Draft June 7, 2007


INF 295: Privacy in Electronic Environments


Instructor: Alfred Kobsa (kobsa@uci.edu)


Disclaimer: These are guidelines intended to help students plan their work in this course. However, the instructor does reserve the right to make changes if needed.

General Educational Aims:

This class is concerned with "user aspects" of privacy in electronic environments, specifically web sites, ubiquitous computing environments and collaborative environments. It will focus on empirical findings regarding factors that influence individuals' privacy-related decisions and actions (e.g., one's willingness to disclose personal data to websites or one's proclivity to regard a call to one's cell phone as a privacy invasion). To this aim, students will read research articles that were published in different disciplines, such as information systems, marketing research, public policy, economics, computer-mediated communication, law, human-computer interaction, and the information and computer sciences.

Prerequisites: Informatics 231, 261 or 269, or permission of instructor

Character of course:

Students will read and discuss research papers, write position statements, and conduct a research project.
Location/Times:   TuTh 9:30-10:50 ICS 243


           30% for position statements
           20% for paper presentations
           20% for active in-class participation
           30% for research project

Efficient reading: see here
Cheating: see here
Students with Disabilities: see here

Course Evaluation:  7pm Friday, June 1 through 11:45pm Sunday, June 10

Office hours: Alfred Kobsa: after class, or Tue 11am-12pm in 5092 Bren Hall
                       (contact me in class or send email beforehand)


Schedule (changes possible)

: To download these papers, you will need to be within the UCI domain in most cases. Connect to UCI with VPN if you are outside of the ICS domain (download the "Software VPN" from here).
<name>: Proponent for the paper
<name>: Opponent for the paper
Date & Time
Readings & Discussants
4/3 10:30-11:50
ICS 243
4/5 10:30-11:50
ICS 243
Types of privacy violations (Sameer Patil, Yang Wang, Hy Loc, Paul Main)
Solove, D.J. A Taxonomy of Privacy. University of Pennsylvania Law Review, 154 (3), 2006, 477-564. URL.
4/10 10:30-11:50
ICS 243
Information type and stated level of privacy concern (Deepika Gandhi, David Nguyen, Gary Suh, Swaminathan Subramanian)
Ackerman, M.S., Cranor, L.F. and Reagle, J., Privacy in E-commerce: Examining User Scenarios and Privacy Preferences. In First ACM Conference on Electronic Commerce, (Denver, CO, 1999), 1-8.
Friedman, A. and Wathieu, L., An Empirical Approach to Understanding Privacy Valuation. Fourth Workshop on the Economics of Information Security (WEIS05), Cambridge, MA, 2005, .
Huberman, B.A., Adar, E. and Fine, L.R., Valuating Privacy. Fourth Workshop on the Economics of Information Security (WEIS05), Cambridge, MA, 2005.
4/11 11:45-12:50
Crito Conference Room, 3200 Berkeley Place, 2nd floor
Related talk: RFID in Manufacturing and Supply Chain Management (O. Günther)
4/12 10:30-11:50
ICS 243
Privacy seals (Vivian Olivera, Arun Muralidharan, David Nguyen, Gary Suh)
Edelman, B. Adverse Selection in Online “Trust” Certifications. Working draft, Harvard University, 2006.
Moores, T. Do Consumers Understand the Role of Privacy Seals in E-Commerce? Communications of the ACM, 48 (3), 2005, 86-91
4/17 10:30-11:50
ICS 243
Presentation of classs projects
   No class
4/24 10:30-11:50
ICS 243
Privacy statements (Swaminathan Subramanian, Paul Main, Vivian Olivera, Deepika Gandhi)
URL Metzger, M. Communication Privacy Management in Electronic Commerce. Journal of Computer-Mediated Communication, 12 (2), 2007.
Gideon, J., Cranor, L., Egelman, S. and Acquisti, A., Power Strips, Prophylactics, and Privacy, Oh My! In Second Symposium on Usable Privacy and Security, Pittsburgh, Pennsylvania, 2006, ACM Press, 133-144.
4/26 10:30-11:50
ICS 243
Trust and some of its antecedents (Yang Wang, Deepika Gandhi, Arun Muralidharan, Paul Main)
Schoenbachler, D.D. and Gordon, G.L. Trust and Customer Willingness to Provide Information in Database-Driven Relationship Marketing. Journal of Interactive Marketing, 16 (3), 2002, 2-16
URL Metzger, M.J. Privacy, Trust, and Disclosure: Exploring Barriers to Electronic Commerce. Journal of Computer-Mediated Communication, 9 (4), 2004.
5/01 10:30-11:50
ICS 243
Personalization benefits (Yang Wang, David Nguyen, Shilpa Rao, Deepika Gandhi)
Chellappa, R.K. and Sin, R. Personalization versus Privacy: An Empirical Examination of the Online Consumer’s Dilemma. Information Technology and Management, 6 (2-3), 2005, 181-202.
White, T.B. Consumer Disclosure and Disclosure Avoidance: A Motivational Framework. Journal of Consumer Psychology, 14 (1&2), 2004, 41-51.
5/03 10:30-11:50
ICS 243
Stated privacy attitude vs. actual behavior (Anupa Mogili, Sulagna Basu, Yang Wang, David Nguyen)
Spiekermann, S., Grossklags, J. and Berendt, B., E-privacy in 2nd Generation E-Commerce: Privacy Preferences versus Actual Behavior. In EC'01: Third ACM Conference on Electronic Commerce, (Tampa, FL, 2001), 38-47.
Jensen, C., Potts, C. and Jensen, C. Privacy Practices of Internet Users: Self-Reports versus Observed Behavior. International Journal of Human-Computer Studies, 63, 2005, 203–227.
5/8 10:30-11:50
ICS 243
The "privacy calculus" (Swaminathan Subramanian, Paul Main, Yang Wang, David Nguyen)
Acquisti, A., Privacy in Electronic Commerce and the Economics of Immediate Gratification. EC'04 ACM Conference on Electronic Commerce, New York, NY, 2004, 21-29..
Acquisti, A. and Grossklags, J. Privacy and Rationality in Individual Decision Making. IEEE Security & Privacy, 3 (1), 2005, 26-33.
5/10 10:30-11:50
ICS 243
Data protection guidelines (Yang Wang, Shilpa Rao, David Nguyen, Sulagna Basu)
URL OECD. Recommendation of the Council Concerning Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, OECD, 1980.
URL USACM Policy Recommendations on Privacy, U.S. Public Policy Committee of the Association for Computing Machinery, New York, NY, 2006.
5/15 10:30-11:50
ICS 243

Privacy and monetary incentives (Shilpa Rao, Anupa Mogili, Swaminathan Subramanian, Deepika Gandhi)
URL Hann, I.-H., Hui, K.-L., Lee, T.S. and Png, I.P.L., Online Information Privacy: Measuring the Cost-Benefit Tradeoff. Proceedings of the Twenty-Third Annual International Conference on Information Systems, Barcelona, Spain, 2002, 1-10.
Lai, Y.-L. and Hui, K.-L., Internet Opt-In and Opt-Out: Investigating the Roles of Frames, Defaults and Privacy Concerns. 2006 ACM SIGMIS CPR Conference on Computer Personnel Research, Claremont, CA, 2006, 253-263.

5/17 10:30-11:50
ICS 243
Privacy of location information (Anupa Mogili, Vivian Oliviera, Sameer Patil, Sulagna Basu)
Consolvo, S., Smith, I.E., Matthews, T., LaMarca, A., Tabert, J. and Powledge, P., Location Disclosure to Social Relations: Why, When, & What People Want to Share. In CHI 2005 Conference on Human Factors in Computing Systems, Portland, Oregon, 2005, 81-90.
Cvrcek, D., Kumpost, M., Matyas, V. and Danezis, G., A Study on the Value of Location Privacy. In 5th ACM Workshop on Privacy in the Electronic Society, Alexandria, VA, 2006, 109-118.
URL Danezis, G., Lewis, S. and Anderson, R., How Much is Location Privacy Worth? In Fourth Workshop on the Economics of Information Security, Cambridge, MA, 2005. .
5/22 10:30-11:50
ICS 243
Ubicomp privacy guidelines (Sulagna Basu, Paul Main, Sameer Patil, David Nguyen)
Floerkemeier, C., Schneider, R. and Langheinrich, M., Scanning with a Purpose – Supporting the Fair Information Principles in RFID Protocols. In Ubiquitous Computing Systems: Second International Symposium, UCS 2004, Tokyo, Japan, Springer Verlag.
URL Langheinrich, M. Privacy by Design: Principles of Privacy-Aware Ubiquitous Systems. in Abowd, G.D., Brumitt, B. and Shafer, S.A.N. eds. Ubicomp 2001, Springer-Verlag, Berlin-Heidelberg, Germany, 2001, 273–291.
Iachello, G., Smith, I., Consolvo, S., Chen, M. and Abowd, G.D., Developing Privacy Guidelines for Social Location Disclosure Applications and Services. In Symposium on Usable Privacy and Security, Philadelphia, PA, 2005, 65-76. .
5/24 10:30-11:50
ICS 243

Interim presentation of project resutls


5/29 10:30-11:50

ICS 243

Privacy of Incidental Information (Shilpa Rao, Anupa Mogili, Vivian Oliviera, Sameer Patil)
Hawkey, K. and Inkpen, K.M., Keeping Up Appearances: Understanding the Dimensions of Incidental Information Privacy. SIGCHI Conference on Human Factors in Computing Systems, Montréal, Québec, Canada, 2006, 821-83.
Hawkey, K. and Inkpen, K.M., Examining the Content and Privacy of Web Browsing Incidental Information. In 15th International Conference on World Wide Web, Edinburgh, UK, 2006, 123-132.
5/31 10:30-11:50
ICS 243
Sameer Patil: Privacy and Awareness (Yang Wang, David Nguyen, Paul Main, Deepika Ghandi)
Hudson & Smith (1996) - Techniques for addressing fundamental privacy and disruption tradeoffs in awareness support systems. Proceedings of the 1996 ACM Conference on Computer Supported Cooperative Work, Boston, Massachusetts, 248 - 257.
• Also read the two papers in the class dropbox
6/05 10:30-11:50
ICS 243
Yang Wang: Tailoring Privacy to Each Individual User  (Sameer Patil, David Nguyen, Sulagna Basu, Shilpa Rao)
Wang, Y. and A. Kobsa : Respecting Users' Individual Privacy Constraints in Web Personalization. Proc. of the 11th Int'l Conf. on User Modeling, Corfu, Greece, 2007
Wang, Y., A. Kobsa, A. van der Hoek and J. White (2006): PLA-based Runtime Dynamism in Support of Privacy-Enhanced Web Personalization. Proc. of the 10th Int'l Software Product Line Conference, Baltimore, MD, IEEE Press, 151-162
6/07 10:30-11:50
ICS 243
David Nguyen: RFID and Privacy (Yang Wang, Sameer Patil, Anupa Mogili, Vivian Oliviera)
Simson L. Garfinkel, Ari Juels, Ravi Pappu (2005), "RFID Privacy: An Overview of Problems and Proposed Solutions," IEEE Security and Privacy 3(3), pp. 34-43
Günther, O. and Spiekermann, S. 2005. RFID and the perception of control: the consumer's view. Commun. ACM 48, 9 (Sep. 2005), 73-76.