Tuesday, 8:30am

 

Direct-to-Consumer Genetic Testing: Contextual Privacy Predicament

Hsiao-Ying Huang, Masooda Bashir
University of Illinois at Urbana-Champaign, United States of America

Summary

In this study, we investigated the flow of information and potential privacy infringements in Direct-to-Consumer (DTC) genetic testing services available online. We adopted Nissenbaum’s framework of Contextual Integrity (CI) to examine six DTC companies’ privacy policies, terms of use, and consent processes. Our analyses indicate that the flow of information within certain contexts of DTC services presents alarming privacy vulnerabilities. In this paper, we provide a new perspective that can be used when evaluating privacy vulnerabilities for a given DTC online genetic testing service. The sensitive and unique features of genetic information make privacy even more of an important consideration for this type of information than for other types of medical/health information. In addition, we have limited knowledge about the harmful consequences that can arise from privacy invasions, such as genetic information breaches, genome database hacking, and so forth. Therefore, we believe that further research and in-depth investigations from the information community are desperately needed to address the privacy of genetic information.


Online Privacy and Informed Consent: The Dilemma of Information Asymmetry

Masooda Bashir, April Lambert, Carol Hayes, Jay P. Kesan
University of Illinois at Urbana-Champaign, United States of America

Summary

Every day billions of users allow cloud-based internet services to collect, store, and manage their personal information. The use of this information is constrained only by long, wordy privacy agreements that users likely did not read before clicking “Agree.” Even if they were to read them, would users understand these policies? We present the results of a two-part privacy survey that assessed users’ knowledge and opinions of online privacy issues. We asked users not only what they think, but what they know. Results expose several key knowledge gaps, demonstrating a problem of information asymmetry between users and internet services providers, and strong dissatisfaction with the current system. These findings demonstrate that there is insufficient comprehension and voluntariness in the consent process for users to give informed consent to the collection and management of their personal information, which may in part explain the “privacy paradox.”


Patron Privacy in Jeopardy: An Analysis of the Privacy Policies of Digital Content Vendors

April Lambert, Michelle Parker, Masooda Bashir
University of Illinois at Urbana-Champaign, United States of America

Summary

While the library profession has long defended readers’ privacy, a public library patron’s personal information is no longer solely in the hands of intrepid librarians determined to defend intellectual freedom. Libraries use vendors to provide a large portion of their digital content. These vendors gain access to extensive personal information about patrons. Libraries often must negotiate with content providers to ensure privacy protections for their patrons that are in accordance with the American Library Association’s Code of Ethics. This paper presents the results of a content analysis of the privacy policies of five of the top digital content vendors of American public libraries. We examined whether these privacy policies (1) meet the privacy standards of the library community, (2) meet other industry standards, and (3) are accessible and understandable to public library patrons. Our results demonstrate that while vendors are largely meeting the Fair Information Practices standards of American industry, the policies fail to meet the heightened standards of the library community.