Privacy Decisions are not Private: How the Notice and Choice Regime Induces us to Ignore Collective Privacy Risks and what Regulation should do about it


Paper by Christopher Jon Sprigman and Stephan Tontrup: “For many reasons the current notice and choice privacy framework fails to empower individuals in effectively making their own privacy choices. In this Article we offer evidence from three novel experiments showing that at the core of this failure is a cognitive error. Notice and choice caters to a heuristic that people employ to make privacy decisions. This heuristic is meant to judge trustworthiness in face-to-face-situations. In the online context, it distorts privacy decision-making and leaves potential disclosers vulnerable to exploitation.

From our experimental evidence exploring the heuristic’s effect, we conclude that privacy law must become more behaviorally aware. Specifically, privacy law must be redesigned to intervene in the cognitive mechanisms that keep individuals from making better privacy decisions. A behaviorally-aware privacy regime must centralize, standardize and simplify the framework for making privacy choices.

To achieve these goals, we propose a master privacy template which requires consumers to define their privacy preferences in advance—doing so avoids presenting the consumer with a concrete counterparty, and this, in turn, prevents them from applying the trust heuristic and reduces many other biases that affect privacy decision-making. Our data show that blocking the heuristic enables consumers to consider relevant privacy cues and be considerate of externalities their privacy decisions cause.

The master privacy template provides a much more effective platform for regulation. Through the master template the regulator can set the standard for automated communication between user clients and website interfaces, a facility which we expect to enhance enforcement and competition about privacy terms…(More)”.

Government Audits


Paper by Martina Cuneo, Jetson Leder-Luis & Silvia Vannutelli: “Audits are a common mechanism used by governments to monitor public spending. In this paper, we discuss the effectiveness of auditing with theory and empirics. In our model, the value of audits depends on both the underlying presence of abuse and the government’s ability to observe it and enforce punishments, making auditing most effective in middling state-capacity environments. Consistent with this theory, we survey all the existing credibly causal studies and show that government audits seem to have positive effects mostly in middle-state-capacity environments like Brazil. We present new empirical evidence from American city governments, a high-capacity and low-impropriety environment. Using a previously unexplored threshold in federal audit rules and a dynamic regression discontinuity framework, we estimate the effects of these audits on American city finance and find no marginal effect of audits…(More)”.

Use of Population-Level Administrative Data in Developmental Science


Paper by Barry J. Milne: “Population-level administrative data—data on individuals’ interactions with administrative systems (e.g., health, criminal justice, and education)—have substantially advanced our understanding of life-course development. In this review, we focus on five areas where research using these data has made significant contributions to developmental science: (a) understanding small or difficult-to-study populations, (b) evaluating intergenerational and family influences, (c) enabling estimation of causal effects through natural experiments and regional comparisons, (d) identifying individuals at risk for negative developmental outcomes, and (e) assessing neighborhood and environmental influences. Further advances will be made by linking prospective surveys to administrative data to expand the range of developmental questions that can be tested; supporting efforts to establish new linked administrative data resources, including in developing countries; and conducting cross-national comparisons to test findings’ generalizability. New administrative data initiatives should involve consultation with population subgroups including vulnerable groups, efforts to obtain social license, and strong ethical oversight and governance arrangements…(More)”.

The Economics of Digital Privacy


Paper by Avi Goldfarb & Verina F. Que: “There has been increasing attention to privacy in the media and in regulatory discussions. This is a consequence of the increased usefulness of digital data. The literature has emphasized the benefits and costs of digital data flows to consumers and firms. The benefits arise in the form of data-driven innovation, higher quality products and services that match consumer needs, and increased profits. The costs relate to intrinsic and instrumental values of privacy. Under standard economic assumptions, this framing of a cost-benefit tradeoff might suggest little role for regulation beyond ensuring consumers are appropriately informed in a robust competitive environment. The empirical literature thus far has focused on this direct cost-benefit assessment, examining how privacy regulations have affected various market outcomes. However, an increasing body of theory work emphasizes externalities related to data flows. These externalities, both positive and negative, suggest benefits to the targeted regulation of digital privacy…(More)”.

A taxonomy of technology design features that promote potentially addictive online behaviours


Paper by Maèva Flayelle et al: “Gaming disorder was officially recognized as a disorder of addictive behaviour in the International Classification of Diseases 11th revision in 2019. Since then, other types of potentially problematic online behaviour have been discussed as possible candidates for inclusion in the psychiatric nosography of addictive disorders. Understanding these problematic online behaviours requires further study of the specific psychological mechanisms involved in their formation and maintenance. An important but underdeveloped line of research has examined the ways in which technology design features might influence users’ capacity to exert control over how they engage with and use websites and applications, thereby amplifying uncontrolled, and perhaps addictive, use. In this Review, we critically examine the available research on the relationships between technology design features and the loss of control and harms experienced by those who engage in online video gaming, online gambling, cybersexual activities, online shopping, social networking and on-demand TV streaming. We then propose a theory-driven general taxonomy of the design features of online applications that might promote uncontrolled and problematic online behaviours…(More)”.

Common Data Environment: Bridging the Digital Data Sharing Gap Among Construction Organizations


Paper by Yong Jia Tan et al: “Moving into the 21st century, digital data sharing is pertinent towards the construction industry technology advancement. Preeminent digital data sharing revolves around construction organizations’ effective data management and digital data utilization within the Common Data Environment (CDE). Interconnected data is the heart of the construction industry’s future digital utility. Albeit the progressive digitalization uptake, the absence of integrated digital data collaboration efforts due to working-in-silo facet impedes the Malaysian construction organizations capability to capitalize the technology potential at best. To identify the types of digital data and the potential of digital data sharing through Common Data Environment within the Malaysian construction industry, this study adopts thematic analysis methodology on five in-depth case study on CDE adoption among construction organizations. The presented case study further identified through snowball sampling method. The analysis reveals the three main data categories created by construction organization in CDE are graphical data, non-graphical data, and associated construction project documents. Findings further identifies eight potentials of CDE data sharing namely improved efficiency, productivity, collaboration, effective decision making, cost and time savings, security, and accessibility. Ultimately, this study presents insights and explorative avenues for construction stakeholders to transcend advanced technology maximization and boost the industry productivity gain…(More)”.

Building trust in digital trade will require a rethink of trade policy-making


Paper by Susan Ariel Aaronson: “In 2019, Shinzo Abe, then Prime Minister of Japan, stated that if the world wanted to achieve the benefits of the data-driven economy, members of the World Trade Organization should find a common approach to combining ‘data free flow with trust’. However, he never explained what these rules should look like and how nations might find an internationally accepted approach to such rules. In this paper, I argue that trade policy-makers must pay closer attention to users’ concerns if they truly want to achieve ‘data free flow with trust’. I begin with an examination of what the most recent digital trade/ecommerce agreements say about trust and discuss whether they actually meet user concerns. Next, I turn to three different examples of online problems that users have expressed concerns about, namely internet shutdowns/censorship, disinformation, and ransomware, describing how these may yield both trade distortions and less trust online. I argue that policy-makers should address these issues if they believe trade agreements should build trust in cross-border data flows. Moreover, I argue how policy-makers respond to user concerns is as important as what they include in trade agreements. Finally, I note that trade negotiators will need to rethink how they involve the broad public in digital trade policy-making, while recognizing that trade policy agreements may not be the best place to address these problems…(More)”.

One Schema to Rule them All: How Schema.org Models the World of Search


Paper by Andrew Iliadis et al: “Several industry-specific metadata initiatives have historically facilitated structured data modeling for the web in domains such as commerce, publishing, social media, etc. The metadata vocabularies produced by these initiatives allow developers to ‘wrap’ information on the web to provide machine-readable signals for search engines, advertisers, and user-facing content on apps and websites, thus assisting with surfacing facts about people, places, and products. A universal iteration of such a project called Schema.org started in 2011, resulting from a partnership between Google, Microsoft, Yahoo, and Yandex to collaborate on a single structured data model across domains. Yet, few studies have explored the metadata vocabulary terms in this significant web resource. What terms are included, upon what subject domains do they focus, and how does Schema.org represent knowledge in its conceptual model? This paper presents findings from our extraction and analysis of the documented release history and complete hierarchy on Schema.org’s developer pages. We provide a semantic network visualization of Schema.org, including an analysis of its modularity and domains, and discuss its global significance concerning fact-checking and COVID-19. We end by theorizing Schema.org as a gatekeeper of data on the web that authors vocabulary that everyday web users encounter in their searches..(More)”.

Orchestrating distributed data governance in open social innovation


Paper by Thomas Gegenhuber et al: “Open Social Innovation (OSI) involves the collaboration of multiple stakeholders to generate ideas, and develop and scale solutions to make progress on societal challenges. In an OSI project, stakeholders share data and information, utilize it to better understand a problem, and combine data with digital technologies to create digitally-enabled solutions. Consequently, data governance is essential for orchestrating an OSI project to facilitate the coordination of innovation. Because OSI brings multiple stakeholders together, and each stakeholder participates voluntarily, data governance in OSI has a distributed nature. In this essay we put forward a framework consisting of three dimensions allowing an inquiry into the effectiveness of such distributed data governance: (1) openness (i.e., freely sharing data and information), (2) accountability (i.e., willingness to be held responsible and provide justifications for one’s conduct) and (3) power (i.e., resourceful actors’ ability to impact other stakeholder’s actions). We apply this framework to reflect on the OSI project #WirVsVirus (“We versus virus” in English), to illustrate the challenges in organizing effective distributed data governance, and derive implications for research and practice….(More)”.

Americans Don’t Understand What Companies Can Do With Their Personal Data — and That’s a Problem


Press Release by the Annenberg School for Communications: “Have you ever had the experience of browsing for an item online, only to then see ads for it everywhere? Or watching a TV program, and suddenly your phone shows you an ad related to the topic? Marketers clearly know a lot about us, but the extent of what they know, how they know it, and what they’re legally allowed to know can feel awfully murky. 

In a new report, “Americans Can’t Consent to Companies’ Use of Their Data,” researchers asked a nationally representative group of more than 2,000 Americans to answer a set of questions about digital marketing policies and how companies can and should use their personal data. Their aim was to determine if current “informed consent” practices are working online. 

They found that the great majority of Americans don’t understand the fundamentals of internet marketing practices and policies, and that many feel incapable of consenting to how companies use their data. As a result, the researchers say, Americans can’t truly give informed consent to digital data collection.

The survey revealed that 56% of American adults don’t understand the term “privacy policy,” often believing it means that a company won’t share their data with third parties without permission. In actual fact, many of these policies state that a company can share or sell any data it gathers about site visitors with other websites or companies.

Perhaps because so many Americans feel that internet privacy feels impossible to comprehend — with “opting-out” or “opting-in,” biometrics, and VPNs — they don’t trust what is being done with their digital data. Eighty percent of Americans believe that what companies know about them can cause them harm.

“People don’t feel that they have the ability to protect their data online — even if they want to,” says lead researcher Joseph Turow, Robert Lewis Shayon Professor of Media Systems & Industries at the Annenberg School for Communication at the University of Pennsylvania….(More)”