Conference Tutorial:

"PRIVACY TECHNOLOGIES AND APPLICATIONS ON ELECTRONIC MARKETS"

Sören Preibusch

German Institute for Economic Research

Königin-Luise-Str. 5, 14191 Berlin, Germany

spreibusch at diw.de

 

ABSTRACT

Users’ perceptions of a service provider’s privacy principles constitute a major barrier on Electronic Markets. They lead to poor conversion rates in the business perspective and a loss of social welfare due to missed transactions in the economics perspective. This tutorial addresses both academia and industry and presents privacy issues in current Electronic Commerce applications along with technologies to overcome them.

In a first part, the ethical and legal bases of privacy are portrayed, with a focus on the legislation in the European Union and the recommendations of the OECD concerning electronic services. The social dimension is underlined as inappropriate data processing principles might lead to discrimination of social groups.

In a second part, current Privacy Enhancing Technologies (PETs) are summarized, facing Privacy Invasive Technologies (PITs); secure data mining techniques are confronted with data inference problems. Special attention is paid to Privacy Negotiation Techniques as they can conciliate users’ and service providers’ conflicting preferences in the privacypersonalization trade-off. Approaches to code (P3P, APPEL and EPAL) and to communicate (suitable site design, contextualized presentation) privacy policies are examined theoretically. They are endorsed by experimental evidence and case studies from A9.com and Amazon.com. Holistic privacy protection all along the value chain requires verifiable compliance of privacy promises towards customers and their realization in backend processes. A framework for secure integration of third parties data analysis providers will be presented. It is shown how business metrics can be calculated in a privacy compliant way.

Two emerging fields will be covered in the third part: first, Ubiquitous Computing is a forthcoming threat for privacy. Pervasive technologies such as RFID allow tracking users’ actions and behaviours. Second, multichannel retailing, combining traditional stores and electronic retailing, gives rise to new potential privacy infringements, such as by linking offline and online identities. Game theoretic and information economical considerations will conclude the tutorial along with recommendations for users and practitioners.

KEYWORDS

Privacy Legislation, Privacy Ethics, PET, Privacy in Pervasive Computing, Privacy Negotiations, Multichannel Retailing

 

Back to Tutorial Page