A privacy expectations and security assurance offer system

Authors:
Jeffrey Hunker
Affiliations:
Carnegie Mellon University, Pittsburgh, PA
Venue:
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Year:
2008

Citing 13
Cited 2

Markets and privacy

Communications of the ACM
Transforming the 'Weakest Link' — a Human/Computer Interaction Approach to Usable and Effective Security

BT Technology Journal
Maintaining Privacy in an Online World

IT Professional
Unpacking "privacy" for a networked world

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
"Goodies" in Exchange for Consumer Information on the Internet: The Economics and Issues

HICSS '98 Proceedings of the Thirty-First Annual Hawaii International Conference on System Sciences-Volume 4 - Volume 4
Guest Editors' Introduction: Secure or Usable?

IEEE Security and Privacy
On the value of private information

TARK '01 Proceedings of the 8th conference on Theoretical aspects of rationality and knowledge
Business Compliance to Changing Privacy Protections

HICSS '05 Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS'05) - Track 5 - Volume 05
Valuating Privacy

IEEE Security and Privacy
Usable privacy and security for personal information management

Communications of the ACM - Personal information management
Cyberinsurance in IT Security Management

IEEE Security and Privacy
P3P: Making Privacy Policies More Useful

IEEE Security and Privacy
Giving notice: why privacy policies and security breach notifications aren't enough

IEEE Communications Magazine

When do firms invest in privacy-preserving technologies?

GameSec'10 Proceedings of the First international conference on Decision and game theory for security
Investment in privacy-preserving technologies under uncertainty

GameSec'11 Proceedings of the Second international conference on Decision and Game Theory for Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Consumers accessing web sites for information or to purchase products face limited opportunity to express their privacy preferences, and even less recourse if security violations lead to inadvertent disclosure of privacy sensitive information. A privacy expectations and security assurance offer system is proposed in which on-line organizations with web sites offer consumers, in exchange for a fee, a choice of privacy preferences and information security levels; if privacy is violated under the terms of this privacy expectations and security assurance instrument, consumers will be compensated. The proposed offer system directly links responsibility and accountability for security of privacy information to the on-line organization, and has other benefits. Adoption is problematic, and will require market experimentation.