932 resultados para data privacy
Resumo:
This paper examines the challenges facing the EU regarding data retention, particularly in the aftermath of the judgment Digital Rights Ireland by the Court of Justice of the European Union (CJEU) of April 2014, which found the Data Retention Directive 2002/58 to be invalid. It first offers a brief historical account of the Data Retention Directive and then moves to a detailed assessment of what the judgment means for determining the lawfulness of data retention from the perspective of the EU Charter of Fundamental Rights: what is wrong with the Data Retention Directive and how would it need to be changed to comply with the right to respect for privacy? The paper also looks at the responses to the judgment from the European institutions and elsewhere, and presents a set of policy suggestions to the European institutions on the way forward. It is argued here that one of the main issues underlying the Digital Rights Ireland judgment has been the role of fundamental rights in the EU legal order, and in particular the extent to which the retention of metadata for law enforcement purposes is consistent with EU citizens’ right to respect for privacy and to data protection. The paper offers three main recommendations to EU policy-makers: first, to give priority to a full and independent evaluation of the value of the data retention directive; second, to assess the judgment’s implications for other large EU information systems and proposals that provide for the mass collection of metadata from innocent persons, in the EU; and third, to adopt without delay the proposal for Directive COM(2012)10 dealing with data protection in the fields of police and judicial cooperation in criminal matters.
Resumo:
In its recent Schrems judgment the Luxembourg Court annulled Commission Decision 2000/520 according to which US data protection rules are sufficient to satisfy EU privacy rules regarding EU-US transfers of personal data, otherwise known as the ‘Safe Harbour’ framework. What does this judgment mean and what are its main implications for EU-US data transfers? In this paper the authors find that this landmark judgment sends a strong message to EU and US policy-makers about the need to ensure clear rules governing data transfers, so that people whose personal data is transferred to third countries have sufficient legal guarantees. Without such rules there is legal uncertainty and mistrust. Any future arrangement for the transatlantic transfer of data will therefore need to be firmly anchored in a framework of protection commensurate to the EU Charter of Fundamental Rights and the EU data protection architecture.
Resumo:
We present the results of a study that collected, compared and analyzed the terms and conditions of a number of cloud services vis-a-vis privacy and data protection. First, we assembled a list of factors that comprehensively capture cloud companies' treatment of user data with regard to privacy and data protection; then, we assessed how various cloud services of different types protect their users in the collection, retention, and use of their data, as well as in the disclosure to law enforcement authorities. This commentary provides comparative and aggregate analysis of the results.
Resumo:
This briefing is an input to the discussions that will take place in the session “Privacy under mass surveillance: a multi-stakeholder international challenge” to be held on November 9th in João Pessoa, Brazil, during the “Day Zero” of the Internet Governance Forum. This document is one of the outputs of the first phase of the project “Privacy in the digital age: fostering the implementation of the bilateral German-Brazilian strategy in response to massive data collection”, jointly developed by the Center for Technology and Society of the Rio de Janeiro Law School of the Getulio Vargas Foundation and the German Institute for International and Security Affairs (SWP), with the support of FGV. The project Privacy in the Digital Age seeks to identify legal, political, technical, and economic incentives for the implementation of resolution 168/67 on Privacy in the Digital Age, proposed by Germany and Brazil, and approved by the United Nations General Assembly and to identify other potential areas of collaboration between Germany and Brazil in the field of Internet Governance.
Resumo:
Cover title.
Resumo:
Cover title.
Resumo:
Cover title.
Resumo:
Mode of access: Internet.
Resumo:
Many organizations now emphasize the use of technology that can help them get closer to consumers and build ongoing relationships with them. The ability to compile consumer data profiles has been made even easier with Internet technology. However, it is often assumed that consumers like to believe they can trust a company with their personal details. Lack of trust may cause consumers to have privacy concerns. Addressing such privacy concerns may therefore be crucial to creating stable and ultimately profitable customer relationships. Three specific privacy concerns that have been frequently identified as being of importance to consumers include unauthorized secondary use of data, invasion of privacy, and errors. Results of a survey study indicate that both errors and invasion of privacy have a significant inverse relationship with online purchase behavior. Unauthorized use of secondary data appears to have little impact. Managerial implications include the careful selection of communication channels for maximum impact, the maintenance of discrete “permission-based” contact with consumers, and accurate recording and handling of data.
Resumo:
Context information is used by pervasive networking and context-aware programs to adapt intelligently to different environments and user tasks. As the context information is potentially sensitive, it is often necessary to provide privacy protection mechanisms for users. These mechanisms are intended to prevent breaches of user privacy through unauthorised context disclosure. To be effective, such mechanisms should not only support user specified context disclosure rules, but also the disclosure of context at different granularities. In this paper we describe a new obfuscation mechanism that can adjust the granularity of different types of context information to meet disclosure requirements stated by the owner of the context information. These requirements are specified using a preference model we developed previously and have since extended to provide granularity control. The obfuscation process is supported by our novel use of ontological descriptions that capture the granularity relationship between instances of an object type.
Resumo:
Purpose - This paper aims to demonstrate the need for an improved understanding of the opportunities offered by privacy online. This is contextualized in the case of supermarket purchases of food in particular, often described as an intimate and personal choice. In the case of grocery shopping, the "intimacy" may be at the household level between members or/and between e-grocers' food offerings, and their other "non-food" related services Design/methodology/approach - This paper draws upon social practice theory research, retailing and consumer behaviour in order to develop a conceptual framework for understanding the value of positive privacy. The research uses 39 in-depth interviews of e-grocery shoppers in the area of Portsmouth (UK). Findings - This paper suggests a framework for embedded elements of positive privacy into retailing strategy as a driver for growth in the e-grocery sector. Three meta-themes requiring different approaches to privacy are uncovered. Positive privacy is dynamic and contextual at the consumer/household levels as well as for product/e-grocery brands. Research limitations/implications - This paper advocates the building of long-term sustainable relationship through sharing, offering, and exchange of information rather than pure technological chasing of data. Originality/value - A consumer centred bottom-up approach is employed demonstrating the value of two-way dialogues with consumers on sensitive issues. E-grocery is used as an illustration that involves regular re-purchase of a basket of staple goods over a long period of time where privacy becomes a latent long-term concern. © Emerald Group Publishing Limited.
Resumo:
This thesis addresses the problem of information hiding in low dimensional digital data focussing on issues of privacy and security in Electronic Patient Health Records (EPHRs). The thesis proposes a new security protocol based on data hiding techniques for EPHRs. This thesis contends that embedding of sensitive patient information inside the EPHR is the most appropriate solution currently available to resolve the issues of security in EPHRs. Watermarking techniques are applied to one-dimensional time series data such as the electroencephalogram (EEG) to show that they add a level of confidence (in terms of privacy and security) in an individual’s diverse bio-profile (the digital fingerprint of an individual’s medical history), ensure belief that the data being analysed does indeed belong to the correct person, and also that it is not being accessed by unauthorised personnel. Embedding information inside single channel biomedical time series data is more difficult than the standard application for images due to the reduced redundancy. A data hiding approach which has an in built capability to protect against illegal data snooping is developed. The capability of this secure method is enhanced by embedding not just a single message but multiple messages into an example one-dimensional EEG signal. Embedding multiple messages of similar characteristics, for example identities of clinicians accessing the medical record helps in creating a log of access while embedding multiple messages of dissimilar characteristics into an EPHR enhances confidence in the use of the EPHR. The novel method of embedding multiple messages of both similar and dissimilar characteristics into a single channel EEG demonstrated in this thesis shows how this embedding of data boosts the implementation and use of the EPHR securely.
