Publications

How Internet Users’ Privacy Concerns Have Evolved Since 2002 [PDF],
A.I. Antón, J.B. Earp, and J.D. Young, Submitted to: IEEE Security and Privacy Magazine, NCSU CSC Technical Report #TR-2009-16, July, 2009.

The ChoicePoint Dilemma: How Data Brokers Should Handle the
Privacy of Personal Information [HTML],
P. Otto, A. Antón, and D. Baumer, Security Privacy Magazine, IEEE, vol. 5, no. 5, pp. 15–23, Sept.-Oct. 2007.

Privacy Practices of Internet Users: Self-report versus Observed Behavior,
Carlos Jensen and Colin Potts. To appear in International Journal of Human Computer Studies special issue on HCI Research in Privacy and Security. October 2005.

Mining Rule Semantics to Understand Legislative Compliance [PDF],
T. D. Breaux and A.I. Antón. Accepted to: ACM Workshop on Privacy in Electronic Society (WPES’05), NCSU CSC Technical Report #TR-2005-31, Alexandria, Virginia, USA, 2005.

Analyzing Goals for Rights, Permissions and Obligations [PDF],
T. D. Breaux and A.I. Antón. In Proceedings 13th IEEE International Conference on Requirements Engineering (RE’05), NCSU CSC Technical Report #TR-2005-08, Paris, France, USA, 2005.

Deriving Semantic Models from Privacy Policy Goals [PDF],
T. D. Breaux and A.I. Antón. In Proceedings: 6th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY’05), NCSU CSC Technical Report #TR-2004-36, Stockholm, Sweden, USA, 2005.

A Formal Semantics for P3P
Ting Yu, Ninghui Li and Annie I. Antón. ACM Workshop on Secure Web Services (SWS), Washington, D.C., October 2004.

Privacy Policies as Decision-Making Tools: A Usability Evaluation of Online Privacy Notices
Carlos Jensen and Colin Potts. In Proceedings: ACM Conference on Human Factors in Computing Systems: CHI 2004, Vienna, Austria, April 2004. pp 471-478.

Deriving Access Control Policies from Requirements Specifications and Database Designs [PDF],
Q. He and A.I. Antón. Submitted to: 27th IEEE International Conference on Software Engineering (ICSE’05), NCSU CSC Technical Report #TR-2004-24, St. Louis, Missouri, USA, 2005.

An Analysis of Web Site Privacy Policy Evolution in the Presence of HIPAA, [PDF]
Annie I. Antón, Julia B. Earp, Matthew W. Vail, Neja Jain, Carrie Gheen and Jack M. Frink. Submitted to: IEEE Security & Privacy, NCSU Technical Report #TR-2004-21, 24 July 2004.

Specifying Privacy Policies with P3P and EPAL: Lessons Learned [PDF],
W. Stufflebeam, A.I. Antón, Q. He and N. Jain. Accepted to: Workshop on Privacy in the Electronic Society (WPES’04), NCSU Tech Report # TR-2004-19, 17 June 2004.

I need it now: Improving Website Usability By Contextualizing Privacy Policies,
D. Bolchini, Q. He, A.I. Antón and W. Stufflebeam. 4th International Conference on Web Engineering (ICWE 2004), Munich, Germany, 28-30 July 2004.

The Complexity Underlying JetBlue’s Privacy Policy Violations [PDF]
Annie I. Antón, Qingfeng He and David Baumer.
IEEE Security & Privacy, July-August, Vol 2, Issue 4, pp. 2-9, 2004.

The Use of Goals to Extract Privacy and Security Requirements from Policy Statements, [PDF]
Annie I. Antón, Davide Bolchini, and Qingfeng He.
NCSU CSC Technical Report #TR-2003-17, September 23, 2003.

The Lack of Clarity in Financial Privacy Policies and the Need for Standardization [PDF],
Annie I. Antón, Julia B. Earp, Davide Bolchini, Qingfeng He, Carlos Jensen and William Stufflebeam.
IEEE Security & Privacy, 2(2), pp. 36-45, 2004.

Crossed Signals: Internet Privacy Policies and User Concerns,
Julia B. Earp, Annie I. Antón, Lynda Aiman-Smith, and William Stufflebeam.
Submitted to: IEEE Transactions on Engineering Management, 31 April 2003.

Precluding Incongruous Behavior by Aligning Software Requirements with Security and Privacy Policies,
Annie I. Antón, Julie B. Earp and Ryan A. Carter.
Information and Software Technology, Elsevier, 45(14), pp. 967-977, 1 November 2003.

A Requirements Taxonomy to Reduce Website Privacy Vulnerabilities,
Annie I. Antón and Julie B. Earp.
To Appear: Requirements Engineering Journal, Springer Verlag, 2004.

A Framework for Modeling Privacy Requirements in Role Engineering,
Qingfeng He and Annie I. Antón.
Int’l Workshop on Requirements Engineering for Software Quality (REFSQ), Klagenfurt / Velden, Austria, 16 – 17 June, 2003.

Enabling Transnational Collection, Notification, and Sharing of Information,
V. Cavalli-Sforza, A. I. Antón, O. Brooks, J. Carbonell, R. Cole, R. Connolly, J. Fortes, M. Herrera, I. Krsul, C. McSweeney, C. Ortega, S. Su, D. Towsley, J. Ventura and W. Ward.
The 2003 National Conference on Digital Government Research, 2003.

Privacy Enforcement with an Extended Role-Based Access Control Model,
Qingfeng He.
NCSU Technical Report TR-2003-09, February 28, 2003.
[Postscript]

A Privacy-Aware Database Interface,
Hal Haygood, Qingfeng He, Shane Smith and Jodi Snare.
NCSU Technical Report TR-2003-05, December 10, 2002.
[Postscript]

A Visibility Framework for Privacy Management Requirements,
Olli Jarvinen, Julia B. Earp and Annie I. Antón.
2nd Symposium on Requirements Engineering for Information Security, Raleigh, NC, 15 October 2002.

A Social, Technical and Legal Framework for Privacy Management and Policies,
Julia B. Earp, Annie I. Antón and Olli Jarvinen.
Americas Conference on Information Systems (AMCIS 2002),
Dallas, Texas, 2002.

A Privacy Protection Comparison of Popular Web Browsers,
Qingfeng He and Annie I. Antón.
NCSU Technical Report TR-2003-06, July 01, 2002.
[Postscript]

Aligning Software Requirements with Security and Privacy Policies
Annie I. Antón, Julia B. Earp and Ryan A. Carter.
International Workshop on Requirements Engineering for Software Quality (REFSQ 2002), Essen, Germany, 18 April 2002.

Analyzing Web Site Privacy Requirements Using a Privacy Goal Taxonomy,
Annie I. Antón, Julia B. Earp and Angela Reese.
10th Anniversary IEEE Joint Requirements Engineering Conference (RE’02), Essen, Germany, pp. 605-612, 9-13 September 2002.

A Taxonomy for Web Site Privacy Policies,
Annie I. Antón and Julia B. Earp.
NCSU Dept. of Computer Science Technical Report, TR-2001-14, 18 December 2001.
[PDF]

Goal Mining to Examine Health Care Privacy Policies,
Annie I. Antón, Julia B. Earp and Angela Reese.
NCSU Dept. of Computer Science Technical Report, TR-2001-10, 6 November 2001.
[PDF]

Innovative Web Use to Learn about Consumer Behavior and Online Privacy
Julia Earp and David Baumer.
To appear: Communications of the ACM, 2002
[PDF]

The Role of Policy and Privacy Values in Requirements Engineering,
Annie I. Antón, Julia B. Earp, Colin Potts and Thomas A. Alspaugh.
IEEE 5th International Symposium on Requirements Engineering (RE’01),
Toronto, Canada, pp. 138-145, 27-31 August 2001.
[PDF]

Strategies for Developing Policies and Requirements for Secure E-Commerce Systems,
Annie I. Antón and Julia B. Earp.
Recent Advances in E-Commerce Security and Privacy,
ed. by A.K. Ghosh, Kluwer Academic Publishers, pp. 29-46, 2001.
[PDF]

Data Protection in the University Setting: Employee Perceptions of Student Privacy
Julia B. Earp and Fay C. Payton
34th IEEE Hawaiian International Conference on Systems Sciences, January 2001.
[PDF]

Privacy of Medical Records: IT Implications of HIPAA
David Baumer, Julia B. Earp and Fay C. Payton.
ACM Computers and Society, 30(4), pp.40-47, December 2000.
[PDF]

National Identification Cards,
Annie I. Antón.
Information Policy Report for PUBP 8100,
Georgia Institute of Technology, Atlanta GA, 17 December 1996.
[HTML]

Presentations

What is Privacy?
Presented at NCSU E-Commerce Seminar Series, Raleigh, NC (10 Oct 2001)
[PDF]

The Role of Policy and Privacy Values in Requirements Engineering
Presented at RE’01 in Toronto, Canada (30 Aug 2001)
[PDF]

Strategies for Developing Policies and Requirements for Secure E-Commerce Systems
Presented at Security and Privacy for E-Commerce in Athens, Greece (Nov 2000)
[PDF]