Other relevant publications from the REPHRAIN team

Please find below publications and papers on privacy and online harms that have been produced by the REPHRAIN team.

June 2022

An Investigation Into the Sensitivity of Personal Information and Implications for Disclosure: A UK Perspective

Prepared by Rahime Belen-Salglam, Jason Nurse and Duncan Hodges.

Abstract: The perceived sensitivity of information is a crucial factor in both security and privacy concerns and the behaviors of individuals. Furthermore, such perceptions motivate how people disclose and share information with others. We study this topic by using an online questionnaire where a representative sample of 491 British citizens rated the sensitivity of different data items in a variety of scenarios. The sensitivity evaluations revealed in this study are compared to prior results from the US, Brazil and Germany, allowing us to examine the impact of culture. In addition to discovering similarities across cultures, we also identify new factors overlooked in the current research, including concerns about reactions from others, personal safety or mental health and finally, consequences of disclosure on others. We also highlight a difference between the regulatory perspective and the citizen perspective on information sensitivity. We then operationalized this understanding within several example use-cases exploring disclosures in the healthcare and finance industry, two areas where security is paramount. We explored the disclosures being made through two different interaction means: directly to a human or chatbot mediated (given that an increasing amount of personal data is shared with these agents in industry). We also explored the effect of anonymity in these contexts. Participants showed a significant reluctance to disclose information they considered “irrelevant” or “out of context” information disregarding other factors such as interaction means or anonymity. We also observed that chatbots proved detrimental to eliciting sensitive disclosures in the healthcare domain; however, within the finance domain, there was less effect. This article’s findings provide new insights for those developing online systems intended to elicit sensitive personal information from users.

A copy of this paper can be found here.

May 2022

Personal information: Perceptions, types and evolution

Prepared by Rahime Belen-Salglam, Jason Nurse and Duncan Hodges.

Abstract: Advances in technology have made us as a society think more about cyber security and privacy, particularly how we consider and protect personal information. Such developments have introduced a temporal dimension to the definition of personal information and we have also witnessed new types of data emerging (e.g., phone sensor data, stress level measurements). These rapid technological changes introduce several challenges as legislation is often inadequate, and therefore questions regularly arise pertaining whether information should be considered personal or sensitive and thereby better protected. In this paper, therefore, we look to significantly advance research into this domain by investigating how personal information is regarded in governmental legislations/regulations, privacy policies of applications, and academic research articles. Through an assessment of how personal information has evolved and is perceived differently (e.g., in the context of sensitivity) across these key stakeholders, this work contributes to the understanding of the fundamental disconnects present and also the social implications of new technologies. Furthermore, we introduce a series of novel taxonomies of personal information which can significantly support and help guide how researchers and practitioners work with, or develop tools to protect, such information..

A copy of this paper can be found here.

January 2022

Nothing to Be Happy About: Consumer Emotions and AI

Prepared by Mateja Durovic and Jonathan Watson

Abstract: Advancements in artificial intelligence and Big Data allow for a range of goods and services to determine and respond to a consumer’s emotional state of mind. Considerable potential surrounds the technological ability to detect and respond to an individual’s emotions, yet such technology is also controversial and raises questions surrounding the legal protection of emotions. Despite their highly sensitive and private nature, this article highlights the inadequate protection of emotions in aspects of data protection and consumer protection law, arguing that the contribution by recent proposal for an Artificial Intelligence Act is not only unsuitable to overcome such deficits but does little to support the assertion that emotions are highly sensitive.

Keywords: AI; consumer law; new technologies; regulation; emotions; EU Law

A copy of this paper is available for download here.

January 2021

Manipulation and liability to defensive harm

Prepared by Massimo Renzo

AbstractPhilosophers working on the morality of harm have paid surprisingly little attention to the problem of manipulation. The aim of this paper is to remedy this lacuna by exploring how liability to defensive harm is affected by the fact that someone posing an unjust threat has been manipulated into doing so. In addressing this problem, the challenge is to answer the following question: Why should it be the case (if it is, indeed, the case) that being misled into posing an unjust threat by manipulation makes a difference to one’s liability, as compared to being misled into doing so by natural events or by someone’s honest attempt to persuade us? To answer this question, I first outline an account of manipulation and then use it to defend what I shall call the ‘‘Pre-emption Principle.’’

Paper available to download here.