Abstract
Privacy is a major concern in the digital era and is intensively addressed in academic research, in industry, and by regulators. However, almost all references to privacy in the digital world relate to the Wide Area Network (WAN) environment, which is actually the Internet, whereas the Local Area Network (LAN) environment is neglected. While the Internet is widespread, almost every connection to the Internet is via a LAN. Given the increased interest in privacy, and the popularity of LANs, privacy threats on a LAN should have been extensively addressed. Nonetheless, significant research on LAN privacy issues is limited. Therefore, the focus of this study is on privacy vulnerabilities in the LAN environment. By conducting a literature meta-analysis and, particularly, by interviewing LAN managers and experts, we identified 18 vulnerabilities that may introduce privacy threats. The privacy risk assessment of the vulnerabilities was based on the FMEA approach. In an empirical study, we evaluated these vulnerabilities on 13 different LANs. Excluding one vulnerability, all the others were found on at least one LAN, and more than 50 percent of the vulnerabilities were identified as high-risk. The results show that the LAN is indeed a source of significant privacy concerns.