-
Peer Surveillance in Online Communities
Authors:
Kyle Beadle,
Marie Vasek
Abstract:
Online communities are not safe spaces for user privacy. Even though existing research focuses on creating and improving various content moderation strategies and privacy preserving technologies, platforms hosting online communities support features allowing users to surveil one another--leading to harassment, personal data breaches, and offline harm. To tackle this problem, we introduce a new, wo…
▽ More
Online communities are not safe spaces for user privacy. Even though existing research focuses on creating and improving various content moderation strategies and privacy preserving technologies, platforms hosting online communities support features allowing users to surveil one another--leading to harassment, personal data breaches, and offline harm. To tackle this problem, we introduce a new, work-in-progress framework for analyzing data privacy within vulnerable, identity-based online communities. Where current SOUPS papers study surveillance and longitudinal user data as two distinct challenges to user privacy, more work needs to be done in exploring the sites where surveillance and historical user data assemble. By synthesizing over 40 years of developments in the analysis of surveillance, we derive properties of online communities that enable the abuse of user data by fellow community members and suggest key steps to improving security for vulnerable users. Deploying this new framework on new and existing platforms will ensure that online communities are privacy-conscious and designed more inclusively.
△ Less
Submitted 2 August, 2023;
originally announced August 2023.
-
Gotta Assess `Em All: A Risk Analysis of Criminal Offenses Facilitated through PokemonGO
Authors:
Ashly Fuller,
Martin Lo,
Angelica Holmes,
Lu Lemanski,
Marie Vasek,
Enrico Mariconti
Abstract:
Location-based games have come to the forefront of popularity in casual and mobile gaming over the past six years. However, there is no hard data on crimes that these games enable, ranging from assault to cyberstalking to grooming. Given these potential harms, we conduct a risk assessment and quasi-experiment on the game features of location-based games. Using PokemonGO as a case study, we identif…
▽ More
Location-based games have come to the forefront of popularity in casual and mobile gaming over the past six years. However, there is no hard data on crimes that these games enable, ranging from assault to cyberstalking to grooming. Given these potential harms, we conduct a risk assessment and quasi-experiment on the game features of location-based games. Using PokemonGO as a case study, we identify and establish cyber-enabled stalking as the main risk event where in-game features such as an innocent function to share in-game postcards can be exploited by malicious users. Users obtain postcards that are unique to each Pokestop and represent gifts that can be shared with in-game friends. The number of postcards that each user can retain is limited, so they send the excess to their friends with items that boost their friends' game activities. The postcard often also unintentionally leaks the users' commonly visited locations to their in-game friends. We analyze these in-game features using risk assessment and identify cyber-enabled stalking as one of the main threats. We further evaluate the feasibility of this crime through a quasi-experiment. Our results show that participants' routine locations such as home and work can be reliably re-identified within days from the first gift exchange. This exploitation of a previously unconsidered in-game feature enables physical stalking of previously unknown persons which can escalate into more serious crimes. Given current data protection legislation in Europe, further preventive measures are required by Niantic to protect pseudonymized users from being re-identified by in-game features and (potentially) stalked.
△ Less
Submitted 6 April, 2023;
originally announced April 2023.
-
Investigating the concentration of High Yield Investment Programs in the United Kingdom
Authors:
Sharad Agarwal,
Marie Vasek
Abstract:
Ponzi schemes that offer absurdly high rates of return by relying on more and more people paying into the scheme have been documented since at least the mid-1800s. Ponzi schemes have shifted online in the Internet age, and some are re-branded as HYIPs or High Yield Investment Programs. This paper focuses on understanding HYIPs' continuous presence and presents various possible reasons behind their…
▽ More
Ponzi schemes that offer absurdly high rates of return by relying on more and more people paying into the scheme have been documented since at least the mid-1800s. Ponzi schemes have shifted online in the Internet age, and some are re-branded as HYIPs or High Yield Investment Programs. This paper focuses on understanding HYIPs' continuous presence and presents various possible reasons behind their existence in today's world. A look into the countries where these schemes purport to exist, we find that 62.89% of all collected HYIPs claim to be in the United Kingdom (UK), and a further 55.56% are officially registered in the UK as a 'limited company' with a registration number provided by the UK Companies House, a UK agency that registers companies. We investigate other factors influencing these schemes, including the HYIPs' social media platforms and payment processors. The lifetime of the HYIPs helps to understand the success/failure of the investment schemes and helps indicate the schemes that could attract more investors. Using Cox proportional regression analysis, we find that having a valid UK address significantly affects the lifetime of an HYIP.
△ Less
Submitted 21 April, 2022;
originally announced May 2022.