Abstract
Computers of different types and portable devices like: mobile phones, smartwatches and an increasing number of IoT devices, collect and use our personal data, to improve and simplify our daily lives in new and unexpected ways. So, the awareness and safety measurements in this area are pretty important. Computer and networking security (e.g. attacks on confidentiality, integrity and availability) are subjects in undergraduate and graduate curriculums. Security awareness training has become a ubiquitous requirement for employees in industrial settings. However, privacy-related education has not advanced as quickly as security-related education. As the value of our private information and the possibilities for its misuse increase, we must develop and learn more about privacy-enhancing technologies and the role that they can play in our digital lives. Therefore, appropriate privacy education is required at different levels in the education system. This paper reviews and analyzes the digital privacy education research literature and identifies potential future research areas, based on coverage gaps that are detected using a taxonomy of the surveyed academic literature on privacy-based education. This taxonomy is based on: a classification decision about the subject of the data as personal or for a third party, the application domain, the specific teaching delivery method, and the teaching modality (e.g. collaborative, synchronous, asynchronous online, experiential, etc.).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Adams, C.: Introduction to Privacy Enhancing Technologies: A Classification-Based Approach to Understanding PETs. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81043-6
Alemany, J., Del Val, E., Garcia-Fornes, A.: Assessing the effectiveness of a gamified social network for applying privacy concepts: an empirical study with teens. IEEE Trans. Learn. Technol. 13(4), 777–789 (2020)
Amiri, F., Neshati, A., Hannani, S., Azadi, N.: Effect of mobile-based education of patient’s privacy protection principles on the knowledge, attitude and performance of operating room staff. Ann. Roman. Soc. Cell Biol. 25(6), 6876–6882 (2021)
Amro, B.M., Al-Jabari, M.O., Jabareen, H.M., Khader, Y.S., Taweel, A.: Design and development of case studies in security and privacy for health informatics education. In: 2018 IEEE/ACS 15th International Conference on Computer Systems and Applications (AICCSA), pp. 1–6. IEEE (2018)
Barnard-Wills, D., Ashenden, D.: Playing with privacy: games for education and communication in the politics of online privacy. Polit. Stud. 63(1), 142–160 (2015)
Büchi, M., Festic, N., Just, N., Latzer, M.: Digital inequalities in online privacy protection: effects of age, education and gender. In: Handbook of Digital Inequality. Edward Elgar Publishing (2021)
Burd, B., et al.: Courses, content, and tools for internet of things in computer science education. In: Proceedings of the 2017 ITiCSE Conference on Working Group Reports, pp. 125–139 (2018)
Chattopadhyay, A., Christian, D., Ulman, A., Petty, S.: Towards a novel visual privacy themed educational tool for cybersecurity awareness and K-12 outreach. In: Proceedings of the 19th Annual SIG Conference on Information Technology Education, p. 159 (2018)
Cvetkovski, A.: Data protection and the right to privacy in the computer age–through law enforcement or through education? IJAEDU-Int. E-J. Adv. Educ. 7(21), 207–211 (2021)
Egelman, S., Bernd, J., Friedland, G., Garcia, D.: The teaching privacy curriculum. In: Proceedings of the 47th ACM Technical Symposium on Computing Science Education, pp. 591–596 (2016)
Ghazinour, K., Messner, K., Scarnecchia, S., Selinger, D.: Digital-PASS: a simulation-based approach to privacy education. In: Proceedings of the 18th ACM Workshop on Privacy in the Electronic Society, pp. 162–174 (2019)
Ghiglieri, M., Stopczynski, M.: Seclab: an innovative approach to learn and understand current security and privacy issues. In: Proceedings of the 17th Annual Conference on Information Technology Education, pp. 67–72 (2016)
Giannakas, F., Gritzalis, S.: Raising internet security and privacy awareness in primary and early secondary education via mobile gamification. Ph.D. Dissertation (2018). Πανεπιστη´μιo Aιγαι´oυ. Σχoλη´ Πoλυτε χνικη´. Tμη´μα Mηχανικω´ ν Πληρoφoριακω´ ν και . . .
Heinrich, M.: Does education impact the use of privacy enhancing behavior? A longitudinal study. Ph.D. Dissertation. Creighton University (2021)
Jost, P., Divitini, M.: From paper to online: digitizing card based co-creation of games for privacy education. In: De Laet, T., Klemke, R., Alario-Hoyos, C., Hilliger, I., Ortega-Arranz, A. (eds.) EC-TEL 2021. LNCS, vol. 12884, pp. 178–192. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-86436-1_14
Lavranou, R., Tsohou, A.: Developing and validating a common body of knowledge for information privacy. Inf. Comput. Secur. 27, 668–686 (2019)
Peltier, J.W., Milne, G.R., Phelps, J.E., Barrett, J.T.: Teaching information privacy in marketing courses: Key educational issues for principles of marketing and elective marketing courses. J. Mark. Educ. 32(2), 224–246 (2010)
Peltsverger, S., Zheng, G.: Hands-on privacy labs. In: Proceedings of the 14th Annual ACM SIGITE Conference on Information Technology Education, pp. 137–138 (2013)
Peltsverger, S., Zheng, G.: Enhancing privacy education with a technical emphasis in IT curriculum. J. Inf. Technol. Educ. Innov. Pract. 15, 1 (2016)
Rege, A., Mendlein, A., Williams, K.: Security and privacy education for STEM undergraduates: a shoulder surfing course project. In: 2019 IEEE Frontiers in Education Conference (FIE), pp. 1–7. IEEE (2019)
Senarath, A.R., Arachchilage, N.A.G.: Understanding user privacy expectations: a software developer’s perspective. Telemat. Inform. 35(7), 1845–1862 (2018)
Steinhagen, D., Lucas, C., Francis, M., Lawrence, M., Streff, K.: An Inventory of Privacy Curricula Offerings in Higher Education. Inf. Syst. Educ. J. 19(3), 21–30 (2021)
Visoottiviseth, V., Khengthong, T., Kesorn, K., Patcharadechathorn, J.: ASPAHI: application for security and privacy awareness education for home IoT devices. In: 2021 25th International Computer Science and Engineering Conference (ICSEC), pp. 388–393. IEEE (2021)
Walker, K.L., Kiesler, T., Malone, S.: Youth-driven information privacy education campaign 2015–16: digital trust foundation final grant report. Online Submission (2016)
Wang, W., Tao, Y., Wang, K., Jedruszczak, D., Knutson, B.: Leveraging crowd for game-based learning: a case study of privacy education game design and evaluation by crowdsourcing. arXiv preprint arXiv:1603.02766 (2016)
Williams, M., Nurse, J.R.C., Creese, S.: (Smart) watch out! Encouraging privacy-protective behavior through interactive games. Int. J. Hum. Comput. Stud. 132(2019), 121–137 (2019)
Wisniewski, P.J., Knijnenburg, B.P., Lipford, H.R.: Making privacy personal: profiling social network users to inform privacy education and nudging. Int. J. Hum. Comput. Stud. 98(2017), 95–108 (2017)
Wu, Y.: The spread of artificial intelligence technology challenges the bottom line of privacy protection. In: 2022 7th International Conference on Cloud Computing and Big Data Analytics (ICCCBDA), pp. 407–411 (2022). https://doi.org/10.1109/ICCCBDA55098.2022.9778934
Yusri, R.: A game theoretical model for a collaborative e-learning platform on privacy awareness (2020)
Yusri, R., Abusitta, A., Aïmeur, E.: Teens-online: a game theory-based collaborative platform for privacy education. Int. J. Artif. Intell. Educ. 31(4), 726–768 (2021)
NIST Privacy Framework: A Tool for Improving Privacy through. https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.01162020.pdf. Accessed 17 Junw 2022
Zinkus, M., Curry, O., Moore, M., Peterson, Z., Wood, Z.J.: Fakesbook. In: Proceedings of the 50th ACM Technical Symposium on Computer Science Education, pp. 892–989 (2019). https://doi.org/10.1145/3287324.3287486
Ghazinour, K., Scarnecchia, S., Rabideau, J., Pecore, B.: A novel approach to social media privacy education through simulated role reversal. Proc. Comput. Sci. 177(2020), 112–119 (2020). https://doi.org/10.1016/j.procs.2020.10.018
OWASP Internet of Things | OWASP Foundation. https://owasp.org/www-project-internet-of-things/. Accessed 19 June 2022
Girard, E., Yusri, R., Abusitta, A., Aïmeur, E.: An automated stable personalised partner selection for collaborative privacy education. Int. J. Integr. Technol. Educ. 10(2), 9–22 (2021). https://doi.org/10.5121/ijite.2021.10202
Noh, Y.: Digital library user privacy: changing librarian viewpoints through education. Libr. Hi Tech 32(2), 300–317 (2014). https://doi.org/10.1108/lht-08-2013-0103
Knorr, E.M., Riva, G.V.D., Vakarelov, O.: Anatomy of a new data science course in privacy, ethics, and security. In: Proceedings of the 23rd Western Canadian Conference on Computing Education (2018). https://doi.org/10.1145/3209635.3209640
Dryer, A., Walia, N., Chattopadhyay, A.: A middle-school module for introducing data-mining, big-data, ethics and privacy using RapidMiner and a hollywood theme. In: Proceedings of the 49th ACM Technical Symposium on Computer Science Education (2018). https://doi.org/10.1145/3159450.3159553
Orgill, G.L., Romney, G.W., Bailey, M.G., Orgill, P.M.: The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems. In: Proceedings of the 5th Conference on Information Technology Education - CITC5 (2004). https://doi.org/10.1145/1029533.1029577
Schulz, S.: Teaching privacy outdoors – first approaches in the field in connection with STEM education. Research on outdoor STEM education in the digital Age. In: Proceedings of the ROSETA Online Conference in June 2020, pp. 163–170 (2020). https://doi.org/10.37626/ga9783959871440.0.20
McDonald, A.M., Reeder, R.W., Kelley, P.G., Cranor, L.F.: A comparative study of online privacy policies and formats. In: Proceedings of the 5th Symposium on Usable Privacy and Security - SOUPS (2009). https://doi.org/10.1145/1572532.1572586
Dyszlewski, A.: The landscape of digital citizenship education in Canada from grades K-12: online privacy education. https://knowledgecommons.lakeheadu.ca/handle/2453/4269. Accessed 21 June 2022
Keller, J.M.: Development and use of the ARCS model of instructional design. J. Instruct. Dev. 10(3), 2–10 (1987). https://doi.org/10.1007/bf02905780
Bross, T., Camp, L.: I just want your anonymized contacts! Benefits and education in security & privacy research. In: 2013 IEEE Security and Privacy Workshops (2013). https://doi.org/10.1109/spw.2013.6915057
Romney, V.W., Romney, G.W.: Neglect of information privacy instruction. In: Proceedings of the 5th conference on Information technology education - CITC5 (2004). https://doi.org/10.1145/1029533.1029553
Rutherfoord, R.H., Rutherfoord, J.K.: Privacy and ethical concerns in internet security. In: Proceedings of the 2010 ACM Conference on Information Technology Education - SIGITE (2010). https://doi.org/10.1145/1867651.1867686
Olaza-Maguiña, A.F., De La Cruz-Ramirez, Y.M.: Information security education and self-perception of privacy protection risk in mobile web in obstetrics students from Peru. In: Bentahar, J., Awan, I., Younas, M., Grønli, T.-M. (eds.) MobiWIS 2021. LNCS, vol. 12814, pp. 32–43. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-83164-6_3
Karagiannis, S., Papaioannou, T., Magkos, E., Tsohou, A.: Game-based information security/privacy education and awareness: theory and practice. In: Themistocleous, M., Papadaki, M., Kamal, M.M. (eds.) EMCIS 2020. LNBIP, vol. 402, pp. 509–525. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-63396-7_34
Dupuis, M.J., Gordon, C.: Evaluating Prevalence, perceptions, and effectiveness of cyber security and privacy education, training, and awareness programs (unpublished)
Fuster, G.G., Kloza, D.: The European handbook for teaching privacy and data protection at schools (2016)
Fuster, G.G., De Hert, P., Kloza, D.: State-of-the-art report on teaching privacy and personal data protection at schools in the European Union (2015)
Snowman, A.M.: Privacy and confidentiality: using scenarios to teach your staff about patron. J. Access Serv. 10(2), 120–132 (2013). https://doi.org/10.1080/15367967.2012.762267
Chattopadhyay, A., Christian, D., Ulman, A., Sawyer, C.: A middle-school case study: piloting a novel visual privacy themed module for teaching societal and human security topics using social media apps. In: 2018 IEEE Frontiers in Education Conference (FIE) (2018). https://doi.org/10.1109/fie.2018.8659278
Florea, I.M., Vornicu, D., Văduva, J.A. Rughiniș, R.: Teaching privacy through the development and testing of a location obfuscation solution. eLearn. Softw. Educ. 2 (2020)
REGULATION (EU) 2016/ 679 General Data Protection Regulation. https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679. Accessed 30 June 2022
California Consumer Privacy Act. California Legislative Information. https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375&search_keywords=privacy. Accessed 30 June 2022
Data Privacy Jobs Report Shows Demand. https://www.cpomagazine.com/data-privacy/data-privacy-jobs-report-shows-demand-for-privacy-pros-at-record-high-thanks-to-complex-regulatory-requirements-mass-migration-to-cloud-services/. Accessed 30 June 2022
Foxman, E.R., Kilcoyne, P.: Information technology, marketing practice, and consumer privacy: ethical issues. J. Public Policy Mark. 12(1), 106–119 (1993). https://doi.org/10.1177/074391569501200111
Law, E.-C., Kickmeier-Rust, M.D., Albert, D., Holzinger, A.: Challenges in the development and evaluation of immersive digital educational games. In: Holzinger, A. (ed.) USAB 2008. LNCS, vol. 5298, pp. 19–30. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89350-9_2
Office of the Privacy Commissioner of Canada. A Framework for the Government of Canada to Assess Privacy-Impactful Initiatives in Response to COVID-19; Office of the Privacy Commissioner of Canada: Ottawa, QC, Canada (2020)
Cisco Annual Internet Report (2018–2023) White Paper. https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html. Accessed 1 July 2022
RapidMiner for Academics - RapidMiner. https://rapidminer.com/platform/educational/. Accessed 1 July 2022
HIPAA Home | HHS.gov. https://www.hhs.gov/hipaa/index.html. Accessed 14 Aug 2022
Burgess, A., Van Diggele, C., Roberts, C., Mellis, C.: Team-based learning: design, facilitation and participation. BMC Med. Educ. 20 (2020). https://doi.org/10.1186/s12909-020-02287-y
Peixoto, M.M.: Privacy requirements engineering in agile software development: a specification method. In: REFSQ Workshops 2020 (2020)
Obar, J.A., Oeldorf-Hirsch, A.: The biggest lie on the internet: ignoring the privacy policies and terms of service policies of social networking services. Inf. Commun. Soc. 23(1), 128–147 (2020)
Acknowledgements
We thank the anonymous reviewers for their comments and ideas for improvements.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Paul, S.K., Knox, D.A. (2023). A Taxonomy and Gap-Analysis in Digital Privacy Education. In: Jourdan, GV., Mounier, L., Adams, C., Sèdes, F., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2022. Lecture Notes in Computer Science, vol 13877. Springer, Cham. https://doi.org/10.1007/978-3-031-30122-3_14
Download citation
DOI: https://doi.org/10.1007/978-3-031-30122-3_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-30121-6
Online ISBN: 978-3-031-30122-3
eBook Packages: Computer ScienceComputer Science (R0)