Showing total 1,057 results

1. Improved Protection of User Data Through the Use of a Traceable Anonymous One Time Password

Author

Kangwa, Mukuka, Lubobya, Charles S., Phiri, Jackson, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Samarati, Pierangela, editor, van Sinderen, Marten, editor, Vimercati, Sabrina De Capitani di, editor, and Wijnhoven, Fons, editor

Published

2023

2. Reinforcement Technique for Classifying Quasi and Non-quasi Attributes for Privacy Preservation and Data Protection

Author

Yaji, Sharath, Bayyapu, Neelima, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Prabhu, Srikanth, editor, Pokhrel, Shiva Raj, editor, and Li, Gang, editor

Published

2023

3. EU regulatory perspectives on digital legacy in view of the respect owed to the dead: a blessing for individuals and a curse for businesses?

Author

ȘCHIOPU, Dorin

Subjects

PERSONALLY identifiable information, DATA protection, BLESSING & cursing, ELECTRONIC paper, DEAD, INFORMATION processing

Abstract

Early this year the European Parliament, the Council and the Commission proclaimed that everyone should be able to determine their digital legacy, and decide what happens with their personal accounts and information that concerns them after their death, a declaration that paves the way for post mortem protection of personal data at the EU level. The paper discusses the digital legacy in view of the respect owed to the dead and assesses the challenges that may arise from consecrating a right to digital legacy for businesses that process personal data of deceased persons. The article argues that the effectiveness of the right to decide what happens with personal data after death is - at least from a civil law perspective - an expression of the respect due to the dead as to their memory. It also contends that a future regulation should cover the situation when the deceased persons did not determine what happens with their data. Furthermore, the paper highlights the importance of technical and organisational measures to be implemented by all businesses that sooner or later are going to process information that concerns the living after their death. [ABSTRACT FROM AUTHOR]

Published

2023

4. Introducing a Framework for Measuring the Quantitative Benefits of Privacy-Enhancing Technologies.

Subjects

PRIVACY, PAYMENT, PERSONALLY identifiable information, RIGHT of privacy, DATA analysis

Abstract

This paper reviews privacy-enhancing technologies (PETs) and explores their benefits when used to make traditional payment processes more private. PETs can decrease privacy risk by reducing the amount of sensitive information accessible to payment-processing personnel and systems. This paper proposes a framework for quantifying the risk-reduction benefits of PETs. This method can be used to calculate the amount of privacy-risk exposure that may be created by a set of payment activities, estimate the amount by which PETs can decrease that exposure, and compare that quantified benefit against possible PET drawbacks. Assessing these drawbacks is outside the scope of this paper. [ABSTRACT FROM AUTHOR]

Published

2024

5. Recent Amendments to the Australian Privacy Act.

Author

Paltiel M

Subjects

Humans, Australia, Confidentiality, Privacy, Personally Identifiable Information

Abstract

The recently passed Privacy Legislation Amendment (Enforcement and Other Measures) Act 2022 (Cth) introduced important changes to the Australian Privacy Act 1988 (Cth) which increase penalties for serious and repeated interferences with privacy and strengthen the investigative and enforcement powers of the Information Commissioner. The amendments were made subsequent to a number of high profile data breaches and represent the first set of changes to the Privacy Act following the review of the Act commenced by the Attorney-General in October 2020. The submissions made to the review emphasized the need for more effective enforcement mechanisms to increase individuals' control over their personal information and as a form of deterrence. This article reviews the recent amendments to the Privacy Act and explains their effect. It comments upon the relevance of the amendments for health and medical data and other data collected in the context of healthcare, and refers to the Attorney-General's Department's review of the Privacy Act regarding other proposals relating to enforcement which have not as yet been put into effect in legislation., (© 2023. The Author(s).)

Published

2023

6. YAPAY ZEKAYI İNSAN VE KAMUSAL YARAR İÇİN ÇALIŞTIRMAK: ABD VE AB POLİTİKA BELGELERİNİN ÖNERİLERİ.

Author

ETİKE, Şafak

Subjects

ARTIFICIAL intelligence, DEMOCRACY, POWER (Social sciences), DATA management, CIVIL rights, PERSONALLY identifiable information, COUNTRIES

Abstract

Copyright of MEMLEKET: Politics & Administration / Siyaset Yönetim is the property of Local Governments Research, Assistance & Education Association and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2023

7. Blurring the moral limits of data markets: biometrics, emotion and data dividends.

Author

Bakir, Vian, Laffer, Alexander, and McStay, Andrew

Subjects

PERSONAL information management, INFORMATION resources management, PERSONALLY identifiable information, BIOMETRIC identification, TECHNOLOGICAL innovations

Abstract

This paper considers what liberal philosopher Michael Sandel coins the 'moral limits of markets' in relation to the idea of paying people for data about their biometrics and emotions. With Sandel arguing that certain aspects of human life (such as our bodies and body parts) should be beyond monetisation and exchange, others argue that emerging technologies such as Personal Information Management Systems can enable a fairer, paid, data exchange between the individual and the organisation, even regarding highly personal data about our bodies and emotions. With the field of data ethics rarely addressing questions of payment, this paper explores normative questions about data dividends. It does so by conducting a UK-wide, demographically representative online survey to quantitatively assess adults' views on being paid for personal data about their biometrics and emotions via a Personal Information Management System, producing a data dividend, a premise which sees personal data through the prism of markets and property. The paper finds diverse attitudes based on socio-demographic characteristics, the type of personal data sold, and the type of organisation sold to. It argues that (a) Sandel's argument regarding the moral limits of markets has value in protecting fundamental freedoms of those in society who are arguably least able to (such as the poor); but (b) that contexts of use, in particular, blur moral limits regarding fundamental freedoms and markets. [ABSTRACT FROM AUTHOR]

Published

2024

8. Position paper on management of personal data in environment and health research in Europe.

Author

Eva, Govarts, Liese, Gilles, Stephanie, Bopp, Petr, Holub, Leslie, Matalonga, Roel, Vermeulen, Martine, Vrijheid, Sergi, Beltran, Mette, Hartlev, Sarah, Jones, Laura, Rodriguez Martin, Arnout, Standaert, Morris A., Swertz, Jan, Theunis, Xenia, Trier, Nina, Vogel, Koert, Van Espen, Sylvie, Remy, and Greet, Schoeters

Subjects

*DATA management, *RIGHT to be forgotten, *PERSONALLY identifiable information, *ELECTRONIC data processing, *GENERAL Data Protection Regulation, 2016, *DATA protection, *PUBLIC health research

Abstract

• New technical developments should facilitate that data are FAIR. • Implementation of common ontologies and data harmonization should enable data re-use. • Environment and Health (E&H) data should be part of the European Open Science Cloud. • Interconnect and synergize different research domains for optimal use of data. • An EU level E&H data research infrastructure is needed to support E&H research. Management of datasets that include health information and other sensitive personal information of European study participants has to be compliant with the General Data Protection Regulation (GDPR, Regulation (EU) 2016/679). Within scientific research, the widely subscribed'FAIR' data principles should apply, meaning that research data should be findable, accessible, interoperable and re-usable. Balancing the aim of open science driven FAIR data management with GDPR compliant personal data protection safeguards is now a common challenge for many research projects dealing with (sensitive) personal data. In December 2020 a workshop was held with representatives of several large EU research consortia and of the European Commission to reflect on how to apply the FAIR data principles for environment and health research (E&H). Several recent data intensive EU funded E&H research projects face this challenge and work intensively towards developing solutions to access, exchange, store, handle, share, process and use such sensitive personal data, with the aim to support European and transnational collaborations. As a result, several recommendations, opportunities and current limitations were formulated. New technical developments such as federated data management and analysis systems, machine learning together with advanced search software, harmonized ontologies and data quality standards should in principle facilitate the FAIRification of data. To address ethical, legal, political and financial obstacles to the wider re-use of data for research purposes, both specific expertise and underpinning infrastructure are needed. There is a need for the E&H research data to find their place in the European Open Science Cloud. Communities using health and population data, environmental data and other publicly available data have to interconnect and synergize. To maximize the use and re-use of environment and health data, a dedicated supporting European infrastructure effort, such as the EIRENE research infrastructure within the ESFRI roadmap 2021, is needed that would interact with existing infrastructures. [ABSTRACT FROM AUTHOR]

Published

2022

9. Semiotic landscape in a green capital: The political economy of sustainability and environment.

Author

Kosatica, Maida

Subjects

CLIMATE apocalypse, EQUALITY, SUSTAINABILITY, ENVIRONMENTAL quality, CITIES & towns, PERSONALLY identifiable information

Abstract

Copyright of Linguistic Landscape: An International Journal (LL) is the property of John Benjamins Publishing Co. and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

10. A systematic mapping study on automated analysis of privacy policies.

Author

Del Alamo, Jose M., Guaman, Danny S., García, Boni, and Diez, Ana

Subjects

POLICY analysis, DATA protection laws, DATA protection, INFORMATION policy, PERSONALLY identifiable information

Abstract

A privacy policy describes the operations an organization carries out on its users' personal data and how it applies data protection principles. The automated analysis of privacy policies is a multidisciplinary research topic producing a growing but scattered body of knowledge. We address this gap by conducting a systematic mapping study which provides an overview of the field, identifies research opportunities, and suggests future research lines. Our study analyzed 39 papers from the 1097 publications found on the topic, to find what information can be automatically extracted from policies presented as textual documents, what this information is applied to, and what analysis techniques are being used. We observe that the techniques found can identify individual pieces of information from the policies with good results. However, further advances are needed to put them in context and provide valuable insight to end-users, organizations dealing with data protection laws and data protection authorities. [ABSTRACT FROM AUTHOR]

Published

2022

11. A Survey of Privacy Metrics for Smart Homes.

Author

Etezady, Nooredin (Noory)

Subjects

SMART homes, LITERATURE reviews, PRIVACY, PERSONALLY identifiable information, INTERNET of things, CONSUMER education

Abstract

Internet of Things (IoT) has exponentially increased the collection of different types of consumer information through IoT sensors. IoT makes people’s life more convenient and at the same time poses new challenges to privacy and security protection. Most consumers do not completely realize the potential privacy and security risks related to IoT. To make the matters worse, there is no standard metric for IoT and specifically for smart homes. There have been several calls by researchers for identification and development of new metrics to measure the level of privacy harm and security protection. In this paper a comprehensive literature review was conducted on privacy metrics for smart homes. A total of 69 papers were identified. Three papers specifically addressed smart homes privacy and privacy metrics. The metrics developed by these papers have their shortcomings and need to be further verified and tested. [ABSTRACT FROM AUTHOR]

Published

2023

12. Ethical Implications of ChatGPT in Higher Education: A Scoping Review.

Author

Ming Li, Enkhtur, Ariunaa, Fei Cheng, and Yamamoto, Beverley Anne

Subjects

GENERATIVE artificial intelligence, CHATGPT, HIGHER education, INTEGRITY, PERSONALLY identifiable information, EDUCATION ethics, DATA protection

Abstract

This scoping review explores the ethical challenges of using ChatGPT in higher education. By reviewing recent academic articles in English, Chinese, and Japanese, we aimed to provide a deep dive review and identify gaps in the literature. Drawing on Arksey & O'Malley's (2005) scoping review framework, we defined search terms and identified relevant publications from four databases in the three target languages. The research results showed that the majority of the papers were discussion papers, but there was some early empirical work. The ethical issues highlighted in these works mainly concern academic integrity, assessment issues, and data protection. Given the rapid deployment of generative artificial intelligence, it is imperative for educators to conduct more empirical studies to develop sound ethical policies for its use. [ABSTRACT FROM AUTHOR]

Published

2024

13. A Profit Maximization Model for Data Consumers with Data Providers' Incentives in Personal Data Trading Market.

Author

Park, Hyojin, Oh, Hyeontaek, and Choi, Jun Kyun

Subjects

PROFIT maximization, PERSONALLY identifiable information, CONSUMERS, DATA modeling, HUMAN behavior models, QUALITY of service

Abstract

This paper proposes a profit maximization model for a data consumer when it buys personal data from data providers (by obtaining consent) through data brokers and provides their new services to data providers (i.e., service consumers). To observe the behavioral models of data providers, the data consumer, and service consumers, this paper proposes the willingness-to-sell model of personal data of data providers (which is affected by data providers' behavior related to explicit consent), the service quality model obtained by the collected personal data from the data consumer's perspective, and the willingness-to-pay model of service consumers regarding provided new services from the data consumer. Particularly, this paper jointly considers the behavior of data providers and service users under a limited budget. With parameters inspired by real-world surveys on data providers, this paper shows various numerical results to check the feasibility of the proposed models. [ABSTRACT FROM AUTHOR]

Published

2024

14. Analysis of security and privacy issues in wearables for minors.

Author

Fúster, Jaime, Solera-Cotanilla, Sonia, Pérez, Jaime, Vega-Barbas, Mario, Palacios, Rafael, Álvarez-Campana, Manuel, and Lopez, Gregorio

Subjects

INTERNET of things, PERSONALLY identifiable information, PRIVACY, MINORS, INTERNET security

Abstract

The increased use of wearables in recent years has fostered a great technological development in this area, although without the appropriate supervision usability may go first than security. In addition to this, the fact that wearables have been requiring more and more personal data from the user makes them attractive devices for an attacker. In this paper we propose a set of tests for evaluating the security and privacy of wearables and we apply them to analyse the security and privacy of a set of commercial wearables that are targeted at minors, who represent a group with especially high requirements in this regard. We define the testing scenario, expose the tools to support the research, and specify the testing process to be followed. Based on the obtained results, although the considered low-end devices are broadly speaking less secure than high-end ones, most of them present security and privacy flaws, which illustrates the necessity of regulation that ensures the fulfilment of appropriate security and privacy requirements. [ABSTRACT FROM AUTHOR]

Published

2024

15. Mapping social protection coverage for platform workers: A comparative analysis of Belgium, Italy and the Netherlands.

Author

De Becker, Eleni, Seo, Hyojin, Pulignano, Valeria, and Schoukens, Paul

Subjects

SOCIAL security, UNPAID labor, INCOME, INDUSTRIAL relations, COMPARATIVE studies, PERSONALLY identifiable information

Abstract

The aim of this paper is to examine if and how the reclassification of platform workers from self-employment status to employment status can provide them with adequate social security protection. Little is known about how this transition would guarantee platform workers adequate social protection within the social protection scheme for employees. National social security schemes, in particular income replacement benefit schemes, often (still) depart from the standard employment relationship, leading to lower protection for atypical work forms. Platform workers combine several of the characteristics of atypical forms of work, such as low earnings, irregular working patterns and working. Integrating platform workers into employee social security schemes faces additional challenges due to the online nature of their work, algorithmic management, high levels of unpaid labor, and employer identification difficulties. This paper focuses on unemployment protection, as EU Member States struggle to provide adequate protection for workers with irregular work patterns and income fluctuations, in the case of (short term) income replacement benefits. By constructing nine ideal work patterns reflective of diverse nature of platform work and current practices among platform work, we analyse how different types of 'employed' platform workers may fare within the legislation of three EU countries (Belgium, Italy, and the Netherlands). This approach allows us to assess the applicability of unemployment protection to different working patterns among 'employed' platform workers, considering formal, effective, and adequate access to unemployment schemes as outlined in the Council Recommendation on access to social protection for workers and the self-employed (2019). [ABSTRACT FROM AUTHOR]

Published

2024

16. Making markets from the data of everyday life.

Author

Chandrashekeran, Sangeetha and Keele, Svenja

Subjects

EVERYDAY life, CIVIL rights, PERSONALLY identifiable information, TRUST, DIGITAL technology, DISCOURSE analysis

Abstract

This paper shows how the capture and circulation of data about social lives are enabled through digitalisation and market logics and practices. Drawing on Australia's new Consumer Data Right, a state-led initiative that creates access rights to personal data, we distinguish between market promises and the translation of market models in actually existing markets and regulatory frameworks. 'Life's work' is brought to market through promises to fix the problems of essential service markets by harnessing data. We argue that the Consumer Data Right is underpinned by a more ambitious vision to create future markets that transcend individual sectors through aggregation across the economy. These visions are silent on how the data, which cannot be owned and therefore cannot be commoditised, is capitalised. We show the Consumer Data Right's discursive, administrative, regulatory and technical aspects through which the previously hard-to-penetrate spaces of the home and everyday life become enrolled in circuits of value, both present and future. This involves technical standard setting by state agencies for accreditation, consent and approval processes; discourses of trust and calculative devices to promote consumer control; and weak de-identification and deletion requirements that grant data an afterlife beyond the original agreed use. This paper calls for greater attention to the enabling role of the state in digital markets as a counterbalance to the focus on the state's regulatory and constraining role. We argue for a more staged approach to market-making analysis to show how the state lays the market foundations that can then be deepened through practices of intermediation and capitalisation by private firms. [ABSTRACT FROM AUTHOR]

Published

2024

17. The Geography of Quality of Government in Europe: Subnational variations in the 2024 European Quality of Government Index and Comparisons with Previous Rounds.

Author

Charron, Nicholas, Lapuente, Victor, and Bauhr, Monika

Subjects

SUBNATIONAL governments, CITIZENS, COVID-19 pandemic, GEOGRAPHY, POPULATION geography, CORRUPTION, PERSONALLY identifiable information

Abstract

The 2024 European Quality of Government Index (EQI) collects the opinions of 135,227 respondents in a total of 210 NUTS 1 and NUTS 2 regions in all EU 27 member state countries. This paper, first, presents the 2024 data and highlights some of the main results of this effort to understand citizens' perceptions, and personal experiences, of regional quality of government. Second, it compares the findings with the previous four rounds of the survey (starting in 2010), highlighting both the regions that are improving and those that show a declining trend in their quality of government. Third, the paper discusses the changes made to round 5 and other trends in the data over time, paying special attention to the comparison of EU citizens' perceptions and experiences of government before and after the Covid-19 pandemic. Compared to the improvements in corruption levels recorded in the 2021 study, we find that corruption levels have bounced back to more normal levels in post pandemic Europe [ABSTRACT FROM AUTHOR]

Published

2024

18. Policy papers published over the last two weeks.

Subjects

PERSONALLY identifiable information, EMPLOYMENT, SOCIAL security, EDUCATION policy

Abstract

The article offers insight to policy papers on education published in the United Kingdom. It mentions "DfE Appropriate Policy Document" which outlines where the processing of special categories of personal data, criminal offence data and sensitive personal data is required for performing or exercising obligations or right related to employment, social security or social protection.

Published

2022

19. Identifying trends in information security and privacy concern research.

Author

Weinberger, Maor and Bouhnik, Dan

Subjects

INFORMATION technology security, DATA privacy, TEXT mining, CONTENT analysis, PERSONALLY identifiable information, TWENTY-first century

Abstract

Text mining is a research method that can be used to detect research trends and developments in various fields. In this study, an automated textual analysis tool (Voyant Tools) is applied to a vast corpus of academic papers to identify research trends in the fields of information security and privacy concern, focusing on the differences between the first two decades of the twenty-first century. Furthermore, the conceptual proximity between the related terms 'information security' and 'privacy concern' is investigated by identifying textual trends. We discovered that, while the first decade of information security research was not entirely defined, the second decade focused on privacy-related issues. The focus of privacy concern research was on commerce and marketing in the first decade and on the social dimension in the second decade. This study supports the use of textual analysis of academic literature to identify research trends in various fields, including technological fields. [ABSTRACT FROM AUTHOR]

Published

2023

20. Regulating Artificial Intelligence under Data Protection Law: Challenges and Solutions for India.

Author

Naithani, Paarth

Subjects

PERSONALLY identifiable information, DATA protection laws, ARTIFICIAL intelligence, FIDUCIARY responsibility, REASONABLE care (Law), DESIGN protection

Abstract

As India moves toward enacting a comprehensive data protection legislation, it becomes essential to examine the possible application of India's proposed data protection law to the use of Artificial Intelligence (AI). The various challenges posed by AI to data protection principles and data principals' rights need to be examined. The need for data maximisation in the use of AI challenges the principle of collection limitation. The difficulty in anticipating the processing purposes of AI challenges the principle of purpose limitation. With a brief introduction to AI and data protection law in India, the paper examines the compatibility of various data protection provisions under India's Digital Personal Data Protection Act, 2023 with AI. The paper also provides recommendations for data protection regulation of AI. The paper proposes the need to hold data fiduciaries accountable using Data Protection Impact Assessments, Codes of Practice and Security Measures. Besides, there is a need to define the fiduciary duty of care between the data principal and data fiduciary. There is a need recognize data protection by design and default and the Right against automated decision making. Technical solutions need to be explored, but at the same time, AI must not be over-regulated. Lastly, there is a need for flexibly interpreting the provisions of the proposed data protection law. [ABSTRACT FROM AUTHOR]

Published

2023

21. CONFIDENTIALITY OF MEDICAL DATA AND ECHR PRACTICE.

Author

KONOMI, Rezana, GJIPALI, Dorina, and JANCE, Kristinka

Subjects

RIGHT of privacy, PERSONALLY identifiable information, DATA protection, CONSTITUTIONAL courts, MEDICAL coding

Abstract

Managing data in the medical sector requires a high level of sensitivity due to the potential risk of violating the fundamental rights and freedoms of data subjects. Medical data is particularly sensitive as it concerns an individual's most intimate sphere, revealing information about their physical and mental health. Regulation 2016/679 defines medical data as personal information related to the physical or mental health of a natural person, including the provision of healthcare services, which discloses information regarding their health status. This clear definition effectively bridges the gap that has existed in defining medical data. Moreover, the classification of medical data as about both physical and mental health is in line with the ruling of the European Court of Justice. The court emphasizes the utmost importance of safeguarding personal data, especially medical data, as a fundamental means of ensuring an individual's right to privacy, as guaranteed under Article 8 of the European Convention on Human Rights. Domestic legislation will ensure and implement necessary measures to prevent any violation, communication, or dissemination of personal medical data that may contravene the guarantees of Article 8 of the Convention. The Albanian Constitutional Court has acknowledged the core role of sensitive data in private and family life in one of its rulings, following international practices. This paper investigates the definition of sensitive data, its handling within national and international legal frameworks, and how jurisprudence approaches this concept. While it cannot comprehensively cover all aspects related to data protection in healthcare due to the dynamic nature of this topic, it provides a thorough analysis of the subject as it pertains to personal data collection. This paper serves as a starting point for broader debates and further studies. The authors present their perspectives objectively, without subjective evaluations. The methodology employed is analytical and descriptive, and illustrative, thought suitable for achieving the objectives of this article. [ABSTRACT FROM AUTHOR]

Published

2024

22. Determining Intrusion Attacks Against Online Applications Using Cloud-Based Data Security.

Author

M., Rekha and P., Shoba Rani

Subjects

DATA security, CLOUD computing, ONLINE social networks, PERSONALLY identifiable information, DATA privacy, TECHNOLOGICAL innovations

Abstract

Cloud technology makes it possible for users to access information from anywhere, all the time, on any device, and that is the major cause of the many different types of assaults. In principle, multiple dangers, including data leakage, information leakage, and unauthorized information accessibility, are active in cloud environment layering. Modern technological advancements are made accessible on a daily basis through cloud technology. In the cloud, access control and encryption solutions are more complicated. Because of this greater level, security flaws in online applications and systems are more likely to occur. Somewhere at the ends of the end nodes, a malignant insider can carry out protection assaults. Nevertheless, problems with user privacy and data protection on cloud-based social networking sites continue to exist. Such problems are not known to users. On that social networking site, they post a variety of images, videos, and private information that endures even after eradication. However, some of the data that has been made public was intended to be kept private; as a result, online social information has significantly increased the risk of personally identifiable information leaking. The context of cloud technology depends on the customer capabilities such as quick storing and retrieving offered through cloud computing environments. Dependable cloud providers use a number of methodologies to deliver various digital services, creating a variety of security risks. In this paper, the study of determining intrusive cyber-attacks over the online applications using the cloud data security. Restricting access to shared resources is essential to prevent hackers from stealing vulnerabilities in cloud computing to get unauthorised access to a user's activities as well as information. Gaining access to customer information and obstructing the use of cloud computing are the primary objectives of intrusions on cloud services. [ABSTRACT FROM AUTHOR]

Published

2024

23. Unpacking the privacy–personalisation paradox in GDPR-2018 regulated environments: consumer vulnerability and the curse of personalisation.

Author

Kawaf, Fatema, Montgomery, Annaleis, and Thuemmler, Marius

Subjects

CONSUMERS, RIGHT of privacy, PERSONALLY identifiable information, DIGITAL footprint, PARADOX

Abstract

Purpose: The paper addresses the privacy–personalisation paradox in the post-GDPR-2018 era. As the regulation came in a bid to regulate the collection and use of personal data, its implications remain underexplored. The research question is: How do consumers perceive the matter of personal data collection for the use of highly targeted and personalised ads post-GDPR-2018? The invasion of privacy vs the benefits of highly personalised digital marketing. Design/methodology/approach: To address the research question, this qualitative study conducts semi-structured interviews with 14 individuals, consisting of average users and digital experts. Findings: This paper reports on increasing consumer vulnerability post-GDPR-2018 due to increased awareness of personal data collection yet incessant lack of control, particularly regarding the repercussions of the digital footprint. The privacy paradox remains an issue except among experts, and personalisation remains necessary, yet critical challenges arise (e.g. filter bubbles and intrusion). Practical implications: Policy implications include education, regulating consent platforms and encouraging consensual sharing of personal data. Originality/value: While the privacy–personalisation paradox has been widely studied, the impact of GDPR-2018 has rarely been addressed in the literature. GDPR-2018 has seemingly had little impact on instilling a sense of security for consumers; if anything, this paper highlights greater concerns for privacy as users sign away their rights on consent forms to access websites, thus contributing novel insights to this area of research. [ABSTRACT FROM AUTHOR]

Published

2024

24. The Legal Situation of Operators of Essential Services and Digital Service Providers in the Provisions of the Act of 5 July 2018 on the National Cybersecurity System.

Author

Etel, Maciej

Subjects

INFORMATION networks, INTERNET security, SECURITY systems, COMPUTER network security, COMPETENT authority, PERSONALLY identifiable information, DATA security

Abstract

The Act of 5 July 2018 on the National Cybersecurity System and its accompanying executive regulations have introduced into Polish law the provisions of the Directive of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (UE) 2016/1148. The fundamental reason for these regulations was to establish a coherent system to ensure the cyber security of the Republic of Poland with accordance to standards adopted for European Union Member States. This paper presents the legal situation of operators of essential services and digital service providers that was created by the provisions of the ANCS. The ANCS not only identifies operators of essential services, digital service providers, and their assigned obligations, but also addresses the competent authorities' tasks of supervising, inspecting and imposing penalties within the cyber security system. The findings, assessments and conclusions presented here are based on the interpretation of the provisions of the ANCS and are supported by prominent claims of academic representatives. The analyses contained within this paper aim to show that despite the comprehensible and contemporary ratio legis -- which falls within the framework of pursuing the state of digital safety -- the provisions of the ANCS require adjustments that acknowledge the legal situation of operators of essential services and digital service providers. [ABSTRACT FROM AUTHOR]

Published

2024

25. AUTOMATED DECISION-MAKING AND ACCESS TO DATA.

Author

DACAR, Rok

Subjects

DECISION making, LEGAL instruments, ANTITRUST law, INTERNET marketing, EUROPEAN Union law, PERSONALLY identifiable information

Abstract

This paper explores the mechanisms by which companies can gain access to data necessary for automated decision-making in scenarios without direct contractual agreements, focusing on market-driven approaches. It introduces the concept of the essential facilities doctrine under EU competition law and examines its applicability to sets of data, alongside an examination of current ex-ante regulatory instruments which grant data access rights, such as the Type Approval Regulation, the Open Data Directive, the Electricity Directive, the Digital Markets Act, and the Data Act. These legal instruments are analysed in terms of their ability to facilitate access to data necessary for the automation of decision-making processes. In addition, the study looks at the challenges and opportunities presented by these legal instruments, including the nuances of applying the essential facilities doctrine to data. The article concludes that the most efficient way for a company to gain access to sets of data required for automated decision-making (in the absence of a contractual agreement) is to base its data access claim on an act of ex-ante regulation. If, however, such legal basis does not exist, a company could still base its data access claim on the essential facilities doctrine. The practical applicability of the doctrine to sets of data, however, remains unclear. [ABSTRACT FROM AUTHOR]

Published

2024

26. REGULATING DATA PROVISION CONTRACTS - FILLING THE GAPS OR OVERLAPPING THE EU RULES ON THE CONTRACTS FOR THE SUPPLY OF DIGITAL CONTENT?

Author

Šafranko, Zvonimir

Subjects

LEGAL instruments, CONTRACTS, PERSONALLY identifiable information, LEGISLATIVE bodies

Abstract

In 2022, UNCITRAL Working Group IV was mandated to develop the Rules on data provision contracts as an answer to the needs of rapidly growing data market. It was expressly noted then, that the Working Group IV should be mindful of similar legislative initiatives. In October of 2023, the working version of the Rules was distributed. Among the other provisions, the Rules define a data provision contract as a contract under which one party provides data to other party. Given definition shows a great resemblance with the contracts on the supply of digital content regulated by Directive (EU) 2019/770 of the European Parliament and of the Council of 20 May 2019 on certain aspects concerning contracts for the supply of digital content and digital services. This paper analyzes and compares some of the key provisions of the aforementioned legal instruments. Special focus is attached to the scopes of application of both instruments and exclusions from their application, legal nature and general characteristics of both data provision contracts and contracts for the supply of digital content, obligations of the contractual parties. The main objective is to establish clear boundaries regarding the objects and scopes of application of both legal instruments in order to determine their potential overlaps. Finally, the paper investigates the reach and the meaning of personal data provision as a sui generis reimbursement in the context of both instruments. [ABSTRACT FROM AUTHOR]

Published

2024

27. Policy papers published over the last two weeks.

Subjects

PERSONALLY identifiable information, SOCIAL security

Published

2022

28. Reimagining public policy formulation and analysis: a comprehensive theoretical framework for public policy.

Author

Manazir, Sharique Hassan

Subjects

GOVERNMENT policy, POLICY analysis, POLICY sciences, POLITICAL agenda, DATA protection, PERSONALLY identifiable information

Abstract

This research paper delves into the intricate domain of policy science, focusing on the policy-making process itself. Existing theoretical frameworks in policy science often overlook essential nuances, particularly the role of political willingness causing non-linearity in the policy-making process. Three fundamental questions drive the research at hand. First, the research delves into the adequacy of existing policy frameworks in effectively elucidating the complexities of policymaking in the context of large democracies, with a particular focus on India. Second, it investigates the significant role of political willingness in shaping the trajectory of policymaking, particularly within democratic systems. Lastly, the research aims to construct a comprehensive framework capable of accommodating and explaining the non-linear dynamics introduced by the influence of political willingness throughout the policy-making process. Through an analysis of India's Data Protection Regulation formulation process, this paper attempts to map the existing gap and way forward. As an outcome of the case study analysis, the proposed framework introduces political willingness as a central element extending the policy formulation cycle and showcases its influence on agenda setting, policy formulation, adoption, implementation, and evaluation. This research contributes to the field of policy science by providing a comprehensive framework that accounts for the complexities of policymaking, especially in the Indian context. By acknowledging the pivotal role of political willingness, this framework seeks to bridge the gap in existing theoretical models, offering a more holistic understanding of policy formulation and analysis. This research lays the foundation for a paradigm shift in the study of policy science, addressing the challenges posed by evolving governance mechanisms and the rising influence of political agendas in the modern world. [ABSTRACT FROM AUTHOR]

Published

2023

29. Supranational Security and National Security in Light of the EU Strategic Autonomy Doctrine: The EU-Member States Security Nexus Revisited.

Author

CASOLARI, Federico

Subjects

NATIONAL security, LEGAL instruments, SOVEREIGNTY, LEGAL reasoning, ECONOMIC sanctions, PERSONALLY identifiable information, HUMAN security

Abstract

Even though security issues are structural elements of the EU legal order since a while, it is undisputed that the reorientation of the EU's approach towards a more assertive stance in defending its values and interests has determined a relevant reshaping of the way in which the Union and its Member States interact in security matters - the EU-Member States security nexus. The present paper aims to identify both the reasons and the legal implications of this phenomenon, moving from a reconstruction of the doctrine elaborated by EU institutions to support this new approach, that is, the Strategic Autonomy Doctrine (SAD). Building on the assumption that the Union is now facing evolving threats, requiring a stronger capacity to protect the supranational interests and values, the paper argues that the reshaping of the EU-Member States security nexus has led to the creation of a buffer zone, where EU's and Member States' prerogatives for the protection of both (supra)national security and sovereignty are significantly blurred. This, in turn, produces significant consequencces for the EU constitutional framework, namely a hybridization of both the supranational competences and legal instruments concerned. [ABSTRACT FROM AUTHOR]

Published

2023

30. Reformă și garanții rutiere în Uniunea Europeană și utilizarea vehiculelor autonome.

Author

Stoica, Andrei-Alexandru

Subjects

AUTONOMOUS vehicles, COMPARATIVE method, EMPIRICAL research, INTERNATIONAL agencies, RESEARCH methodology, PERSONALLY identifiable information

Abstract

This paper aims to analyze the issues presented by autonomous vehicles on European roads and their regulation according to European legal acts, such as Regulation (EU) 2019/2144 regarding the general safety of vehicles. We will focus on the existing levels of autonomy for vehicles and the types of cars that can be used on both EU roads and in Romania. Additionally, we will compare the proposed and adopted measures within other states and international organizations. Moreover, the paper will address ethical concerns and accountability for the actions of, utilizing mixed research methodologies and employing the method of comparative and empirical research. [ABSTRACT FROM AUTHOR]

Published

2023

31. Practical model with strong interpretability and predictability: An explanatory model for individuals' destination prediction considering personal and crowd travel behavior.

Author

Zhao, Juanjuan, Ye, Jiexia, Xu, Minxian, and Xu, Chengzhong

Subjects

COLLECTIVE behavior, CHOICE of transportation, ROUTE choice, DISCRETE choice models, SMART cards, PUBLIC transit, PERSONALLY identifiable information

Abstract

Real‐time individuals' destination prediction is of great significance for real‐time user tracking, service recommendation and other related applications. Traditional technology mainly used statistical methods based on the travel patterns mined from personal history travel data. However, it is not clear how to predict the destinations of individuals with only limited personal historical data. In this paper, taking the public transportation metro systems as example, we design a practical method called practical model with strong interpretability and predictability to predict each passenger's destination. Our main novelties are two aspects: (1) We propose to predict individuals' destination by combining personal and crowd behavior under certain context. (2) An explanatory model combining discrete choice model and neural network model is proposed to predict individuals' stochastic trip's destination, which can be applied to other transportation analysis scenarios about individuals' choice behavior such as travel mode choice or route choice. We validate our method based on extensive experiments, using smart card data collected by automatic fare collection system and weather data in Shenzhen, China. The experimental results demonstrate that our approach can achieve better performance than other baselines in terms of prediction accuracy. [ABSTRACT FROM AUTHOR]

Published

2023

32. EU Regulation of the Crypto-Assets Market.

Author

Hrabčák, Ladislav and Štrkolec, Miroslav

Subjects

CRYPTOCURRENCIES, STATE regulation, PERSONALLY identifiable information, DIGITAL technology

Abstract

The present paper discusses the issue of regulation of the crypto-assets market. This area is still struggling with a lack of legislation, and there are only some initiatives to regulate the market. The aim of the article is to analyse the state of legal regulation of the crypto-assets market while simultaneously pointing out problematic issues with de lege ferenda proposals. For this purpose, we established two hypotheses: the crypto-assets market needs to be regulated by legal acts of a European nature (H1), and the adopted EU legal acts regulating the crypto-assets market are adequate and sufficient (H2). Several types of scientific papers, such as analysis, synthesis, and the historical method, were used in the preparation of this paper. [ABSTRACT FROM AUTHOR]

Published

2024

33. Dicing with data: the risks, benefits, tensions and tech of health data in the iToBoS project.

Author

Aspell, Niamh, Goldsteen, Abigail, and Renwick, Robin

Subjects

INFORMED consent (Medical law), OPEN scholarship, ARTIFICIAL intelligence, ELECTRONIC data processing, PERSONALLY identifiable information, CLINICAL trials, MACHINE learning

Abstract

This paper will discuss the European funded iToBoS project, tasked by the European Commission to develop an AI diagnostic platform for the early detection of skin melanoma. The paper will outline the project, provide an overview of the data being processed, describe the impact assessment processes, and explain the AI privacy risk mitigation methods being deployed. Following this, the paper will offer a brief discussion of some of the more complex aspects: (1) the relatively low population clinical trial study cohort, which poses risks associated with data distinguishability and the masking ability of the applied anonymisation tools, (2) the project's ability to obtain informed consent from the study cohort given the complexity of the technologies, (3) the project's commitment to an open research data strategy and the additional privacy risk mitigations required to protect the multi-modal study data, and (4) the ability of the project to adequately explain the outputs of the algorithmic components to a broad range of stakeholders. The paper will discuss how the complexities have caused tension which are reflective of wider tensions in the health domain. A project level solution includes collaboration with a melanoma patient network, as an avenue for fair and representative qualification of risks and benefits with the patient stakeholder group. However, it is unclear how scalable this process is given the relentless pursuit of innovation within the health domain, accentuated by the continued proliferation of artificial intelligence, open data strategies, and the integration of multi-modal data sets inclusive of genomics. [ABSTRACT FROM AUTHOR]

Published

2024

34. Investigation of perceived fear of COVID-19 and vaccine hesitancy in nursing students

Author

Semra Bulbuloglu, Akgün Yeşiltepe, and Sinan Aslan

Subjects

Pharmacology, COVID-19 Vaccines, Data collection, Coronavirus disease 2019 (COVID-19), SARS-CoV-2, Vaccination, education, Immunology, COVID-19, Conclusive evidence, Fear, Positive correlation, Cross-Sectional Studies, Nursing, Scale (social sciences), Humans, Immunology and Allergy, Students, Nursing, Vaccination Hesitancy, Psychology, Personally identifiable information, Research Paper

Abstract

This study aims to investigate the perceived fear of COVID-19 and vaccine hesitancy in nursing students. This study was conducted as a cross-sectional study with the participation of 1167 nursing students. Personal Information Form, Vaccine Hesitancy Scale and Fear of COVID-19 Scale were used for data collection. The reasons for the vaccine hesitancy of the students were listed as follows: 57.6% of them stated that it had side effects, 17.7% stated there was no conclusive evidence that the vaccine was effective, and 12.6% stated it was not reliable. A positive correlation was found between fear of COVID-19 and vaccine hesitancy.

Published

2021

35. An Extended Review Concerning the Relevance of Deep Learning and Privacy Techniques for Data-Driven Soft Sensors.

Author

Bocu, Razvan, Bocu, Dorin, and Iavich, Maksim

Subjects

DEEP learning, HUMAN activity recognition, SCIENTIFIC literature, DATA management, DETECTORS, PRIVACY, PERSONALLY identifiable information

Abstract

The continuously increasing number of mobile devices actively being used in the world amounted to approximately 6.8 billion by 2022. Consequently, this implies a substantial increase in the amount of personal data collected, transported, processed, and stored. The authors of this paper designed and implemented an integrated personal health data management system, which considers data-driven software and hardware sensors, comprehensive data privacy techniques, and machine-learning-based algorithmic models. It was determined that there are very few relevant and complete surveys concerning this specific problem. Therefore, the current scientific research was considered, and this paper comprehensively analyzes the importance of deep learning techniques that are applied to the overall management of data collected by data-driven soft sensors. This survey considers aspects that are related to demographics, health and body parameters, and human activity and behaviour pattern detection. Additionally, the relatively complex problem of designing and implementing data privacy mechanisms, while ensuring efficient data access, is also discussed, and the relevant metrics are presented. The paper concludes by presenting the most important open research questions and challenges. The paper provides a comprehensive and thorough scientific literature survey, which is useful for any researcher or practitioner in the scope of data-driven soft sensors and privacy techniques, in relation to the relevant machine-learning-based models. [ABSTRACT FROM AUTHOR]

Published

2023

36. Lessons learned from naturalistic driving data processing in a secure data enclave: Preliminary discoveries from analyzing dash camera videos.

Author

Mahmood, Kaiser, Pang, Jiajun, Shahriar Ahmed, Sheikh, Yu, Gongda, Sarwar, Md Tawfiq, Benedyk, Irina, and Ch. Anastasopoulos, Panagiotis

Subjects

*PERSONALLY identifiable information, *DISTRACTED driving, *VIDEO processing, *CAMCORDERS, *ELECTRONIC data processing

Abstract

• SHRP2 naturalistic driving study (NDS) data contains personally identifiable information (PII) and processing those data needs special attention. • Processing PII data can be challenging due to its potential for directly or indirectly identifying individuals. • Naturalistic driving studies are important to identify distracted driving and its impact. • Lessons learned from processing SHRP2 NDS data can help researchers intend to utilize similar data for future research. This paper provides preliminary insights on the challenges of processing Strategic Highway Research Program 2 (SHRP2) Naturalistic Driving Study (NDS) videos and data, particularly those with Personally Identifiable Information (PII). Insights and lessons learned are presented from a study designed to evaluate the effectiveness of High Visibility Crosswalks (HVCs). Over a one-month period, 15,379 videos were processed in the secure data enclave of Virginia Tech Transportation Institute (VTTI). As these videos are not available outside of the secure data enclave due to PII restrictions, researchers visiting the secure data enclave for the first time may face several challenges: navigating the software interface; identifying the video views and frames of interest; and identifying and extracting information of interest from the video views, etc. These challenges, the procedures followed to address them, and the process for identifying and classifying distracted driving behaviors are discussed. Lastly, hypothesis tests are conducted to investigate distracted driving behavior, with the results revealing that HVCs have the potential to make drivers more cautious in their proximity. The information presented in this paper is expected to aid researchers who intend to utilize SHRP2 NDS or similar videos for future research, to preemptively plan for the video processing phase. [ABSTRACT FROM AUTHOR]

Published

2024

37. Domain knowledge free cloud-IDS with lightweight embedding method.

Author

Kim, Yongsik, Park, Gunho, and Kim, Huy Kang

Subjects

NATURAL language processing, CLOUD computing security measures, ANOMALY detection (Computer security), PERSONALLY identifiable information, SAWLOGS

Abstract

The expansion of the cloud computing market has provided a breakthrough in efficiently storing and managing data for individuals and companies. As personal and corporate data move to the cloud, diverse attacks targeting the cloud have also increased for heist beneficial information. Therefore, cloud service providers offer protective environments through diverse security solutions. However, security solutions are limited in preventing advanced attacks because it is challenging to reflect the environment of each user. This paper proposes a Cloud Intrusion Detection System (C-IDS) that adapts to each user's cloud environment and performs real-time attack detection using Natural Language Processing (NLP). Notably, the C-IDS learns the deployed client environment logs and detects anomalies using the Seq2Seq model with BI-LSTM and Bahdanau attention. We used multiple domain datasets, Linux, Windows, Hadoop, OpenStack, Apache, OpenSSH, and CICIDS2018 to verify the performance of the C-IDS. C-IDS consists of a 'recognition' that identifies logs in the deployed environment and a 'detection' that discovers anomalies. The recognition results showed an average accuracy of 98.2% for multiple domain datasets. Moreover, the detection results based on the trained model exhibited an average accuracy of 94.2% for the Hadoop, OpenStack, Apache, and CICIDS2018 datasets. [ABSTRACT FROM AUTHOR]

Published

2024

38. Modelling user notification scenarios in privacy policies.

Author

Kuznetsov, Mikhail, Novikova, Evgenia, and Kotenko, Igor

Subjects

DATA privacy, DATA security failures, ELECTRONIC data processing, INFORMATION policy, CLOUD computing, PERSONALLY identifiable information

Abstract

The processing of personal data gives a rise to many privacy concerns, and one of them is to ensure the transparency of data processing to end users. Usually this information is communicated to them using privacy policies. In this paper, the problem of user notification in case of data breaches and policy changes is addressed, besides an ontology-based approach to model them is proposed. To specify the ontology concepts and properties, the requirements and recommendations for the legislative regulations as well as existing privacy policies are evaluated. A set of SPARQL queries to validate the correctness and completeness of the proposed ontology are developed. The proposed approach is applied to evaluate the privacy policies designed by cloud computing providers and IoT device manufacturers. The results of the analysis show that the transparency of user notification scenarios presented in the privacy policies is still very low, and the companies should reconsider the notification mechanisms and provide more detailed information in privacy policies. [ABSTRACT FROM AUTHOR]

Published

2024

39. Ethical, legal, and social implications in research biobanking: A checklist for navigating complexity.

Author

Tzortzatou‐Nanopoulou, Olga, Akyüz, Kaya, Goisauf, Melanie, Kozera, Łukasz, Mežinska, Signe, Th. Mayrhofer, Michaela, Slokenberga, Santa, Reichel, Jane, Croxton, Talishiea, Ziaka, Alexandra, and Makri, Marina

Subjects

*SOCIAL impact, *RESEARCH ethics, *PERSONALLY identifiable information, *RESEARCH personnel, *MEDICAL research

Abstract

Biobanks' activity is based not only on securing the technology of collecting and storing human biospecimen, but also on preparing formal documentation that will enable its safe use for scientific research. In that context, the issue of informed consent, the reporting of incidental findings and the use of Transfer Agreements remain a vast challenge. This paper aims to offer first–hand tangible solutions on those issues in the context of collaborative and transnational biobanking research. It presents a four‐step checklist aiming to facilitate researchers on their compliance with applicable legal and ethical guidelines, when designing their studies, when recruiting participants, when handling samples and data, and when communicating research results and incidental findings. Although the paper reflects the outcomes of the H2020 B3Africa project and examines the transfers from and to the EU as a case study, it presents a global checklist that can be used beyond the EU. [ABSTRACT FROM AUTHOR]

Published

2024

40. Neuromarketing and Eye-Tracking Technologies Under the European Framework: Towards the GDPR and Beyond.

Author

Sposini, L.

Subjects

ARTIFICIAL intelligence, BIOMETRIC identification, NEUROMARKETING, EYE tracking, PERSONALLY identifiable information

Abstract

The Regulation (EU) 2016/679 on the protection of natural persons regarding the processing of personal data (GDPR) is one of the key fundamental pieces of European legislation to protect human rights and freedoms. However, the development of AI systems that are capable of collecting and processing large amounts of data and predicting user habits and emotional states has affected traditional legal categories and tested their resilience. This paper assesses the limits of the current formulation of the GDPR which does not take expressly into account the category of inferred data as a special category of data. Furthermore, it questions whether the toolbox put in place by the GDPR is still effective in protecting data subjects from practices such as neuromarketing and eye-tracking systems. It shows that it is certainly the essential starting point, but that, on the other hand, cannot be spared criticism. For this, in the recent years, the European legislator has adopted further legislations including, in particular, the Digital Services Act (DSA) and the Artificial Intelligence Act (AIA). Although representing a step forward in protection against such technologies, they each have critical aspects that need to be considered. [ABSTRACT FROM AUTHOR]

Published

2024

41. Achieving High Accuracy in Android Malware Detection through Genetic Programming Symbolic Classifier.

Author

Anđelić, Nikola and Baressi Šegota, Sandi

Subjects

DATA privacy, PERSONALLY identifiable information, THEFT, VOTING, RESEARCH methodology

Abstract

The detection of Android malware is of paramount importance for safeguarding users' personal and financial data from theft and misuse. It plays a critical role in ensuring the security and privacy of sensitive information on mobile devices, thereby preventing unauthorized access and potential damage. Moreover, effective malware detection is essential for maintaining device performance and reliability by mitigating the risks posed by malicious software. This paper introduces a novel approach to Android malware detection, leveraging a publicly available dataset in conjunction with a Genetic Programming Symbolic Classifier (GPSC). The primary objective is to generate symbolic expressions (SEs) that can accurately identify malware with high precision. To address the challenge of imbalanced class distribution within the dataset, various oversampling techniques are employed. Optimal hyperparameter configurations for GPSC are determined through a random hyperparameter values search (RHVS) method developed in this research. The GPSC model is trained using a 10-fold cross-validation (10FCV) technique, producing a set of 10 SEs for each dataset variation. Subsequently, the most effective SEs are integrated into a threshold-based voting ensemble (TBVE) system, which is then evaluated on the original dataset. The proposed methodology achieves a maximum accuracy of 0.956, thereby demonstrating its effectiveness for Android malware detection. [ABSTRACT FROM AUTHOR]

Published

2024

42. MANAGEMENT OF PERSONAL DATA PROCESSING AND PROTECTION.

Author

COFAS, Elena

Subjects

DATA protection, ELECTRONIC data processing, DATA privacy, GENERAL Data Protection Regulation, 2016, LOCATION data, PERSONALLY identifiable information

Abstract

This article emphasizes the crucial significance of personal data and the potential dangers arising from its unauthorized processing, which can violate an individual's basic rights and freedoms. To address these worries, the European Union has implemented a comprehensive regulatory structure, widely recognized as the General Data Protection Regulation (GDPR). In the domain of data privacy and security, personal data is defined as encompassing any information with the capacity to identify an individual, whether it be anonymized, encrypted, or pseudonymized data. The regulatory purview of GDPR spans all modes of data processing, automated or manual, and remains indifferent to the storage medium or technology employed. Illustrative examples of personal data comprise an individual's name, identification number (like a CNP), location data (such as GPS coordinates), online identifiers (for instance, specific types of cookies), and a diverse array of attributes pertaining to an individual's physical, physiological, genetic, psychological, economic, cultural, or social identity. This classification also encompasses information such as IP addresses, email addresses, or residential addresses. It is of utmost importance to acknowledge that personal data, whether examined in isolation or in conjunction with other data elements, retains the potential to unveil the identity of an individual. This paper expands the scope of analysis to critically assess the multifaceted implications of GDPR within the contemporary landscape of data privacy and security, with a specific focus on its relevance within the realm of management practices. The examination encompasses an indepth exploration of the foundational principles of GDPR, its legal framework, and its global impact across businesses, individuals, and regulatory bodies. Additionally, the study delves into the complexities associated with GDPR compliance, illuminating the evolving dynamics of data protection within an increasingly digitized world. It emphasizes the essential role played by effective management strategies in addressing these challenges. [ABSTRACT FROM AUTHOR]

Published

2023

43. Undeclared activities on digital labour platforms: an exploratory study.

Author

Mațcu, Mara, Zaiț, Adriana, Ianole-Călin, Rodica, and Horodnic, Ioana Alexandra

Subjects

DIGITAL technology, INFORMAL sector, PERSONALLY identifiable information

Abstract

Purpose: This paper aims to explore the prevalence of undeclared activities conducted on digital labour platforms, and then to discuss what policies are likely to be more effective in order to prevent the growth of the informal activities on these platforms. Design/methodology/approach: To depict the profile of the digital worker conducting undeclared activities, the sectors where undeclared activities are more prevalent and the effectiveness of deterrent policies, data are reported from 2019 Special Eurobarometer survey covering the European Union member states and the UK. Findings: The finding is that 13% of undeclared activities are conducted on digital labour platforms. This practice is more common amongst men, those married or remarried, those living in small/middle towns, in sectors such as repairs/renovations, selling goods/services, assistance for dependant persons, gardening and help moving house. The higher the perceived sanction, the lower the likelihood of undertaking undeclared activities on digital labour platforms. Intriguing, a higher risk of detection is associated with a higher likelihood to use digital labour platform for undeclared activities. Practical implications: The attitudes toward risk can be interpreted closer to the gaming context, and not to the working environment, looking at platform workers as being involved in a state versus individual game. Policy makers should consider improving the correspondence of laws and regulations between countries and offering operational assistance for suppliers and consumers. Originality/value: This is the first paper to explore the prevalence of undeclared activities conducted on digital labour platforms and to outline the policy measures required to reduce this practice. [ABSTRACT FROM AUTHOR]

Published

2023

44. WOMEN'S RIGHTS IN THE DIGITAL AGE.

Author

Achim, Maria

Subjects

DIGITAL technology, WOMEN'S rights, GOVERNMENT policy, PERSONALLY identifiable information, HARASSMENT, WOMEN'S empowerment, GENDER inequality, VIOLENCE against women

Abstract

This paper explores the dynamics and complexities of women's rights in the rapidly evolving context of the digital age. As technology expands its influence across all spheres of life, it brings both significant opportunities and unique challenges for gender equality. The first section analyzes how digitalization has influenced women's access and participation in areas such as education, the workforce, and governance. The second part focuses on the negative aspects, including the rise of online violence against women, such as cyber harassment, shaming, and unauthorized exposure of personal data. It discusses how existing norms and practices in the digital space can perpetuate gender inequalities and highlights the need for legislative and policy approaches to protect and promote women's rights in this new environment. Finally, the paper proposes intervention strategies and public policy recommendations to ensure that the digital age becomes a vector of equality and empowerment for all women. [ABSTRACT FROM AUTHOR]

Published

2024

45. PRÁVNÍ REGULACE SOUVISEJÍCÍ S VÝROBKY V KONTEXTU CÍLŮ EVROPSKÉ UNIE V OBLASTI OCHRANY KLIMATU.

Author

FABŠÍKOVÁ, TEREZA

Subjects

CLIMATE change, ENVIRONMENTAL regulations, PERSONALLY identifiable information

Abstract

This paper examines how objectives of the European Union in the field of climate change affect the legal regulation of products and what impacts they also have on some connected issues. The current ecodesign legal regulation is based on the Ecodesign Directive and the particular requirements on products are then set in regulations following the Ecodesign Directive. The paper primarily focuses on the changes in ecodesign product regulation brought by the new Ecodesign for Sustainable Products Regulation proposal. The issue of the proposed legal regulation connected with environmental claims is also addressed in the text as it is an important complement to the sustainable products legal regulation. [ABSTRACT FROM AUTHOR]

Published

2024

46. Acceptance and use of digital payments by consumers: an empirical analysis in Italy.

Author

Spinelli, Giulia and Gastaldi, Luca

Subjects

ELECTRONIC funds transfers, CONSUMERS, MOBILE commerce, LOSS aversion, TAX incentives, TAX evasion, MONETARY incentives, PERSONALLY identifiable information, GREEN cards

Abstract

Framing of the research. Several governments have introduced policies to foster the usage of digital payments by consumers, with the goal of curbing tax evasion. Nevertheless, cash is still predominant. This raises questions about the factors that can promote the usage of digital payments by consumers. Purpose of the paper. This paper aims at investigating the factors affecting the adoption of digital payments by Italian consumers, extending the unified theory of acceptance and use of technology in a consumer context (UTAUT2) with three constructs that are relevant when analyzing this topic, namely the role of government incentives, the concerns related to privacy, and the degree of aversion towards tax evasion. Methodology. To empirically assess the proposed research model, we gathered data in Italy through a web-based survey and analyzed them using Partial Least Squares-Structural Equation Modeling. Results. Findings confirm the UTAUT2 model, except for price value, which is found to be insignificant. Government incentives and tax evasion aversion have a significant positive impact on the behavioral intention to adopt digital payments, whereas privacy concerns have a significant negative effect. Research limitations. The main limitation of this study concerns data gathering, as it was conducted using the Computer-Assisted Web Interviewing methodology, which targets consumers that are already familiar with digital instruments. Practical implications. The paper highlights the factors that both digital payment providers and public institutions may leverage to foster the adoption of digital payments by consumers. Originality of the paper. To the best of our knowledge, this study is unique as it examines the adoption of digital payments by Italian consumers, extending the framework to prepaid, credit, and debit cards, instead of considering mobile payments alone. [ABSTRACT FROM AUTHOR]

Published

2024

47. Ransomware Threats Targeting the Healthcare Sector.

Author

Siriwardana, Deemantha N.

Subjects

RANSOMWARE, HEALTH care industry, PERSONALLY identifiable information, RIGHT of privacy, INTERNET security

Abstract

Security is essentially a consideration in any computer system which holds sensitive or critical data. Ransomware attacks which are primarily based on encrypting critical data and demanding for a ransom to decrypt them, is one of the best approaches in harvesting money from critical industrial firms rather than damaging the information infrastructure. Even though general ransomware practices include encrypting critical data, sometimes it can come in a form of a threat to leaking of sensitive data to the public. Among the critical infrastructures in the healthcare industry, patient's Personally Identifiable Information (PII) and also the operational data related to mission critical systems are the top concerns. Leaking of PII can cause a huge damage to the privacy of the patients who obtain the healthcare service for that particular healthcare provider. On the other hand, any system delays, malfunctions of inaccessibility or unavailability of operational data related to mission critical systems can cause hindrances to the usual operations of the healthcare provider and eventually will case a life-threatening situation to the patients as well. Through this research review, a comprehensive understanding to the topics; what is ransomware, why ransomware target health industry, what is the damage caused, new ransomware attack trends, mitigative steps and future research scopes are presented to the audience. At the end of the paper, overall conclusion made by analyzing reported incidents is presented with recommendation to mitigate the effects of future ransomware threats, targeted on healthcare industry. [ABSTRACT FROM AUTHOR]

Published

2024

48. Governança e boas práticas na Lei Geral de Proteção de Dados por meio da conformidade, da gestão de riscos e da accountability.

Author

Ladeira Garbaccio, Grace and Kischelewski, Flávia Lubieska N.

Subjects

DATA privacy, DATA protection, GOAL (Psychology), FINANCIAL security, BEST practices, PERSONALLY identifiable information

Abstract

Copyright of Revista Brasileira de Estudos Politicos is the property of Universidade Federal de Minas Gerais (Revista Brasileira de Estudos Politicos) and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

49. Public sphere or private asset? The nature of digital commons in China.

Author

Ling, Hu

Subjects

PUBLIC sphere, COPYRIGHT infringement, COMMONS, PERSONALLY identifiable information, CYBERSPACE, BUSINESS models

Abstract

Since its introduction into China, the Internet is said to bring in a robust force of commons in cyberspace. Under the ideology of 'sharing' and 'free flow of information', the Internet is making good use of users' free labor and their personal data. The unique business model has become the foundation of digital commons in China. Furthermore, we could figure out the rise of the Internet in China has been following the similar 'illegal' model all the time, thus causing copyright infringement and other disputes accordingly. This paper traces the early ages of cyberspace in China, trying to figure out how the private-public mixed nature of the digital commons came into being and discusses relavant legal issues during the process, shedding a light on the unique relationship between mode of production tranformation and legal regime. [ABSTRACT FROM AUTHOR]

Published

2023

50. Unblurring the Fuzzy Line Between Specialty and Data Protection in EU Mutual Legal Assistance After the European Investigation Order.

Author

Vermeulen, Gert and Kusak, Martyna

Subjects

PERSONALLY identifiable information, LEGAL services, DATA protection laws, JUSTICE, BREXIT Referendum, 2016, INTERNATIONAL cooperation

Abstract

The purpose limitation principle takes a central place in data privacy law. The specialty principle plays a key role in international cooperation in criminal matters, including in the context of mutual legal assistance (MLA), which is aimed at the cross-border collection and use of information and evidence. Since the specialty principle also frames use limitations for information or evidence obtained through MLA and must therefore be considered a traditional MLA correlative of the purpose limitation principle in data privacy law, both concepts are clearly intertwined. However, since the entry into force of the European Investigation Order, and the EU Data Protection Directive 2016/680 for Police and Criminal Justice, it has become unclear how both principles interplay, and what that implies for the rights position of the data subject or person concerned. This paper unblurs the fuzzy line between specialty and data protection in the current EU MLA context. Based on historical and conceptual analysis, the paper unravels whether the new data protection provisions of the European Investigation Order and Directive 2,016,680 have speciality features and, if so, to which extent they effectively serve a specialty function. This paper does not only demonstrate that both principles do not fully equate with one another, but features an analysis of how they differ, both conceptually and functionally. It argues and concludes that only a fuller, generic specialty rule and data ownership principle have the potential to promote free movement of information and evidence, whilst equally enhancing the procedural rights position of persons concerned. [ABSTRACT FROM AUTHOR]

Published

2023