes into account their needs and concerns. This paper aims to highlight young people’s lived experiences of being online.

Results are drawn from the UnBias project’s youth led discussions, “Youth Juries” with young people predominantly aged between 13 and 17 years.

Whilst the young people are able to use their agency online in some circumstances, many often experience feelings of disempowerment and resignation, particularly in relation to the terms and conditions and user agreements that are ubiquitous to digital technologies, social media platforms and other websites.

Although changes are afoot as part of the General Data Protection Regulation (herein the GDPR) to simplify the terms and conditions of online platforms (European Union, 2016), it offers little practical guidance on how it should be implemented to children. The voices and opinions of children and young people are put forward as suggestions for how the “clear communication to data subjects” required by Article 12 of the GDPR in particular should be implemented, for example, recommendations about how terms and conditions can be made more accessible.

Children and young people are an often overlooked demographic of online users. This paper argues for the importance of this group being involved in any changes that may affect them, by putting forward recommendations from the children and young people themselves.

Information Systems (IS) research has built up a considerable understanding of digital platform ecosystems, while policymakers worldwide are aiming to introduce platform regulations that seek to erode fundamental mechanisms of digital platforms. This viewpoint article provides an introduction to how platform regulation affects our current understanding of digital platform ecosystems and suggests opportunities for future research.

A detailed analysis of the effects of the European Union (EU) Digital Markets Act (DMA) on current findings of organizational, technical and economic IS platform research.

Government regulations of digital platforms such as the DMA likely affect the central mode of operation of platforms in the scope of the regulation. The authors preconceive a major impact on platform openness, governance, steering the platform supply-side, modularity, nestedness, network effects, pricing and single-/multi-homing. In addition, the authors present opportunities for future research in each of these IS platform research streams.

Landmark regulations implemented in the past, such as the General Data Protection Regulation (GDPR), caused paradigm changes that fertilized research opportunities in IS and beyond. This viewpoint article aims to nudge studies that examine the changed mode of operation of platforms following platform regulation.

The purpose of this paper is to try to reach the main factors that could put national security at risk as a result of government cloud computing programs.

The paper adopts the analytical approach to first lay foundations of the relation between national security, cybersecurity and cloud computing, then it moves to analyze the main vulnerabilities that could affect national security in cases of government cloud computing usage.

The paper reached several findings such as the relation between cybersecurity and national security as well as a group of factors that may affect national security when governments shift to cloud computing mainly pertaining to storing data over the internet, the involvement of a third party, the lack of clear regulatory frameworks inside and between countries.

Governments are continuously working on developing their digital capacities to meet citizens’ demands. One of the most trending technologies adopted by governments is “cloud computing”, because of the tremendous advantages that the technology provides; such as huge cost-cutting, huge storage and computing capabilities. However, shifting to cloud computing raises a lot of security concerns.

The value of the paper resides in the novelty of the topic, which is a new contribution to the theoretical literature on relations between new technologies and national security. It is empirically important as well to help governments stay safe while enjoying the advantages of cloud computing.

As a countermeasure to the COVID-19 pandemic, countries are implementing social distancing and mask-wearing. In this situation, the use of digital devices and untact activities are increasing. As a result, domestic and international e-commerce is increasing, and data is growing rapidly. Developed countries with advanced artificial intelligence and big data technologies have been striving to establish international regulations for digital trade in order to create a business environment that is advantageous for their own companies. This paper examines the e-commerce trend since the outbreak of COVID-19 and analyzes major issues related to digital trade rules under discussion. In particular, this paper pointed out that although Korea is recognized to be an advanced country considering its stage of industrial development and income level, the nation maintains the position of developing countries regarding digital trade. Based on this, this paper attempted to draw implications for the development of Korea's digital trade in the post COVID-19 world.