Is Transparency a useful Paradigm for Privacy?
|
|
- Gervais Norris
- 5 years ago
- Views:
Transcription
1 Is Transparency a useful Paradigm for Privacy? Shonan Seminar, August 6 th, 2013 Japan Prof. Dr. Dr. h.c. Günter Müller Institute of Computer Science and Social Studies Department of Telematics
2 Outline A Privacy and its conceptions B Big Data Privacy C D E F PET: Example Identity Management 4 Myths of PET The three Hurdles of TET Meta Model and Questions for the Seminar
3 The Users View on Privacy Don t copy my data Delete my data if I say so
4 The American View on Privacy The right to be left alone. Louis Brandeis, 1890 (Harvard Law Review) Numerous mechanical devices threaten to make good the prediction that what is whispered in the closet shall be proclaimed from the housetops Spatial understanding of Privacy Louis D. Brandeis,
5 European View on Privacy Privacy and Civilization Jewish law ( free from being watched ) Justice of Peace act (England 1361) Privacy is a human right Universal declaration of human rights, article 12 (1948) European convention on human rights, article 8 (1970) The desire of people to choose freely under what circumstances and to what extent they will expose themselves, their attitude and their behavior to others. Alan Westin, 1967 ( Privacy And Freedom ) 5
6 Do Non-functional Views Matter? Informational self-determination (Germany, Japan, EU) Privacy sphere Spatial privacy (Anglo- Saxon) My Home is my castle "I don't want to live in a world where there's no privacy, and therefore no room for intellectual exploration and creativity. (Snowden 2013) Young people should change their names at 6 a certain age. Eric Schmidt (Google), 2012
7 Do Users care? Behavioral Patterns and Privacy Paradox Privacy laymen 1 (SL 1): The credulous naiv Absolute majority 65% Willingness to learn and sense of danger extremely low Privacy Enforcers (SL 3): The self-confident expert Frequent use of Internet Expertise on Privacy mechanisms Approx. 15 % of the users The Internet Trustee 2 (SL 2): The impatient expert or the Privacy partadox Privacy violations are considered important Privacy mechanisms are only used with immediate comprehensibility and without extra efforts Approx. 20% of the users Kaiser J., Reichenbach M.: Evaluating Usable Security; IFIP 2002 Accquisti A., Gross R., Stutzmann F.:Silent Listeners: The Evolution of Privacy and Disclosure on Facebook; Journal of Privacy and Condentiality (2012) 7
8 Outline A Privacy and its conceptions B Big Data Privacy C D E F PET: Example Identity Management 4 Myths of PET The three Hurdles of TET Meta Model and Questions for the Seminar
9 Big Data and Privacy: Data Collection - Collecting unrelated data - How do you want to appear to your friends - Where are you? - How do you live?
10 Regulation at the wrong place Data consumer Data provider d, d Data consumer d Data provider Emphasis on Prevention: Legal: Data Minimization Technical: Privacy Enhancing Technology (PET) New challenge: Transparency Legal: Monitoring of data usage Technical: Transparency Enhancing Technology (TET)
11 The Business Model of Data Centric Services Business Model Service Provider Consumer Free service Advertising platform Business Customer Value (v1) Value (v2) Privacy by Hiding Privacy by Transparency Policy Dashboard Analytics 11
12 Outline A Privacy and its conceptions B Big Data Privacy C D E F PET: Example Identity Management 4 Myths of PET The three Hurdles of TET Information Assymmetry and Meta Model?
13 Privacy Options Prevention Detection Provider can guarantee adherence to an obligation Undetected vulnerabilites lead to Privacy leaks 100% Privacy according to privacy model Provider can detect violation of an obligation either before, during or after transaction A: Transparency is either lack of any protection mechanism B: Transparency is Prevention by tracing actions 13
14 PET - TET Usage Control TET Transparency Enhancing Technology Privacy PII Detection PET Privacy Enhancing Technology Privacy Transparency Pseudonymity Attributes / PII Fully Anonymity 14
15 PET: Identity Management (IM) 15 Alice = Bob, Tarzan, , I m Bob Bob: 1975 You re born 1975 Master ID: Alice Tarzan: UTA I m Tarzan Universal Theatre Abo owns (a) cert of birth < today -18, (b) UTA cert, all to same MasterID : Ticket show certified attributes Ticket for the evening theatre Prof. Dr. G. Müller 15
16 PET: Identity - Problems Declared values may be untrustworthy More information requested than necessary (violates basic privacy principle) Regular security breaches that compromise credentials Linkability of transactions: Transactions of the same person can be identified... even if purchase is otherwise anonymous (KU Leuven: 94% of all Browser can be correctly connected to user. 16
17 Outline A Privacy and its conceptions B Big Data Privacy C D E F PET: Example Identity Management 4 Myths of PET The three Hurdles of TET Meta Model and Questions for the Seminar
18 The four Myth about PET Myth # 1: The major privacy risk is from unauthorized access to information Reality: 80% of all security and privacy breaches are from within. Myth # 2: Privacy can be adequately protected by removing personally identifying information (PII) from records to be released. Reality: PII not needed, Statiscal accuracy, KU Leven with Browser Myth # 3: Notice and choice is an adequate framework for privacy protection Reality: Intermediary role of Provider leaves opt-out with large costs Myth # 4: Privacy is about individuals Reality: Profiles are more about association to classes of behavior 18
19 Myth # 1: Finding Medical Records (Sweeney 2002) Former Governor of Massachusetts
20 Myth #2: Removing Personal Data Amazon Robertson shilled
21 Myth # 3: Notice and Choice Information Leakage from Social Networks Jernigan and Mistree (2007) 21
22 Fraction of users 1-identified Myth # 4: Identification and item suppression 0,6 0,5 0,4 0,3 Drop 88% of items to protect current users against 1- identification! 88% of items => 28% ratings 0,2 0, ,2 0,4 0,6 0,8 1 Fraction of items suppressed
23 Outline A Privacy and its conceptions B Big Data Privacy C D E F PET: Example Identity Management 4 Myths of PET The three Hurdles of TET Meta Model and Questions for the Seminar
24 TET Usage Control TET Transparency Enhancing Technology Privacy PII Detection PET Privacy Enhancing Technology Privacy Transparency Pseudonymity Attributes / PII Fully Anonymity 24
25 Analysis of Transparency and Control Provisions: cover the time up to the access ( past and present ) Obligations: cover the time after the access ( future ) Set of rules rule = access control part + contracts contract = obligation + enforcement info controllable contracts observable contracts trusted contracts Provisions Obligations request access t 25
26 Enforcement 1:Service Request and Policy identification 2: Acceptance / Evaluation / Access 4: Log/ Audit / Compliance 3: Enforcement of Policy
27 Step 1: Distribution Tr(MüPri.JPG, MüFaceb.,Amazon) Trace(Content, Issuer, Receiver)
28 Step 1: Distribution Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG, Amazon.,Twitter). Tr(MüPri.JPG, MüFaceb.,Amazon) Trace(Content, Issuer, Receiver)
29 Step 1: Distribution Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG, Amazon.,Twitter) Tr(MüPri.JPG, MüFaceb.,Amazon) Trace(Content, Issuer, Receiver)
30 Step 1: Distribution Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG, Amazon.,Twitter) Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG,J.Friends, Instagram) Trace(Content, Issuer, Receiver) Tr(MüPri.JPG,J.Friends, Anonym)
31 Step 1: Distribution Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG, Amazon.,Twitter) Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG,J.Friends, Instagram) Trace(Content, Issuer, Receiver) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG,Anonym,Sasaki) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG, MüFaceb.,J.Friends Tr(MüPri.JPG,Anonym,Joa) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG, MüFaceb.,J.Friends
32 Step 1: Distribution Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG, Amazon.,Twitter) Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG,J.Friends, Instagram) Tr(MüPri.JPG,Joa,TheSun) Tr(MüPri.JPG,Anonym,Joa) Tr(MüPri.JPG,J.Friends, Anonym) Trace(Content, Issuer, Receiver) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG,Anonym,Sasaki) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG,Anonym,Joa) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG,Joa,TuWien) Tr(MüPri.JPG,Anonym,Joa) Tr(MüPri.JPG,J.Friends, Anonym)
33 Step 2: Tracking Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG, Amazon.,Twitter) Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG,J.Friends, Instagram) Tr(MüPri.JPG,Joa,TheSun) Tr(MüPri.JPG,Anonym,Joa) Tr(MüPri.JPG,J.Friends, Anonym) Trace(Content, Issuer, Receiver) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG,Anonym,Sasaki) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG, MüFaceb.,J.Friends Tr(MüPri.JPG,Anonym,Joa) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG, MüFaceb.,J.Friends Tr(MüPri.JPG,Joa,TuWien) Tr(MüPri.JPG,Anonym,Joa) Tr(MüPri.JPG,J.Friends, Anonym)
34 Step 2: Tracking Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG, Amazon.,Twitter) Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG,J.Friends, Instagram)????????? Anonymous????????? Tr(MüPri.JPG,Anonym,Joa) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG, MüFaceb.,J.Friends Trace(Content, Issuer, Receiver) Tr(MüPri.JPG,Anonym,Sasaki) Tr(MüPri.JPG,J.Friends, Anonym) Tr(MüPri.JPG, MüFaceb.,J.Friends
35 Step 2: Tracking Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG, Amazon.,Twitter) Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG,J.Friends, Instagram) Tr(MüPri.JPG,MüFaceb.,J.Friends) MüFaceb.,J.Friends)????????? Anonymous????????? Trace(Content, Issuer, Receiver)
36 Step 2: Tracking Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG, Amazon.,Twitter) Tr(MüPri.JPG, MüFaceb.,Amazon)????????? Anonymous????????? Trace(Content, Issuer, Receiver)
37 Step 2: Tracking Tr(MüPri.JPG, MüFaceb.,Amazon) Tr(MüPri.JPG, Amazon.,Twitter) Tr(MüPri.JPG, MüFaceb.,Amazon)????????? Anonymous????????? Trace(Content, Issuer, Receiver)
38 Step 2: Tracking Tr(MüPri.JPG, Mü.FB.,Amazon)????????? Anonymous????????? Trace(Content, Issuer, Receiver)
39 Step 3: Enforcement OASIS Architecture Subject Ff User Service PEP Policy enforcement point Request Referencemonitor Object WEB SERVICE Authorisation Request PDP Policy decision point Policyrequest Authorisation answer Policyrules Contextinformation Request Contextinformation PIP Policy information point PRP Policy retrieval point Policy PAP Policy administration point Policy Store Nach: O Neill: WS Security, McGraw-Hill 39
40 Outline A Privacy and its conceptions B Big Data Privacy C D E F PET: Example Identity Management 4 Myths of PET The three Hurdles of TET Meta Model and Questions for the Seminar
41 Information Assymetry Screening Signalling Privacy an error of evolution? Transparency XOR Suspicion? Privacy limits technical progress Privacy is follower of technology... 41
42 Architecture Layers Freiburg Meta Model Business Application Infrastructure Business Rules Data Objects Artifacts Business Objects Application Service Business Processes Infrastructure Service Business Goals Application Component Representation Business Roles Application Roles Subjects Security, Privacy and e Requirements By design Runtime A posteriori Mechanisms
43 Seminar Questions A: Is Privacy and transparency a contradiction, since it cannot prevent violations? B: What is the relation between user s privacy concerns and their trust in a particular service, based on the research available to this end? C: Does the available body of evidence support the assumption that more transparency would lead to more trust? D. Which transparency enhancing tools are available and in use at this moment, and what is experience with regard to enhancing privacy? E. What are the societal requirements, and does privacy lead to behavioral changes, economic inefficiencies caused by a setback in technical progress?
Data Anonymization Related Laws in the US and the EU. CS and Law Project Presentation Jaspal Singh
Data Anonymization Related Laws in the US and the EU CS and Law Project Presentation Jaspal Singh The Need for Anonymization To share a database packed with sensitive information with third parties or
More informationStandards and privacy engineering ISO, OASIS, PRIPARE and Other Important Developments
Standards and privacy engineering ISO, OASIS, PRIPARE and Other Important Developments Antonio Kung, CTO 25 rue du Général Foy, 75008 Paris www.trialog.com 9 May 2017 1 Introduction Speaker Engineering
More informationPrivacy engineering, privacy by design, and privacy governance
CyLab Lorrie Faith Cranor" Engineering & Public Policy acy & Secur ity Priv e l HT TP ratory bo La 8-533 / 8-733 / 19-608 / 95-818:! Privacy Policy, Law, and Technology CyLab U sab November 17, 2015 ://
More informationLAB3-R04 A Hard Privacy Impact Assessment. Post conference summary
LAB3-R04 A Hard Privacy Impact Assessment Post conference summary John Elliott Joanne Furtsch @withoutfire @PrivacyGeek Table of Contents THANK YOU... 3 WHAT IS PRIVACY?... 3 The European Perspective...
More informationEnabling Trust in e-business: Research in Enterprise Privacy Technologies
Enabling Trust in e-business: Research in Enterprise Privacy Technologies Dr. Michael Waidner IBM Zurich Research Lab http://www.zurich.ibm.com / wmi@zurich.ibm.com Outline Motivation Privacy-enhancing
More informationISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Privacy framework
INTERNATIONAL STANDARD ISO/IEC 29100 First edition 2011-12-15 Information technology Security techniques Privacy framework Technologies de l'information Techniques de sécurité Cadre privé Reference number
More informationMaking Identity Use Predictable. UNCITRAL Colloquium on Identity Management and Trust Services 21 April, 2016
Making Identity Use Predictable UNCITRAL Colloquium on Identity Management and Trust Services 21 April, 2016 Why Am I Here CertiPath High Assurance Identity Trust Framework Supports Aerospace and Defense
More informationResponsible Data Use Policy Framework
1 May 2018 Sidewalk Toronto is a joint effort by Waterfront Toronto and Sidewalk Labs to create a new kind of complete community on Toronto s waterfront that combines cutting-edge technology and forward-thinking
More informationHL7 Standards and Components to Support Implementation of the European General Data Protection Regulation (GDPR)
HL7 Standards and Components to Support Implementation of the European General Data Protection Regulation (GDPR) Alexander Mense - University of Applied Sciences Vienna Bernd Blobel - Medical Faculty,
More informationFirst Components Ltd, Savigny Oddie Ltd, & Datum Engineering Ltd. is pleased to provide the following
Privacy Notice Introduction This document refers to personal data, which is defined as information concerning any living person (a natural person who hereafter will be called the Data Subject) that is
More informationPrivacy and Security in an On Demand World
Privacy and Security in an On Demand World Harriet Pearson, V.P. Workforce & Chief Privacy Officer IBM Corporation Almaden Institute Symposium on Privacy April 9, 2003 2002 IBM Corporation Outline Where
More informationDaPIS: an Ontology-based Data Protection Icon Set
DaPIS: an Ontology-based Data Protection Icon Set Monica Palmirani*, Arianna Rossi* Law via the Internet Florence, October 11, 2018 *CIRSFID, University of Bologna; ICR, University of Luxembourg The information
More informationPrivacy Policy SOP-031
SOP-031 Version: 2.0 Effective Date: 18-Nov-2013 Table of Contents 1. DOCUMENT HISTORY...3 2. APPROVAL STATEMENT...3 3. PURPOSE...4 4. SCOPE...4 5. ABBREVIATIONS...5 6. PROCEDURES...5 6.1 COLLECTION OF
More informationThe new GDPR legislative changes & solutions for online marketing
TRUSTED PRIVACY The new GDPR legislative changes & solutions for online marketing IAB Forum 2016 29/30th of November 2016, Milano Prof. Dr. Christoph Bauer, GmbH Who we are and what we do Your partner
More informationPrivacy Procedure SOP-031. Version: 04.01
SOP-031 Version: 04.01 Effective Date: 01-Mar-2017 Table of Contents 1. DOCUMENT HISTORY... 3 2. APPROVAL STATEMENT... 3 3. PURPOSE... 4 4. SCOPE... 4 5. ABBREVIATIONS... 4 6. PROCEDURES... 5 6.1 COLLECTION
More informationLegal Aspects of Identity Management and Trust Services
Legal Aspects of Identity Management and Trust Services Anna Joubin-Bret Secretary What is Identity Management (IdM)? Fundamental issue for the use of electronic means Answers the basic questions: Who
More informationGUITAR PRO SOFTWARE END-USER LICENSE AGREEMENT (EULA)
GUITAR PRO SOFTWARE END-USER LICENSE AGREEMENT (EULA) GUITAR PRO is software protected by the provisions of the French Intellectual Property Code. THIS PRODUCT IS NOT SOLD BUT PROVIDED WITHIN THE FRAMEWORK
More informationProtection of Privacy Policy
Protection of Privacy Policy Policy No. CIMS 006 Version No. 1.0 City Clerk's Office An Information Management Policy Subject: Protection of Privacy Policy Keywords: Information management, privacy, breach,
More informationAnalysis of Privacy and Data Protection Laws and Directives Around the World
Analysis of Privacy and Data Protection Laws and Directives Around the World Michael Willett (Seagate) ISTPA Board and Framework Chair Track IIB: Global Privacy Policy The Privacy Symposium: Boston, 23
More informationSystematic Privacy by Design Engineering
Systematic Privacy by Design Engineering Privacy by Design Let's have it! Information and Privacy Commissioner of Ontario Article 25 European General Data Protection Regulation the controller shall [...]
More informationWhatever Happened to the. Fair Information Practices?
Whatever Happened to the Fair Information Practices? Beth Givens Director Privacy Rights Clearinghouse Privacy Symposium August 22, 2007 Cambridge, MA Topics Definition and origins of FIPs Overview of
More informationGlobal Standards Symposium. Security, privacy and trust in standardisation. ICDPPC Chair John Edwards. 24 October 2016
Global Standards Symposium Security, privacy and trust in standardisation ICDPPC Chair John Edwards 24 October 2016 CANCUN DECLARATION At the OECD Ministerial Meeting on the Digital Economy in Cancun in
More informationThis Privacy Policy describes the types of personal information SF Express Co., Ltd. and
Effective Date: 2017/05/10 Updated date: 2017/05/25 This Privacy Policy describes the types of personal information SF Express Co., Ltd. and its affiliates (collectively as "SF") collect about consumers
More informationUNIVERSAL SERVICE PRINCIPLES IN E-COMMUNICATIONS
UNIVERSAL SERVICE PRINCIPLES IN E-COMMUNICATIONS BEUC paper EC register for interest representatives: identification number 9505781573-45 100% broadband coverage by 2013 ICT services have become central
More informationLegislative and Regulatory Update. Diane Bowers, CASRO President CASRO Data Collection Conference November 19, 2009
Legislative and Regulatory Update Diane Bowers, CASRO President CASRO Data Collection Conference November 19, 2009 2009 Pharma market research state and Federal Massachusetts Vermont Minnesota Proposed
More informationPrivacy by Transparency for Data-Centric Services
ISSN 2186-7437 NII Shonan Meeting Report No. 2013-5 Privacy by Transparency for Data-Centric Services Prof. Dr. Isao Echizen Prof. Dr. Günter Müller Prof. Dr. Ryoichi Sasaki Prof. Dr. A Min Tjoa August
More informationIAB Europe Guidance THE DEFINITION OF PERSONAL DATA. IAB Europe GDPR Implementation Working Group WHITE PAPER
IAB Europe Guidance WHITE PAPER THE DEFINITION OF PERSONAL DATA Five Practical Steps to help companies comply with the E-Privacy Working Directive Paper 02/2017 IAB Europe GDPR Implementation Working Group
More informationTechnical Issues and Requirements for privacy risk identification through Crowd-sourcing
Technical Issues and Requirements for privacy risk identification through Crowd-sourcing Prof. Nancy Alonistioti nancy@di.uoa.gr Outline Introduction Problem Statement Crowd-sourcing Crowd-sourcing Techniques
More informationIdentity Management and its impact on the Digital Economy
Identity Management and its impact on the Digital Economy Alejandro Barros 1, Alejandro Pareja 2 October 2016 Contents Introduction... 2 Identity Management... 3 Enrolment in the National Identity System...
More informationPan-Canadian Trust Framework Overview
Pan-Canadian Trust Framework Overview A collaborative approach to developing a Pan- Canadian Trust Framework Authors: DIACC Trust Framework Expert Committee August 2016 Abstract: The purpose of this document
More informationINFORMATION PRIVACY: AN INTERDISCIPLINARY REVIEW H. JEFF SMITH TAMARA DINEV HENG XU
INFORMATION PRIVACY: AN INTERDISCIPLINARY REVIEW H. JEFF SMITH TAMARA DINEV HENG XU WHY SUCH A BIG DEAL? 72 percent are concerned that their online behaviors were being tracked and profiled by companies
More informationRobert Bond Partner, Commercial/IP/IT
Using Privacy Impact Assessments Effectively robert.bond@bristows.com Robert Bond Partner, Commercial/IP/IT BA (Hons) Law, Wolverhampton University Qualified as a Solicitor 1979 Qualified as a Notary Public
More informationEffective Data Protection Governance An Approach to Information Governance in an Information Age. OECD Expert Consultation Boston October 2016
Effective Protection Governance An Approach to Information Governance in an Information Age OECD Expert Consultation Boston October 2016 Today s Objectives Are the Same, But the Challenges Are Different
More informationCONSENT IN THE TIME OF BIG DATA. Richard Austin February 1, 2017
CONSENT IN THE TIME OF BIG DATA Richard Austin February 1, 2017 1 Agenda 1. Introduction 2. The Big Data Lifecycle 3. Privacy Protection The Existing Landscape 4. The Appropriate Response? 22 1. Introduction
More informationAn Introduction to a Taxonomy of Information Privacy in Collaborative Environments
An Introduction to a Taxonomy of Information Privacy in Collaborative Environments GEOFF SKINNER, SONG HAN, and ELIZABETH CHANG Centre for Extended Enterprises and Business Intelligence Curtin University
More informationPersonal Data Protection Competency Framework for School Students. Intended to help Educators
Conférence INTERNATIONAL internationale CONFERENCE des OF PRIVACY commissaires AND DATA à la protection PROTECTION des données COMMISSIONERS et à la vie privée Personal Data Protection Competency Framework
More informationPrivacy Laws, Technological Developments, and Their Impact on You Review of: Understanding Privacy and Data Protection: What You Need to Know
Privacy Laws, Technological Developments, and Their Impact on You Review of: Understanding Privacy and Data Protection: What You Need to Know Timothy J. Toohey Thomson Reuters/ Aspatore, United States,
More informationGDPR Awareness. Kevin Styles. Certified Information Privacy Professional - Europe Member of International Association of Privacy professionals
GDPR Awareness Kevin Styles Certified Information Privacy Professional - Europe Member of International Association of Privacy professionals Introduction Privacy and data protection are fundamental rights
More informationPublic consultation on Europeana
Contribution ID: 941f02ae-8804-42f5-824a-fe9fbe6521fc Date: 08/11/2017 08:35:00 Public consultation on Europeana Fields marked with * are mandatory. Introduction Welcome to the consultation on Europeana.
More informationPrivacy, Technology and Economics in the 5G Environment
Privacy, Technology and Economics in the 5G Environment S A M A N T K H A J U R I A A S S I S T P R O F E S S O R, C M I K N U D E R I K S K O U B Y P R O F E S S O R, D I R E C T O R C M I S K O U B Y
More informationInformation Communication Technology
# 115 COMMUNICATION IN THE DIGITAL AGE. (3) Communication for the Digital Age focuses on improving students oral, written, and visual communication skills so they can effectively form and translate technical
More informationhttps://www.icann.org/en/system/files/files/interim-models-gdpr-compliance-12jan18-en.pdf 2
ARTICLE 29 Data Protection Working Party Brussels, 11 April 2018 Mr Göran Marby President and CEO of the Board of Directors Internet Corporation for Assigned Names and Numbers (ICANN) 12025 Waterfront
More informationTowards a Magna Carta for Data
Towards a Magna Carta for Data Expert Opinion Piece: Engineering and Computer Science Committee February 2017 Expert Opinion Piece: Engineering and Computer Science Committee Context Big Data is a frontier
More informationFiscal 2007 Environmental Technology Verification Pilot Program Implementation Guidelines
Fifth Edition Fiscal 2007 Environmental Technology Verification Pilot Program Implementation Guidelines April 2007 Ministry of the Environment, Japan First Edition: June 2003 Second Edition: May 2004 Third
More informationBig Data & Ethics some basic considerations
Big Data & Ethics some basic considerations Markus Christen, UZH Digital Society Initiative, University of Zurich 1 Overview We will approach the topic Big Data & Ethics in a three-step-procedure: Step
More informationMasao Mukaidono Emeritus Professor, Meiji University
Provisional Translation Document 1 Second Meeting Working Group on Voluntary Efforts and Continuous Improvement of Nuclear Safety, Advisory Committee for Natural Resources and Energy 2012-8-15 Working
More informationWorkshop on anonymization Berlin, March 19, Basic Knowledge Terms, Definitions and general techniques. Murat Sariyar TMF
Workshop on anonymization Berlin, March 19, 2015 Basic Knowledge Terms, Definitions and general techniques Murat Sariyar TMF Workshop Anonymisation, March 19, 2015 Outline Background Aims of Anonymization
More informationThe GDPR and Upcoming mhealth Code of Conduct. Dr Etain Quigley Postdoctoral Research Fellow (ARCH, UCD)
The GDPR and Upcoming mhealth Code of Conduct Dr Etain Quigley Postdoctoral Research Fellow (ARCH, UCD) EU General Data Protection Regulation (May 2018) First major reform in 20 years 25 th May 2018 no
More informationEthical and social aspects of management information systems
Ethical and social aspects of management Marcos Sanches Commerce Électronique The challenge Why are contemporary and the Internet a challenge for the protection of privacy and intellectual property? How
More informationHong Kong Personal Data Protection Regulatory Framework From Compliance to Accountability
Legal Week s Corporate Counsel Forum 2016 Renaissance Harbour View Hotel 23 June 2016 Hong Kong Personal Data Protection Regulatory Framework From Compliance to Accountability Stephen Kai-yi Wong Privacy
More informationGetting the evidence: Using research in policy making
Getting the evidence: Using research in policy making REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 586-I Session 2002-2003: 16 April 2003 LONDON: The Stationery Office 14.00 Two volumes not to be sold
More informationA Survey on Norwegian User s Perspective on Privacy in Recommender Systems
A Survey on Norwegian User s Perspective on Privacy in Recommender Systems Itishree Mohallick and Özlem Özgöbek Norwegian University of Science and Technology, Trondheim 7491, Norway m.itishree@gmail.com
More informationTechAmerica Europe comments for DAPIX on Pseudonymous Data and Profiling as per 19/12/2013 paper on Specific Issues of Chapters I-IV
Tech EUROPE TechAmerica Europe comments for DAPIX on Pseudonymous Data and Profiling as per 19/12/2013 paper on Specific Issues of Chapters I-IV Brussels, 14 January 2014 TechAmerica Europe represents
More informationThe ALA and ARL Position on Access and Digital Preservation: A Response to the Section 108 Study Group
The ALA and ARL Position on Access and Digital Preservation: A Response to the Section 108 Study Group Introduction In response to issues raised by initiatives such as the National Digital Information
More information04 - Introduction to Privacy
04 - Introduction to Privacy Lorrie Cranor, Blase Ur, and Rich Shay Engineering & Public Policy January 22, 2015 05-436 / 05-836 / 08-534 / 08-734 Usable Privacy and Security 1 Today! What does privacy
More informationEXIN Privacy and Data Protection Foundation. Preparation Guide. Edition
EXIN Privacy and Data Protection Foundation Preparation Guide Edition 201701 Content 1. Overview 3 2. Exam requirements 5 3. List of Basic Concepts 9 4. Literature 15 2 1. Overview EXIN Privacy and Data
More informationStaffordshire Police
Staffordshire Police ANPR ANPR Project Document Reference: Author: D PLATT Date: 16 TH NOV 2012 Change Control Record Date Document Reference Change By 16/11/12 Initial version, for review D PLATT Contents
More informationOcean Energy Europe Privacy Policy
Ocean Energy Europe Privacy Policy 1. General 1.1 This is the privacy policy of Ocean Energy Europe AISBL, a non-profit association with registered offices in Belgium at 1040 Brussels, Rue d Arlon 63,
More informationWhat does the revision of the OECD Privacy Guidelines mean for businesses?
m lex A B E X T R A What does the revision of the OECD Privacy Guidelines mean for businesses? The Organization for Economic Cooperation and Development ( OECD ) has long recognized the importance of privacy
More informationICT/Internet and the Right to Privacy
ICT/Internet and the Right to Privacy Patrik Hiselius 1 Context of this Paper....... 202 2 Purpose of this Paper...... 203 3 Privacy...... 203 4 Understanding the Role and Position of ICT in Respecting
More informationPhotography and Videos at School Policy
Photography and Videos at School Policy Last updated: 25 May 2018 Contents: Statement of intent 1. Legal framework 2. Definitions 3. Roles and responsibilities 4. Parental consent 5. General procedures
More informationThe University of Sheffield Research Ethics Policy Note no. 14 RESEARCH INVOLVING SOCIAL MEDIA DATA 1. BACKGROUND
The University of Sheffield Research Ethics Policy te no. 14 RESEARCH INVOLVING SOCIAL MEDIA DATA 1. BACKGROUND Social media are communication tools that allow users to share information and communicate
More informationARTICLE 29 Data Protection Working Party
ARTICLE 29 Data Protection Working Party Brussels, 10 April 2017 Hans Graux Project editor of the draft Code of Conduct on privacy for mobile health applications By e-mail: hans.graux@timelex.eu Dear Mr
More informationInformation Privacy Awareness Seminar
Information Privacy Awareness Seminar Frank Dawson/Nokia, Director information privacy standards Ecole Polytech Nice Sophia Antipolis 2015-01-22 1 Nokia 2015 Information_Privacy_Awareness-Seminar-Ecole_Polytechnic_Nice_SA-20150122
More informationMelbourne IT Audit & Risk Management Committee Charter
Melbourne IT 1.) Introduction The Board of Directors of Melbourne IT Limited ( the Board ) has established an Audit & Risk Management Committee. The Audit & Risk Management Committee shall be guided by
More informationRunning Head: IDENTIFYING GENERATIONAL DIFFERENCES OF IDENTITY
Running Head: Identifying Generational Differences in the Formation of Identity in Online Communities and Networks Hannah Bluett Curtin University 1 Abstract This paper is to examine the generational differences
More informationAustralian Census 2016 and Privacy Impact Assessment (PIA)
http://www.privacy.org.au Secretary@privacy.org.au http://www.privacy.org.au/about/contacts.html 12 February 2016 Mr David Kalisch Australian Statistician Australian Bureau of Statistics Locked Bag 10,
More informationOnline identity. Introduction. Ilire Zajmi Rugova
Ilire Zajmi Rugova Abstract Social media have become an arena of rapid dissemination of information, global communication, self - promotion, freedom of expression, but also hot debates and powerful tool
More informationPrivacy-Preserving Learning Analytics
October 16-19, 2017 Sheraton Centre, Toronto, Canada Vassilios S. Verykios 3 Professor, School of Sciences and Technology A joint work with Evangelos Sakkopoulos 1, Elias C. Stavropoulos 2, Vasilios Zorkadis
More informationclarification to bring legal certainty to these issues have been voiced in various position papers and statements.
ESR Statement on the European Commission s proposal for a Regulation on the protection of individuals with regard to the processing of personal data on the free movement of such data (General Data Protection
More informationA Guide for Structuring and Implementing PIAs
WHITEPAPER A Guide for Structuring and Implementing PIAs Six steps for your next Privacy Impact Assessment TRUSTe Inc. US: 1-888-878-7830 www.truste.com EU: +44 (0) 203 078 6495 www.truste.eu 2 CONTENTS
More informationPerspectives on Privacy The Technological View
Perspectives on Privacy The Technological View Carlisle Adams School of Information Technology and Engineering University of Ottawa 1 Roadmap Thinking through the process Communication technology The light
More informationGDPR Implications for ediscovery from a legal and technical point of view
GDPR Implications for ediscovery from a legal and technical point of view Friday Paul Lavery, Partner, McCann FitzGerald Ireland Meribeth Banaschik, Partner, Ernst & Young Germany mccannfitzgerald.com
More informationICC POSITION ON LEGITIMATE INTERESTS
ICC POSITION ON LEGITIMATE INTERESTS POLICY STATEMENT Prepared by the ICC Commission on the Digital Economy Summary and highlights This statement outlines the International Chamber of Commerce s (ICC)
More informationDigital Identity Innovation Canada s Opportunity to Lead the World. Digital ID and Authentication Council of Canada Pre-Budget Submission
Digital Identity Innovation Canada s Opportunity to Lead the World Digital ID and Authentication Council of Canada Pre-Budget Submission August 4, 2017 Canadian governments, banks, telcos, healthcare providers
More informationThe Game Changer: Privacy by Design
WHITE PAPER Dr. Ann Cavoukian, Privacy by Design Centre of Excellence, on leading with privacy by design The Game Changer: Privacy by Design Data Security: Cost of Taking the Reactive Approach CONTENTS
More information8 Executive summary. Intelligent Software Agent Technologies: Turning a Privacy Threat into a Privacy Protector
8 Executive summary Intelligent Software Agent Technologies: Turning a Privacy Threat into a Privacy Protector The hectic demands of modern lifestyles, combined with the growing power of information technology,
More informationChange of Paradigm in Knowledge Management. Framework for the Collaborative Production and Exchange of Knowledge
Change of Paradigm in Knowledge Management Framework for the Collaborative Production and Exchange of Knowledge Rainer Kuhlen Information Science in the Department of Computer and Information Science University
More informationLegal Issues Related to Accountable-eHealth Systems in Australia
Edith Cowan University Research Online Australian ehealth Informatics and Security Conference Conferences, Symposia and Campus Events 2012 Legal Issues Related to Accountable-eHealth Systems in Australia
More informationGlobal Leadership in Law and Business for Non-U.S. Lawyers
Global Leadership in Law and Business for Non-U.S. Lawyers JULY 9 - JULY 21, 2018 / NEW YORK CITY In Assosiation With Global Leadership Program in Law and Business for Non-U.S. Lawyers Executive Producers
More informationIT Law, Internet & E-Business
Structuring and support in relation to IT projects / Sale and purchase of software and hardware / Cloud Computing / Open source software / Data protection / Outsourcing / Court and arbitration proceedings
More informationPrivacy Policy Framework
Privacy Policy Framework Privacy is fundamental to the University. It plays an important role in upholding human dignity and in sustaining a strong and vibrant society. Respecting privacy is an essential
More informationA Critical Analysis of Privacy Design Strategies Michael Colesky. Our Goals
1 Our Goals 1: Translate data protection legislation into architectural goals which system engineers can understand 2: Make these goals achievable to help them actually happen 2 State of the Art making
More information- A CONSOLIDATED PROPOSAL FOR TERMINOLOGY
ANONYMITY, UNLINKABILITY, UNDETECTABILITY, UNOBSERVABILITY, PSEUDONYMITY, AND IDENTITY MANAGEMENT - A CONSOLIDATED PROPOSAL FOR TERMINOLOGY Andreas Pfitzmann and Marit Hansen Version v0.31, Feb. 15, 2008
More informationCategory: Data/Information Keywords: Records Management, Digitization, Imaging, Image capture, Scanning and Indexing
IMT Standards IMT Standards Oversight Committee Government of Alberta Effective Date: 2013-03-01 Scheduled Review: 2016-05-19 Last Reviewed: 2015-05-19 Type: Technical Standard number A000013 Digitization
More informationThis policy sets out how Legacy Foresight and its Associates will seek to ensure compliance with the legislation.
Privacy Notice August 2018 Introduction The General Data Protection Regulation (GDPR) is European wide data protection legislation that requires organisations working with individuals based in the European
More informationThe new deal of data in the data-driven person centric-care
The new deal of data in the data-driven person centric-care Maritta Perälä-Heape, Professor of practice, University of Oulu, Faculty of Medicine, Center for health and technology, Oulu, Finland OuluHealth
More informationOPEN JUSTICE PREREQUISITES: ICT USE AND ACCEPTANCE
OPEN JUSTICE PREREQUISITES: ICT USE AND ACCEPTANCE IN THE GREEK JUSTICE SYSTEM By Athanasios DELIGIANNIS, OGP IRM for Greece (Openwise) / department of Informatics and Telematics, Harokopio University
More informationBiometric Data, Deidentification. E. Kindt Cost1206 Training school 2017
Biometric Data, Deidentification and the GDPR E. Kindt Cost1206 Training school 2017 Overview Introduction 1. Definition of biometric data 2. Biometric data as a new category of sensitive data 3. De-identification
More informationData Protection and Ethics in Healthcare
Data Protection and Ethics in Healthcare Harald Zwingelberg ULD June 14 th, 2017 at Brocher Foundation, Geneva Organized by: with input by: Overview Goal: Protection of people Specific legal setting for
More informationDecentralisation, i.e. Internet for Social Good
Decentralisation, i.e. Internet for Social Good Fabrizio Sestini DG CONNECT E3 (Next-Generation Internet) http://ec.europa.eu/digital-single-market/en/collectiveawareness * The personal views expressed
More informationTowards Trusted AI Impact on Language Technologies
Towards Trusted AI Impact on Language Technologies Nozha Boujemaa Director at DATAIA Institute Research Director at Inria Member of The BoD of BDVA nozha.boujemaa@inria.fr November 2018-1 Data & Algorithms
More informationDr Nicholas J. Gervassis University of Plymouth THE EMERGING UK DATA PROTECTION FRAMEWORK AND BEYOND
Dr Nicholas J. Gervassis University of Plymouth THE EMERGING UK DATA PROTECTION FRAMEWORK AND BEYOND PRIVACY DATA PROTECTION Organisation for Economic Cooperation and Development (OECD) Guidelines on the
More informationPrivacy Policy. Catalyst.Net Limited. Version 1.0
Privacy Policy Catalyst.Net Limited Version 1.0 November 2017 1 Scope 1.1. This Privacy Policy describes how Catalyst collects, uses, discloses, stores and gives access to Personal Information in accordance
More informationPrivacy Issues in Cross-Border Identity Management Systems: Pan-European Case
Privacy Issues in Cross-Border Identity Management Systems: Pan-European Case Svetlana Sapelova 1,* and Borka Jerman-Blažič 2 1 Jozef Stefan International Postgraduate School, Ljubljana Slovenia svetka@e5.ijs.si
More informationIntroduction. Data Source
Introduction The emergence of digital technologies including the Internet, smartphones, tablets and other digital devices has increased both the complexity of the core definition of this construct, the
More informationEuropean Charter for Access to Research Infrastructures - DRAFT
13 May 2014 European Charter for Access to Research Infrastructures PREAMBLE - DRAFT Research Infrastructures are at the heart of the knowledge triangle of research, education and innovation and therefore
More informationDiana Gordick, Ph.D. 150 E Ponce de Leon, Suite 350 Decatur, GA Health Insurance Portability and Accountability Act (HIPAA)
Diana Gordick, Ph.D. 150 E Ponce de Leon, Suite 350 Decatur, GA 30030 Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES I. COMMITMENT TO YOUR PRIVACY: DIANA GORDICK,
More informationView Terms and Conditions: Effective 12/5/2015 Effective 6/17/2017
View Terms and Conditions: Effective 12/5/2015 Effective 6/17/2017 Comerica Mobile Banking Terms and Conditions - Effective 12/5/2015 Thank you for using Comerica Mobile Banking combined with your device's
More informationProf. Geraint Ellis. School of Planning, rand Civil Engineering Queen s University,
Prof. Geraint Ellis School of Planning, rand Civil Engineering Queen s University, Belfast g.ellis@qub.ac.uk @gellis23 IEA Task 28 Energy as a socio-technical system Understanding social [community] acceptance;
More information