Speaker:
Tawei (David) Wang
DePaul University

Abstract: Data brokers are the major players in the market of collecting, selling, and sharing online user information. Although their practices have raised tremendous privacy concerns, their data collection and sharing activities are still under the veil. The growth of adverse cybersecurity incidents toward the data brokers has led the regulators, including California and Vermont, to require the data brokers to register and disclose their activities. This paper analyzes the leaked information on the dark web to analyze the data sharing and collection activities among the data brokers. In specific, we cluster the data brokers based on their data collection activities given by their product description to quantify the activity proximity. Next, we empirically examine how activity proximity leads to co-occurrence on the leaked information in the dark web. We further discuss the deterrence effect of the data broker registration on information leakage. Our study contributes to cybersecurity assurance and risk assessment literature by unveiling the shadowy data-collecting and data-sharing market.

About: Tawei (David) Wang is currently an Associate Professor and Driehaus Fellow at DePaul University. He received his Ph.D. from Krannert Graduate School of Management, Purdue University in 2009. His research interests are information security management and IT management. His papers have appeared in several leading journals, including Information Systems Research, Decision Support Systems, European Journal of Information Systems, Information and Management, Information Systems Journal, Journal of Accounting and Public Policy, Journal of Banking and Finance, Journal of Information Systems, among others. His articles have been downloaded more than 40,000 times through Science Direct. He was a speaker at events hosted by the  Institute of Internal Auditors and Institute of Management Accountants, and a panelist in a cyber risk workshop hosted by the Federal Reserve Bank Charlotte. He was selected to be the KPMG James Marwick Professor in Residence in 2018.

The weekly security seminar has been held every semester since spring of 1992. We invite personnel at Purdue and visitors from outside to present on topics of particular interest to them in the areas of computer and network security, computer crime investigation, information warfare, information ethics, public policy for computing and security, the computing "underground," and other related topics. More info