Cumulative revelations in personal data

Azzopardi, Leif, Briggs, Jo, Htait, Amal, Moncur, Wendy, Nicol, Emma and Schafer, Burkhard (2021) Cumulative revelations in personal data. In: SPRITE+ Online Showcase, 15 Jan 2021, Virtual.

Preview

Text Azzopardi_etal_SPRITE_2021_Cumulative_revelations_in_personal_data.pdf - Published Version Available under License Creative Commons Attribution Non-commercial Share Alike 4.0. Download (219kB) | Preview

Abstract

Small, apparently innocuous pieces of personal data, generated during online interactions, can, over time, collectively pose significant yet often unanticipated risks to personal reputation, and to employers' operational security. Such revelations arise from personal data shared intentionally by individuals, data shared about them by others, from tagging software, and from everyday cross-authentication practices. When brought together, unintended insights into personal habits, work patterns, emotions and political leanings can be gained by others, potentially creating adverse consequences for individuals e.g. via reputational damage, employers e.g. via cybercrime, and even for national security. Our research examines potential adverse revelations resulting from individual digital traces via the development of a tool that provides portraits of digital traces and reflects them back to the user. The tool will enable individuals to understand the cumulative nature of their data, and to better comprehend the resultant vulnerabilities. Our research also aims to identify conflict and ambiguity in cybersecurity service design and implementation when motivations and actions of employees are balanced against organisational security philosophy. This will enable mitigation against risks, issues and consequences of cumulative revelations from both an organisational and individual perspective. We focus here on an interview study conducted with 26 participants during the UK COVID-19 lockdown, examining their digital ecosystems, practices and experiences of cumulative revelations, where combined elements of their personal data revealed more than intended. We discuss individual awareness and perception of online presence, events that shape individual online behaviour, unanticipated sources of risk, and data privacy literacy. We discuss the implications of cumulative revelations for individuals and employers and the intersection with COVID-related homeworking on online practices and behaviours. We reflect on the potential of future digital tools to increase people’s awareness of the information that they accidentally reveal about themselves online, with the aim of increasing personal agency.Our research examines potential adverse revelations resulting from individual digital traces via the development of a tool that provides portraits of digital traces and reflects them back to the user. The tool will enable individuals to understand the cumulative nature of their data, and to better comprehend the resultant vulnerabilities. Our research also aims to identify conflict and ambiguity in cybersecurity service design and implementation when motivations and actions of employees are balanced against organisational security philosophy. This will enable mitigation against risks, issues and consequences of cumulative revelations from both an organisational and individual perspective.We focus here on an interview study conducted with 26 participants during the UK COVID-19 lockdown, examining their digital ecosystems, practices and experiences of cumulative revelations, where combined elements of their personal data revealed more than intended. We discuss individual awareness and perception of online presence, events that shape individual online behaviour, unanticipated sources of risk, and data privacy literacy. We discuss the implications of cumulative revelations for individuals and employers and the intersection with COVID-related homeworking on online practices and behaviours. We reflect on the potential of future digital tools to increase people’s awareness of the information that they accidentally reveal about themselves online, with the aim of increasing personal agency.

Actions (login required)

View Item

Downloads