Skip to main content

Evaluating the Contextual Integrity of Privacy Regulation: Parents' IoT Toy Privacy Norms Versus COPPA

Author(s): Apthorpe, Noah; Varghese, Sarah; Feamster, Nick

Download
To refer to this page use: http://arks.princeton.edu/ark:/88435/pr1jc27
Full metadata record
DC FieldValueLanguage
dc.contributor.authorApthorpe, Noah-
dc.contributor.authorVarghese, Sarah-
dc.contributor.authorFeamster, Nick-
dc.date.accessioned2021-10-08T19:50:33Z-
dc.date.available2021-10-08T19:50:33Z-
dc.date.issued2019en_US
dc.identifier.citationApthorpe, Noah, Sarah Varghese, and Nick Feamster. "Evaluating the Contextual Integrity of Privacy Regulation: Parents' IoT Toy Privacy Norms Versus {COPPA}." In 28th USENIX Security Symposium (2019): pp. 123-140.en_US
dc.identifier.urihttps://www.usenix.org/system/files/sec19fall_apthorpe_prepub.pdf-
dc.identifier.urihttp://arks.princeton.edu/ark:/88435/pr1jc27-
dc.description.abstractIncreased concern about data privacy has prompted new and updated data protection regulations worldwide. However, there has been no rigorous way to test whether the practices mandated by these regulations actually align with the privacy norms of affected populations. Here, we demonstrate that surveys based on the theory of contextual integrity provide a quantifiable and scalable method for measuring the conformity of specific regulatory provisions to privacy norms. We apply this method to the U.S. Children’s Online Privacy Protection Act (COPPA), surveying 195 parents and providing the first data that COPPA’s mandates generally align with parents’ privacy expectations for Internet-connected "smart" children’s toys. Nevertheless, variations in the acceptability of data collection across specific smart toys, information types, parent ages, and other conditions emphasize the importance of detailed contextual factors to privacy norms, which may not be adequately captured by COPPA.en_US
dc.format.extent123 - 140en_US
dc.language.isoen_USen_US
dc.relation.ispartof28th USENIX Security Symposiumen_US
dc.rightsFinal published version. This is an open access article.en_US
dc.titleEvaluating the Contextual Integrity of Privacy Regulation: Parents' IoT Toy Privacy Norms Versus COPPAen_US
dc.typeConference Articleen_US
pu.type.symplectichttp://www.symplectic.co.uk/publications/atom-terms/1.0/conference-proceedingen_US

Files in This Item:
File Description SizeFormat 
PrivacyIoT.pdf7.2 MBAdobe PDFView/Download


Items in OAR@Princeton are protected by copyright, with all rights reserved, unless otherwise indicated.