Suchergebnisse

This article presents the findings of a case study examining the role of the regulator in facilitating Privacy by Design ("PbD") solutions. With the introduction of PbD into the new European Union General Data Protection Regulation, it is important to understand the conditions under which PbD can succeed and the role which regulators can play (if at all) in promoting such success. Two initiatives with similar technology are examined: first, a PbD success, the introduction of facial recognition technology into existing cameras in casinos in Ontario, and second, a PbD failure, the expanded deployment of cameras within the public transit system of Toronto. The findings are organized into three overarching themes: PbD-focused findings, leadership and organizational findings, and regulator-focused findings. The article argues that privacy continues to persist as an engineering problem despite PbD, that (related to that) there is growing recognition of privacy as an issue of organizational change and leadership, and consequently, that the role of the regulator must evolve if PbD is to become a meaningful regulatory tool, an evolution that carries with it both risks and opportunities for privacy. ; Not peer reviewed

In calls for privacy by design (PBD), regulators and privacy scholars have investigated the richness of the concept of "privacy." In contrast, "design" in HCI is comprised of rich and complex concepts and practices, but has received much less attention in the PBD context. Conducting a literature review of HCI publications discussing privacy and design, this paper articulates a set of dimensions along which design relates to privacy, including: the purpose of design, which actors do design work in these settings, and the envisioned benefciaries of design work. We suggest new roles for HCI and design in PBD research and practice: utilizing values-and critically-oriented design approaches to foreground social values and help defne privacy problem spaces.We argue such approaches, in addition to current "design to solve privacy problems" eforts, are essential to the full realization of PBD, while noting the politics involved when choosing design to address privacy.

Digital identification systems, integrated with civil registration, can play a transformational role across many development areas, such as financial inclusion, expanding access to services and social safety nets, and effective humanitarian response. But while the opportunity is great, so are the risks. One set of risks results from collecting, using, and managing personal data, which creates serious privacy challenges. Risks also include: (1) Incorrect or inaccurate data collection, leading to mistaken identity or unjust treatment; (2) Data collected for one purpose being used for another purpose without the user's consent; and (3) Unauthorized or inappropriate transfer of data between government agencies, governments, and even with third non-governmental parties. The importance of data privacy in building digital ID systems is highlighted in the Principles on Identification developed by the World Bank in 2017. These principles have been signed onto by more than 20 international organizations and development partners as being fundamental to maximizing the benefits of identification systems for sustainable development.

Digital identification systems, integrated with civil registration, can play a transformational role across many development areas, such as financial inclusion, expanding access to services and social safety nets, and effective humanitarian response. But while the opportunity is great, so are the risks. One set of risks results from collecting, using, and managing personal data, which creates serious privacy challenges. Risks also include: (1) Incorrect or inaccurate data collection, leading to mistaken identity or unjust treatment; (2) Data collected for one purpose being used for another purpose without the user's consent; and (3) Unauthorized or inappropriate transfer of data between government agencies, governments, and even with third non-governmental parties. The importance of data privacy in building digital ID systems is highlighted in the Principles on Identification developed by the World Bank in 2017. These principles have been signed onto by more than 20 international organizations and development partners as being fundamental to maximizing the benefits of identification systems for sustainable development.

In a world where technology grows exponentially, more information is available to us every day. States and their governments have collected information on their citizens for a long time now. On the other hand, people give out more and more personal information voluntarily through social media. Information available on the Internet is easier to analyze with modern technologies and the original source of information is also easier to track down. Information is available to all of us and that information can be used to investigate personal data, defeat competitors in a corporate world, solve crimes or even win wars. This study analyses open source intelligence (OSINT) and big data analytics (BDA) with the emphasis on cyber reconnaissance and how personal security is part of that entity. The main question is how privacy manifests itself as part of OSINT and BDA. At the same time the study analyses how law enforcement authorities can act so that their reconnaissance actions would be publicly approved. The study uses case study methodology by gathering a comprehensive list of sources for the theory section. The theoretical framework consists of Privacy by Design approach and privacy questions with regard to surveillance, and the General Data Protection Regulation (GDPR) and the Directive 2016/680 'on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data' act as a legal framework. The empirical case dealing with maritime surveillance, explores OSINT and BDA privacy challenges in the MARISA project. The overall target of the paper is to accelerate the discussion on the serious problem of privacy breach that may lead to restrictions of individual liberty and erosion of our society's foundations of trust. ; peerReviewed

International audience ; Pushed by recent legislation and smart disclosure initiatives, Personal Information Management Systems (PIMS) emerge and hold the promise of giving the control back to the individual on her data. However, this shift leaves the privacy and security issues in user's hands, a role that few people can properly endorse. Indeed, existing sharing models are difficult to administrate and securing their implementation in user's computing environment is an unresolved challenge. This paper advocates the definition of a Privacy-by-Design sharing paradigm, called SWYSWYK (Share What You See with Who You Know), dedicated to the PIMS context. This paradigm allows each user to physically visualize the net effects of sharing rules on her PIMS and automatically provides tangible guarantees about the enforcement of the defined sharing policies. Finally, we demonstrate the practicality of the approach through a performance evaluation conducted on a real PIMS platform.

International audience ; Pushed by recent legislation and smart disclosure initiatives, Personal Information Management Systems (PIMS) emerge and hold the promise of giving the control back to the individual on her data. However, this shift leaves the privacy and security issues in user's hands, a role that few people can properly endorse. Indeed, existing sharing models are difficult to administrate and securing their implementation in user's computing environment is an unresolved challenge. This paper advocates the definition of a Privacy-by-Design sharing paradigm, called SWYSWYK (Share What You See with Who You Know), dedicated to the PIMS context. This paradigm allows each user to physically visualize the net effects of sharing rules on her PIMS and automatically provides tangible guarantees about the enforcement of the defined sharing policies. Finally, we demonstrate the practicality of the approach through a performance evaluation conducted on a real PIMS platform.

International audience ; Pushed by recent legislation and smart disclosure initiatives, Personal Information Management Systems (PIMS) emerge and hold the promise of giving the control back to the individual on her data. However, this shift leaves the privacy and security issues in user's hands, a role that few people can properly endorse. Indeed, existing sharing models are difficult to administrate and securing their implementation in user's computing environment is an unresolved challenge. This paper advocates the definition of a Privacy-by-Design sharing paradigm, called SWYSWYK (Share What You See with Who You Know), dedicated to the PIMS context. This paradigm allows each user to physically visualize the net effects of sharing rules on her PIMS and automatically provides tangible guarantees about the enforcement of the defined sharing policies. Finally, we demonstrate the practicality of the approach through a performance evaluation conducted on a real PIMS platform.

Media and communication scholars studying young people's privacy often involve them in research in order to better understand their interactions with digital technologies. Yet there is a lack of research on how, when, and why it makes sense to involve young people in the design phase of new technologies and how data protection safeguards can be taken proactively by design. By engaging with the body of literature at the intersection of media and communication studies, participatory design, and child–computer interaction research, this article discusses how youth-centred design efforts risk falling into three traps of privacy by design, relating to: 1) the different degrees of decision power within and between child-centred design guidelines and participatory design with young people; 2) the involvement of young people in design as citizens versus consumers; and 3) the conditions under which their participation in design is empowerment rather than mere decoration. The contribution of this article is a critical, sociotechnical reflection on the challenges and opportunities of involving young people in privacy by design decision-making. The article concludes by outlining an agenda for participatory design within an encompassing empowerment and digital citizenship framework that invites young people to reflect on who they want to be in a data-driven society.