The 15-year history of collaboration on Wikipedia offers insight into how peer production communities create knowledge. In this research, we combine disparate content and collaboration approaches through a social network analysis approach known as an affiliation network. It captures both how knowledge is transferred in a peer production network and also the underlying skills possessed by its contributors in a single methodological approach. We test this approach on the Wikipedia articles dedicated to medical information developed in a subcommunity known as a WikiProject. Overall, we find that the position of an article in the affiliation network is associated with the quality of the article. We further investigate information quality through additional qualitative and quantitative approaches including expert coders using medical students, crowdsourcing using Amazon Mechanical Turk, and visualization using network graphs. A review by fourth-year medical students indicates that the Wikipedia quality rating is a reliable measure of information quality. Amazon Mechanical Turk ratings, however, are a less reliable measure of information quality, reflecting observable content characteristics such as article length and the number of references.
While information technology benefits society in numerous ways, it unfortunately also has potential to create new vulnerabilities. This special issue intends to stimulate thought and research into understanding and mitigating these vulnerabilities. We identify four mechanisms by which ubiquitous computing makes various entities (people, devices, organizations, societies, etc.) more vulnerable, including: increased visibility, enhanced cloaking, increased interconnectedness, and decreased costs. We use the papers in the special issue to explain these mechanisms, and then outline a research agenda for future work on digital vulnerabilities spanning four areas that are, or could become, significant societal problems with implications at multiple levels of analysis: Online harassment and incivility, technology-driven economic inequality, industrial Internet of Things, and algorithmic ethics and bias.
With the nearly instantaneous dissemination of information in the modern era, policies regarding the disclosure of sensitive information have become the focus of significant discussion in several contexts. The fundamental debate centers on trade-offs inherent in disclosing information that society needs, but that can also be used for nefarious purposes. Using information security as a research context, our empirical study examines the adoption of software vulnerabilities by a population of attackers. We compare attacks based on software vulnerabilities disclosed through full-disclosure and limited-disclosure mechanisms. We find that full disclosure accelerates the diffusion of attacks, increases the penetration of attacks within the target population, and increases the risk of first attack after the vulnerability is reported. Interestingly, the effect of full disclosure is greater during periods when there are more overall vulnerabilities reported, indicating that attackers may strategically focus on busy periods when the effort of security professionals is spread across many vulnerabilities. Although the aggregate volume of attacks remains unaffected by full disclosure, attacks occur earlier in the life cycle of the vulnerability. Building off our theoretical insights, we discuss the implications of our findings in more general contexts.
Firms increasingly turn to online communities to create valuable information. These communities are empowered by new information technology-enabled collaborative tools, tools such as blogs, wikis, and social networks. Collaboration on these platforms is characterized by considerable membership turnover, which could have significant effects on collaborative outcomes. We hypothesize that membership retention relates in a curvilinear fashion to effective collaboration: positively up to a threshold and negatively thereafter. The longitudinal history of 2,065 featured articles on Wikipedia offers support for this hypotheses: Contributions from a mixture of new and experienced participants both increases the likelihood that an article will be promoted to featured article status and decreases the risk it will be demoted after having been promoted. These findings imply that, contrary to many of the assumptions in previous research, participant retention does not have a strictly positive effect on emerging collaborative environments. Further analysis of our data provides empirical evidence that knowledge creation and knowledge retention are actually distinct phases of community-based peer production, and that communities may on average experience more turnover than ideal during the knowledge retention phase.
No longer the exclusive domain of technology experts, information security is now a management issue. Through a grounded approach using interviews, observations, and secondary data, we advance a model of the information security compromise process from the perspective of the attacked organization. We distinguish between deliberate and opportunistic paths of compromise through the Internet, labeled choice and chance, and include the role of countermeasures, the Internet presence of the firm, and the attractiveness of the firm for information security compromise. Further, using one year of alert data from intrusion detection devices, we find empirical support for the key contributions of the model. We discuss the implications of the model for the emerging research stream on information security in the information systems literature.