Author :
Wu, Shao-Yu ; Wang, Ming-Hung ; Chen, Kuan-Ta
Abstract :
In recent disasters, the web has served as a medium of communication among disaster response teams, survivors, local citizens, curious onlookers, and zealous people who are willing to assist victims affected by disasters. To encourage and speed up information dissemination, the availability and convenience of use are normally the top concerns in designing disaster response web services, where a design of free-formed inputs without access control is commonly adopted. However, such design may result in personal information disclosure and privacy leakage. In this paper, using a case study of a real-life disaster response service, the MKER (Morakot Event Reporting) forum, we show that the disclosure of personal information and the resulting privacy disclosure is indeed a serious problem that is currently happening. In our case, we have successfully mapped 1,438 unique cell phone numbers and 1,383 unique addresses to individuals using an automated method, not to mention the much greater invasion of privacy that could be effected by manual analysis of the messages posted on the forum. To resolve this issue, we propose several means to mitigate and prevent the mentioned privacy leakage on disaster response services from being happened.
Keywords :
Web services; authorisation; data privacy; disasters; emergency services; information dissemination; MKER forum; Morakot Event Reporting forum; crisis response; disaster response Web services; disaster response teams; information dissemination; personal information disclosure; privacy crisis; privacy invasion; privacy leakage; real-life disaster response service; Earthquakes; Message systems; Portals; Privacy; Typhoons; Web services; crisis informatics; disaster management; disaster response; privacy leakage; situation awareness; user privacy;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on
