Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Visualising Personal Data Flows: Insights from a Case Study of Booking.com

  • Conference paper
  • First Online:
Intelligent Information Systems (CAiSE 2023)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 477))

Included in the following conference series:

  • 436 Accesses

Abstract

Commercial organisations are holding and processing an ever-increasing amount of personal data. Policies and laws are continually changing to require these companies to be more transparent regarding collection, storage, processing and sharing of this data. This paper reports our work of taking Booking.com as a case study to visualise personal data flows extracted from their privacy policy. By showcasing how the company shares its consumers’ personal data, we raise questions and extend discussions on the challenges and limitations of using privacy policies to inform online users about the true scale and the landscape of personal data flows. This case study can inform us about future research on more data flow-oriented privacy policy analysis and on the construction of a more comprehensive ontology on personal data flows in complicated business ecosystems.

Supported by the EPSRC (Engineering and Physical Sciences Research Council, part of the UKRI) under the grant numbers EP/R033749/1 and EP/R033609/1. The full edition of this paper can be found on arXiv.org as a preprint at: https://arxiv.org/abs/2304.09603.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://www.booking.com/content/privacy.en-gb.html

  2. 2.

    https://www.researchandmarkets.com/reports/5330849/global-online-travel-market-2022

  3. 3.

    https://www.bookingholdings.com/about/factsheet/

References

  1. Andow, B., et al.: PolicyLint: investigating internal privacy policy contradictions on Google Play. In: Proceedings of USENIX Security 2019, pp. 585–602 (2019). https://www.usenix.org/conference/usenixsecurity19/presentation/andow

  2. Bracamonte, V., Hidano, S., Tesfay, W.B., Kiyomoto, S.: Effects of explanatory information on privacy policy summarization tool perception. In: Furnell, S., Mori, P., Weippl, E., Camp, O. (eds.) ICISSP 2020. CCIS, vol. 1545, pp. 156–177. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-94900-6_8

    Chapter  Google Scholar 

  3. Carlsson, R., et al.: Where does your data go? comparing network traffic and privacy policies of public sector mobile applications. In: Proceedings of WorldCIST 2022, vol. 1. pp. 214–225. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-04826-5_21

  4. Fallatah, K.U., et al.: Personal data stores (PDS): a review. Sensors 23(3) (2023). https://doi.org/10.3390/s23031477

  5. Harkous, H., et al.: Polisis: automated analysis and presentation of privacy policies using deep learning. In: Proceedings of USENIX Security 2018, pp. 531–548 (2018). https://www.usenix.org/conference/usenixsecurity18/presentation/harkous

  6. Ibdah, D., et al.: Why should I read the privacy policy, I just need the service: a study on attitudes and perceptions toward privacy policies. IEEE Access 9, 166465–166487 (2021). https://doi.org/10.1109/ACCESS.2021.3130086

  7. Ioannou, A., et al.: That’s private! understanding travelers’ privacy concerns and online data disclosure. J. Travel Res. 60(7), 1510–1526 (2021). https://doi.org/10.1177/0047287520951642

    Article  Google Scholar 

  8. Jin, H., et al.: Why are they collecting my data? Inferring the purposes of network traffic in mobile apps. In: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, vol. 2, no. 4 (2018). https://doi.org/10.1145/3287051

  9. Kitkowska, A., et al.: Enhancing privacy through the visual design of privacy notices: Exploring the interplay of curiosity, control and affect. In: Proceedings of SOUPS 2020. USENIX Association (2020). https://www.usenix.org/conference/soups2020/presentation/kitkowska

  10. Reinhardt, D., et al.: Visual interactive privacy policy: the better choice? In: Proceedings of CHI 2021, ACM (2021). https://doi.org/10.1145/3411764.3445465

  11. Verbrugge, S., et al.: Towards a personal data vault society: an interplay between technological and business perspectives. In: Proceedings of FITCE 2021, IEEE (2021). https://doi.org/10.1109/FITCE53297.2021.9588540

  12. Wieringa, J., et al.: Data analytics in a privacy-concerned world. J. Bus. Res. 122, 915–925 (2021). https://doi.org/10.1016/j.jbusres.2019.05.005

    Article  Google Scholar 

  13. Lu, Y., Li, S.: From data flows to privacy-benefit trade-offs: a user-centric semantic model. Secur. Priv. 5(4) (2022). https://doi.org/10.1002/spy2.225

  14. Such, J.M., Criado, N.: Resolving multi-party privacy conflicts in social media. IEEE Trans. Knowl. Data Eng. 28(7), 1851–1863 (2016). https://doi.org/10.1109/TKDE.2016.2539165

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Cyber Security for Society (iCSS) & School of Computing, University of Kent, Canterbury, UK

    Haiyue Yuan, Matthew Boakes & Shujun Li

  2. Nottingham Business School, Nottingham Trent University, Nottingham, UK

    Xiao Ma & Dongmei Cao

Authors
  1. Haiyue Yuan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Matthew Boakes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiao Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dongmei Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Shujun Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haiyue Yuan .

Editor information

Editors and Affiliations

  1. Universidad de Sevilla, Seville, Spain

    Cristina Cabanillas

  2. San Jorge University, Zaragoza, Spain

    Francisca Pérez

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yuan, H., Boakes, M., Ma, X., Cao, D., Li, S. (2023). Visualising Personal Data Flows: Insights from a Case Study of Booking.com. In: Cabanillas, C., Pérez, F. (eds) Intelligent Information Systems. CAiSE 2023. Lecture Notes in Business Information Processing, vol 477. Springer, Cham. https://doi.org/10.1007/978-3-031-34674-3_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-34674-3_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-34673-6

  • Online ISBN: 978-3-031-34674-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation