Social eCommerce

The word bibliography displayed on a TVThis is part 3 of a bibliography of privacy topics to review in depth. I took my main interests and narrowed them down to 3 specific applications of privacy theory. This one focuses on eCommerce, social media and privacy. It does not touch conventional social media like Facebook in any depth and when it reviews them, it is looking at them through the lens of commerce.

This list is incomplete due to me starting the bibliography late. It would benefit by searching references of these documents as well as evaluating sources that cite them.

The topics are not very closely attached to library science topics.

A goal is to be able to look at privacy from several significantly different angles to develop a broader understanding.


Aljukhadar, M., Senecal, S., & Ouellette, D. (2010). Can the Media Richness of a Privacy Disclosure Enhance Outcome? A Multifaceted View of Trust in Rich Media Environments. International Journal of Electronic Commerce, 14(4), 103-126. doi:10.2753/jec1086-4415140404

Baethge, C., Klier, J., & Klier, M. (2016). Social commerce-state-of-the-art and future research directions. Electronic Markets, 26(3), 269-290. doi:10.1007/s12525-016-0225-2

Chang, S. H., Chih, W. H., Liou, D. K., & Yang, Y. T. (2016). The mediation of cognitive attitude for online shopping. Information Technology & People, 29(3), 618-646. doi:10.1108/itp-08-2014-0172

Choi, B. C., & Tam, J. (2015). Privacy by Design: Examining Two Key Aspects of Social Applications. Paper presented at the International Conference on HCI in Business.

Hew, J. J., Lee, V. H., Ooi, K. B., & Lin, B. S. (2016). Mobile social commerce: The booster for brand loyalty? Computers in Human Behavior, 59, 142-154. doi:10.1016/j.chb.2016.01.027

Hoffmann, C. P., Lutz, C., & Meckel, M. (2015). Content creation on the Internet: a social cognitive perspective on the participation divide. Information Communication & Society, 18(6), 696-716. doi:10.1080/1369118x.2014.991343

Keith, M. J., Babb, J. S., Lowry, P. B., Furner, C. P., & Abdullat, A. (2015). The role of mobile-computing self-efficacy in consumer information disclosure. Information Systems Journal, 25(6), 637-667. doi:10.1111/isj.12082

Keith, M. J., Thompson, S. C., Hale, J., Lowry, P. B., & Greer, C. (2013). Information disclosure on mobile devices: Re-examining privacy calculus with actual user behavior. International Journal of Human-Computer Studies, 71(12), 1163-1173. doi:10.1016/j.ijhcs.2013.08.016

Knijnenburg, B. P., & Kobsa, A. (2013). Making Decisions about Privacy: Information Disclosure in Context-Aware Recommender Systems. ACM Trans. Interact. Intell. Syst., 3(3), 1-23. doi:10.1145/2499670

Lai, I. K. W., & Shi, G. C. (2015). The impact of privacy concerns on the intention for continued use of an integrated mobile instant messaging and social network platform. International Journal of Mobile Communications, 13(6), 641-669. doi:10.1504/ijmc.2015.072086

Olivero, N., & Lunt, P. (2004). Privacy versus willingness to disclose in e-commerce exchanges: The effect of risk awareness on the relative role of trust and control. Journal of Economic Psychology, 25(2), 243-262. doi:10.1016/S0167-4870(02)00172-1

Tan, X., Qin, L., Kim, Y., & Hsu, J. (2012). Impact of privacy concern in social networking web sites. Internet Research, 22(2), 211-233. doi:10.1108/10662241211214575

Toch, E., Wang, Y., & Cranor, L. F. (2012). Personalization and privacy: a survey of privacy risks and remedies in personalization-based systems. User Modeling and User-Adapted Interaction, 22(1-2), 203-220. doi:10.1007/s11257-011-9110-z

Xu, H., Wang, N., & Grossklags, J. (2012). Privacy by redesign: Alleviating privacy concerns for third-party apps.

Yang, H. L., & Lin, S. L. (2015). User continuance intention to use cloud storage service. Computers in Human Behavior, 52, 219-232. doi:10.1016/j.chb.2015.05.057

Yang, H. W., & Liu, H. (2014). Prior negative experience of online disclosure, privacy concerns, and regulatory support in Chinese social media. Chinese Journal of Communication, 7(1), 40-59. doi:10.1080/17544750.2013.816756

Original image: bibliography. By Tessa Farrell [Image license]

Location-based Technologies and Privacy

The word bibliography displayed on a TVThis is part 2 of a bibliography of topics to review in depth. I took my main interests and narrowed them down to 3 specific applications of privacy theory. This one which is focused on the intersection of Location-base issues and privacy.

This list is incomplete due to me starting the bibliography late. It would benefit by searching references of these documents as well as evaluating sources that cite them.

The topics are not very closely attached to library science topics.


Fodor, M., & Brem, A. (2015). Do privacy concerns matter for Millennials? Results from an empirical analysis of Location-Based Services adoption in Germany. Computers in Human Behavior, 53, 344-353. doi:10.1016/j.chb.2015.06.048

Junglas, I. A., Johnson, N. A., & Spitzmuller, C. (2008). Personality traits and concern for privacy: an empirical study in the context of location-based services. European Journal of Information Systems, 17(4), 387-402. doi:10.1057/ejis.2008.29

Kwee-Meier, S. T., Butzler, J. E., & Schlick, C. (2016). Development and validation of a technology acceptance model for safety-enhancing, wearable locating systems. Behaviour & Information Technology, 35(5), 394-409. doi:10.1080/0144929x.2016.1141986

Lin, J. L., Benisch, M., Sadeh, N., Niu, J. W., Hong, J., Lu, B. H., & Guo, S. H. (2013). A comparative study of location-sharing privacy preferences in the United States and China. Personal and Ubiquitous Computing, 17(4), 697-711. doi:10.1007/s00779-012-0610-6

Piao, C. H., Li, X. Y., Pan, X., & Zhang, C. Y. (2016). User privacy protection for a mobile commerce alliance. Electronic Commerce Research and Applications, 18, 58-70. doi:10.1016/j.elerap.2016.03.005

Roback, D., & Wakefield, R. L. (2013). Privacy Risk versus Socialness in the Decision to Use Mobile Location-Based Applications. Data Base for Advances in Information Systems, 44(2), 19-38.

Sun, Y. Q., Wang, N., Shen, X. L., & Zhang, J. X. (2015). Location information disclosure in location-based social network services: Privacy calculus, benefit structure, and gender differences. Computers in Human Behavior, 52, 278-292. doi:10.1016/j.chb.2015.06.006

Zhou, T. (2011). The impact of privacy concern on user adoption of location-based services. Industrial Management & Data Systems, 111(1-2), 212-226. doi:10.1108/02635571111115146

Zhao, L., Lu, Y. B., & Gupta, S. (2012). Disclosure Intention of Location-Related Information in Location-Based Social Network Services. International Journal of Electronic Commerce, 16(4), 53-89. doi:10.2753/jec1086-4415160403

Zhou, T. (2013). An empirical examination of user adoption of location-based services. Electronic Commerce Research, 13(1), 25-39. doi:10.1007/s10660-013-9106-3

Zhou, T. (2015). Understanding user adoption of location-based services from a dual perspective of enablers and inhibitors. Information Systems Frontiers, 17(2), 413-422. doi:10.1007/s10796-013-9413-1

Original image: bibliography. By Tessa Farrell [Image license]

Smart Cities, Smart Grids, Smart Meters

The word bibliography displayed on a TVThis is part 1 of a bibliography of topics to review in depth. I took the main interests and narrowed them down to 3 specific applications of privacy theory. This one is focused on the topic of the Internet of Things, but is very narrow within that grouping and focuses on Smart Power Meters

These lists are all incomplete due to me starting the bibliography late. It would benefit by searching references of these documents as well as evaluating sources that cite them.

The topics are not very closely attached to library science topics.


Bier, C., & Krempel, E. (2012, 3-5 Dec. 2012). Common privacy patterns in video surveillance and smart energy. Paper presented at the Computing and Convergence Technology (ICCCT), 2012 7th International Conference on.

Brown, I. (2014). Britain’s smart meter programme: A case study in privacy by design. International Review of Law, Computers & Technology, 28(2), 172-184. doi:10.1080/13600869.2013.801580

Cavoukian, A., & Kursawe, K. (2012, 27-29 Aug. 2012). Implementing Privacy by Design: The smart meter case. Paper presented at the Smart Grid Engineering (SGE), 2012 IEEE International Conference on.

Davis, M. H., Lang, U., & Shetye, S. (2015). A Cybermodel for Privacy by Design: Building privacy protection into consumer electronics. IEEE Consumer Electronics Magazine, 4(1), 41-49.

De Wolf, R., Heyman, R., & Pierson, J. (2013). Privacy by Design Through a Social Requirements Analysis of Social Network Sites form a User Perspective. In S. Gutwirth, R. Leenes, P. de Hert, & Y. Poullet (Eds.), European Data Protection: Coming of Age (pp. 241-265). Dordrecht: Springer Netherlands.

Finster, S., & Baumgart, I. (2014). Privacy-Aware Smart Metering: A Survey. IEEE Communications Surveys & Tutorials, 16(3), 1732-1745. doi:10.1109/SURV.2014.052914.00090

Hadar, I., Hasson, T., Ayalon, O., Toch, E., Birnhack, M., Sherman, S., & Balissa, A. (2014). Are Designers Ready for Privacy by Design? Examining Perceptions of Privacy Among Information Systems Designers. Paper presented at the 2014 TPRC Conference Paper.

Mazhelis, O., Hämäläinen, A., Asp, T., & Tyrväinen, P. (2016, 12-15 Sept. 2016). Towards enabling privacy preserving smart city apps. Paper presented at the 2016 IEEE International Smart Cities Conference (ISC2).

McKenna, E., Richardson, I., & Thomson, M. (2012). Smart meter data: Balancing consumer privacy concerns with legitimate applications. Energy Policy, 41, 807-814. doi:10.1016/.enpol.2011.11.049

Nakamura, Y., Matsui, K., & Nishi, H. (2014). Anonymization Infrastructure for Secondary Use of Data. Paper presented at the Proceedings on the International Conference on Internet Computing (ICOMP).

Peppet, S. R. (2014). Regulating the Internet of Things: First Steps Toward Managing Discrimination, Privacy, Security, and Consent. Texas Law Review, 93, 85.

Vermesan, O., & Friess, P. (2013). Internet of Things : Converging Technologies for Smart Environments. Aalborg, DK: River Publishers.

Ziegeldorf, J. H., Morchon, O. G., & Wehrle, K. (2014). Privacy in the Internet of Things: threats and challenges. Security and Communication Networks, 7(12), 2728-2742.

Original image: bibliography. By Tessa Farrell [Image license]

Privacy Concepts with Technology

The word bibliography displayed on a TVThis is part 0 of a bibliography of topics to review in depth. I took the main interests and narrowed them down to 3 specific applications of privacy plus this one which is more general and includes material regarding privacy and technology in a broad sense.

These lists are all incomplete due to me starting the bibliography late. It would benefit by searching references of these documents as well as evaluating sources that cite them.

The topics are not very closely attached to library science topics.


Bhagat, S., Weinsberg, U., Ioannidis, S., & Taft, N. (2014). Recommending with an agenda: active learning of private attributes using matrix factorization. Paper presented at the Proceedings of the 8th ACM Conference on Recommender systems, Foster City, Silicon Valley, California, USA.

Cameron, K. The Laws of Identity.  Retrieved from

Campbell, D. G., & Cowan, S. R. (2016). The Paradox of Privacy: Revisiting a Core Library Value in an Age of Big Data and Linked Data. Library Trends, 64(3), 492-511.

Faynberg, I., Lu, H. L., & Ristock, H. (2011). On dynamic access control in Web 2.0 and beyond: Trends and technologies. Bell Labs Technical Journal, 16(2), 199-218. doi:10.1002/bltj.20511

Frohmann, B. (2008). Subjectivity and information ethics. Journal of the American Society for Information Science and Technology, 59(2), 267-277. doi:10.1002/asi.20742

Gürses, S., Troncoso, C., & Diaz, C. (2011). Engineering privacy by design. Computers, Privacy & Data Protection, 14(3).

Hoepman, J.-H. (2014). Privacy design strategies. Paper presented at the IFIP International Information Security Conference.

Kum, H.-C., & Ahalt, S. (2013). Privacy by design: understanding data access models for secondary data. American Medical Informatics Association (AMIA) Joint Summits on Translation Science and Clinical Research Informatics.

Miltgen, C. L., Popovic, A., & Oliveira, T. (2013). Determinants of end-user acceptance of biometrics: Integrating the “Big 3” of technology acceptance with privacy context. Decision Support Systems, 56, 103-114. doi:10.1016/j.dss.2013.05.010

Muthitcharoen, A., Palvia, P. C., & Grover, V. (2011). Building a Model of Technology Preference: The Case of Channel Choices. Decision Sciences, 42(1), 205-237. doi:10.1111/j.1540-5915.2010.00306.x

Pagallo, U. (2012). On the Principle of Privacy by Design and its Limits: Technology, Ethics and the Rule of Law. In S. Gutwirth, R. Leenes, P. De Hert, & Y. Poullet (Eds.), European Data Protection: In Good Health? (pp. 331-346). Dordrecht: Springer Netherlands.

Rubenstein, I. S., & Good, N. (2013). Privacy by Design: A Counterfactual Analysis of Google and Facebook Privacy Incidents. Berkeley Technology Law Journal, 28(2), 6.

Stahl, B. C. (2013). Responsible research and innovation: The role of privacy in an emerging framework. Science and Public Policy, 40(6), 708-716. doi:10.1093/scipol/sct067

Such, J. M., Espinosa, A., & García-Fornes, A. (2014). A survey of privacy in multi-agent systems. The Knowledge Engineering Review, 29(3), 314-344. doi:10.1017/S0269888913000180

Original image: bibliography. By Tessa Farrell [Image license]

Interests and Focus, mark 2

The area mentioned as my interest in the previous post appears to be too broad even though I’ve narrowed the domain a little.

I’m finding the issues of designing privacy into systems (privacy by design) and secondary use of information more specifically relevant.

In addition, the social, ethnographic approach that I eschewed was looking at it from a user’s point of view. The social aspects of developer communities  is a different approach that is more involved with design and secondary use of information.

In my searching for technology and privacy, the typical understanding of privacy is that it is involved with protecting the data that a service maintains. However, controlling who has access to the information and what technical steps protect the data from being released are not very interesting. They’re more related to computer security and not very rich as a topic for privacy analysis.

Much more interesting is developing an understanding by technologists of higher-order privacy issues beyond data security. This is an area for education that is just as important as educating users about the capabilities of systems that they may access.

Interests & Focus

Since privacy is such a large field, it is too large to take in at once. To make any kind of progress in studying it, it’s necessary to narrow ones interests.

One theme that seems interesting are the legal aspects of privacy. How do you apply current laws and court decisions to privacy conflicts? What formal policies would be most effective to meet the needs of society? This could also intersect determining how to apply constitutional law to situations with non-governmental agencies.

Another related avenue to pursue is study the history of privacy and the different ways that issues have been addressed. With a historical analysis, one might be able to get prospective insights into developing situations.

A third line of investigation it to study the psychological, sociological and ethnographic aspects of privacy behaviors and attitudes. Philosophical and ethical analysis can apply with the design and interpretation of those studies.

Solove talks about a balancing process that may lead different answers in different social and historical situations. A deep analysis of the costs and benefits of privacy policies can guide the policies mentioned above. This line of study could also include a power analysis about the power relationships between actors and their decisions. This line of investigation would also be able to study the needs, requirements and desires of them.

Another group of topics analyzes empirical application of privacy guidelines such as Fair Information Practices, the EU Data Protection Directive and similar frameworks. These guidelines could develop into professional standards for technologists as well for the designers and planners of systems. In this line of study, one could analyze existing technology to see how they affect privacy interests as well as develop principles to apply to new systems.

An additional aspect of this last factor of topics would be education and a development of understanding of privacy, its benefits and trade-offs.

This last group interacts with many of the others. Privacy guidelines can guide legislative procedures. The empirical understanding of individual and ethical analyses would provide questions or frameworks for designing standards. An understanding of the balancing involved would be part of an educational program.

This last group of topics is where I would like to focus my investigations. I would like to apply an understanding of the theoretical organization of concepts to technological issues. As they apply to libraries and e-commerce are more particular functional areas to examine.

Power Imbalances

In situations where privacy problems appear, there is often an imbalance of power. One of the parties in the interaction can make decisions without the consent of the other. Additionally, the other doesn’t have the ability to counteract these decisions. They may not have sufficient influence. They may not know about the decisions. They may be excluded from having the right to affect the decisions.

To identify what areas of privacy I want to study, I believe having a list of privacy actors could be helpful to weed out things that are important to me and I’m interested in. I’ll group the actors into categories.

There are other agents affecting privacy, but they do not involve a strong power imbalance. Those aren’t included in this list. Some of entities here that have their powers affected by legislation such as FERPA and HIPAA. This includes Medical providers, financial institutions, intermediaries and educational institutions and any government agency.

This table primarily concerns Solove’s Information Collection, Information Processing and Information Dissemination privacy problems. It doesn’t address the Invasion privacy problems.

Agents that collect data that has economic value to themselves or may sell it

  • Financial institutions such as banks, lenders, investment agencies and debt collectors. They collect detailed financial information.
  • Online merchants. Their privacy policies are difficult to influence.
  • Brick and Mortar Merchants. They can capture information about purchases and payment services such as credit cards. They also don’t need to document their policies.
  • Insurance companies. They want information that helps them decide insurability.

Agencies that work behind the scenes yet they impact privacy rights

  • Technology infrastructure providers. Both internet service providers and service provides like cable companies. They can decide privacy policies that the individual cannot refuse.
  • Technology manufacturers. Once something is manufactured, whether it is an automobile, smart phone, computer or internet of things object, users doesn’t have the ability to change the information it controls.
  • Data warehouses. The collect information and individuals have no control over what is there, how accurate it is or what it will be used for.

Also financial institutions and brick and mortar merchants can work behind the scenes.

Agencies with legal right to acquire some personal knowledge

  • Government agencies such as the license branch and IRS have more control over the information than the information source.
  • Law enforcement. They gather information for criminal prosecution. They can also request information that you are not obligated to give, but it is difficult to say no. For example, they may ask to see your smart phone.
  • The judicial branch of the government. Criminal cases and civil disputes can include private information.
  • Educational institutions may accumulate many forms information. This information may be available to future employers, loan and scholarship providers and funding sources for the school itself.
  • Medical providers. The collect detailed protected health information.

Also financial institutions.

Agents that make privacy decisions that in practice have no recourse. These entities are distinguished in that the individual is aware that they are interacting with the agents.

  • Technology service providers. Social media sites like Facebook and Twitter, multimedia sites like YouTube, Vimeo and Soundcloud, search engines like Google, Bing and DuckDuckGo, information sources like Wikipedia, Reddit and StackExchange. Some are near monopolies and thus have more power than an individual who needs to use their services.
  • Library service providers. Entities that control services used by the library such as the ILS and information resources such as databases and specialized services can set their own policies that the library or its patrons may not influence.

Also online merchants.

Agents that can affect privacy through surveillance

  • Employers. They can capture information about employee activities.
  • Intermediaries like the telephone network that have specific legal responsibilities but may also be used to gather information about transactions they assist.

Also law enforcement, government agencies, and the judicial branch of the government.

Data warehouse are not in this category because although they may enable surveillance, they are normally not the agents performing the surveillance

Agents that may find legal protection when they threaten privacy

  • Media outlets, publishers and online bloggers or similar publishers. They can disclose private materials without the individual’s consent or easy recourse.