Digital Repository of Information and Knowledge - Fund “BellKnow”

The aim was to develop an archive containing detailed description of church bells. As an object of cultural heritage the bell has general properties such as geometric dimensions, weight, sound of each of the bells, the pitch of the tone as well as acoustical diagrams obtained using contemporary equipment. The audio, photo and video archive is developed by using advanced technologies for analysis, reservation and data protection.

A számítási felhő az Európai Unió egén (Cloud computing on the sky of European Union)

Napjaink informatikai világának talán legkeresettebb hívó szava a cloud computing, vagy magyar fordításban, a számítási felhő. A fordítás forrása az EU-s (Digitális Menetrend magyar változata, 2010) A számítási felhő üzleti modelljének részletes leírását adja (Bőgel, 2009). Bőgel György ismerteti az új, közműszerű informatikai szolgáltatás kialakulását és gazdasági előnyeit, nagy jövőt jósolva a számítási felhőnek az üzleti modellek versenyében. A szerző – a számítási felhő üzleti előnyei mellett – nagyobb hangsúlyt fektet dolgozatában a gyors elterjedést gátló tényezőkre, és arra, hogy mit jelentenek az előnyök és a hátrányok egy üzleti, informatikai vagy megfelelőségi vezető számára. Nem csökkentve a cloud modell gazdasági jelentőségét, fontosnak tartja, hogy a problémákról és a kockázatokról is szóljon. Kiemeli, hogy a kockázatokban – különösen a biztonsági és adatvédelmi kockázatokban – lényeges különbségek vannak az Európai Gazdasági Térség és a világ többi része, pl. az Amerikai Egyesült Államok között. A cikkben rámutat ezekre a különbségekre, és az olvasó magyarázatot kap arra is, hogy miért várható a számítási felhő lassabb terjedése Európában, mint a világ más részein. Bemutatja az EU erőfeszítéseit is a számítási felhő európai terjedésének elősegítésére, tekintettel a modell versenyképességet növelő hatására. / === / One of the most popular concept of the recent web searches is cloud computing. Several authors present detailed description of the new service model and it's business benefits and cite the optimistic prognoses of the cloud experts regarding the competition of information system service models. The author analyses the operational benefits of the cloud application and give a detailed description of the inhibitors of the fast expansion of the service modell. He also analyses the pros and cons of the cloud for a business manager, an information and a compliance officer. When understanding the advantages of the cloud, it is equally important to review the problems and risks associated with the model. The paper gives a list of the expected cloud-specific risks. It also explains the differences in security and data protection approach between the European Economic Area and the rest of the world, including the USA. The explains why slower expansion of the cloud modell is expected in Europe than in the rest of the world. The efforts of the EU Committee in helping to spread the cloud model is also presented, as the EU's officers consider the model as an important element of competitiveness.

Personal learning artefacts: persistence, ownership and privacy

Traditional classrooms have been often regarded as closed spaces within which experimentation, discussion and exploration of ideas occur. Professors have been used to being able to express ideas frankly, and occasionally rashly while discussions are ephemeral and conventional student work is submitted, graded and often shredded. However, digital tools have transformed the nature of privacy. As we move towards the creation of life-long archives of our personal learning, we collect material created in various 'classrooms'. Some of these are public, and open, but others were created within 'circles of trust' with expectations of privacy and anonymity by learners. Taking the Creative Commons license as a starting point, this paper looks at what rights and expectations of privacy exist in learning environments? What methods might we use to define a 'privacy license' for learning? How should the privacy rights of learners be balanced with the need to encourage open learning and with the creation of eportfolios as evidence of learning? How might we define different learning spaces and the privacy rights associated with them? Which class activities are 'private' and closed to the class, which are open and what lies between? A limited set of set of metrics or zones is proposed, along the axes of private-public, anonymous-attributable and non-commercial-commercial to define learning spaces and the digital footprints created within them. The application of these not only to the artefacts which reflect learning, but to the learning spaces, and indeed to digital media more broadly are explored. The possibility that these might inform not only teaching practice but also grading rubrics in disciplines where public engagement is required will also be explored, along with the need for consideration by educational institutions of the data rights of students.

Companies need clear internet use policy

Opinion & Analysis: Companies need clear internet use policy

LocLess: Do You Really Care Where Your Cloud Files Are?

Physical location of data in cloud storage is a problem that gains a lot of attention not only from the actual cloud providers but also from the end users' who lately raise many concerns regarding the privacy of their data. It is a common practice that cloud service providers create replicate users' data across multiple physical locations. However, moving data in different countries means that basically the access rights are transferred based on the local laws of the corresponding country. In other words, when a cloud service provider stores users' data in a different country then the transferred data is subject to the data protection laws of the country where the servers are located. In this paper, we propose LocLess, a protocol which is based on a symmetric searchable encryption scheme for protecting users' data from unauthorized access even if the data is transferred to different locations. The idea behind LocLess is that "Once data is placed on the cloud in an unencrypted form or encrypted with a key that is known to the cloud service provider, data privacy becomes an illusion". Hence, the proposed solution is solely based on encrypting data with a key that is only known to the data owner.

Making personalised nutrition the easy choice: Creating policies to break down the barriers and reap the benefits

Personalised diets based on people’s existing food choices, and/or phenotypic, and/or genetic information hold potential to improve public dietary-related health. The aim of this analysis, therefore, has been to examine the degree to which factors which determine uptake of personalised nutrition vary between EU countries to better target policies to encourage uptake, and optimise the health benefits of personalised nutrition technology. A questionnaire developed from previous qualitative research was used to survey nationally representative samples from 9 EU countries (N = 9381). Perceived barriers to the uptake of personalised nutrition comprised three factors (data protection; the eating context; and, societal acceptance). Trust in sources of information comprised four factors (commerce and media; practitioners; government; family and, friends). Benefits comprised a single factor. Analysis of Variance (ANOVA) was employed to compare differences in responses between the United Kingdom; Ireland; Portugal; Poland; Norway; the Netherlands; Germany; and, Spain. The results indicated that respondents in Greece, Poland, Ireland, Portugal and Spain, rated the benefits of personalised nutrition highest, suggesting a particular readiness in these countries to adopt personalised nutrition interventions. Greek participants were more likely to perceive the social context of eating as a barrier to adoption of personalised nutrition, implying a need for support in negotiating social situations while on a prescribed diet. Those in Spain, Germany, Portugal and Poland scored highest on perceived barriers related to data protection. Government was more trusted than commerce to deliver and provide information on personalised nutrition overall. This was particularly the case in Ireland, Portugal and Greece, indicating an imperative to build trust, particularly in the ability of commercial service providers to deliver personalised dietary regimes effectively in these countries. These findings, obtained from a nationally representative sample of EU citizens, imply that a parallel, integrated, public-private delivery system would capture the needs of most potential consumers.

The Social Engineering framework para el aseguramiento de PYME

El trabajo plantea un aporte al framework de ingeniería social (The Social Engineering Framework) para la evaluación del riesgo y mitigación de distintos vectores de ataque, por medio del análisis de árboles de ataque -- Adicionalmente se muestra una recopilación de estadísticas de ataques realizados a compañías de diferentes industrias relacionadas con la seguridad informática, enfocado en los ataques de ingeniería social y las consecuencias a las que se enfrentan las organizaciones -- Se acompañan las estadísticas con la descripción de ejemplos reales y sus consecuencias

El derecho al olvido en internet. El fenómeno de los motores de búsqueda

El presente trabajo tiene por objeto el análisis de la figura delderecho al olvido en Internet. Esta figura será analizada, desdesus orígenes, como meras solicitudes de tutelas de derechospresentadas ante las agencias de protección de datos de los paíseseuropeos, hasta su aplicación actual, configurado tal derecho comoun derecho cuasi-fundamental, enmarcado dentro de la esferadel derecho fundamental a la protección de datos. También, seráobjeto de análisis la labor desarrollada por la Agencia Españolade Protección de Datos, que fue la primera Agencia Europea quedecidió condenar a los motores de búsqueda por el mal tratamientode datos producido en su funcionamiento. Fruto de su labor,estos casos llegaron a la Audiencia Nacional, la cual realizó unabrillantísima, desde un punto de vista técnico, cuestión prejudicial,acerca de la actitud de los motores de búsqueda en relación conel establecimiento del derecho al olvido.

Empresa privada y participación digital: modelo de negocio y derecho de petición en Change.org

Esta investigación pretende aproximarse al papel de Change.org como plataforma de petición electrónica en España, donde no existen alternativas administradas por los poderes públicos. Mediante un análisis de contenido cualitativo y una entrevista semi-estructurada, investigamos el modelo de negocio de la página, con el objetivo de conocer su política de protección de datos, su sistema de verificación de los usuarios y, de forma más general, el marco legislativo en el que opera. Los resultados obtenidos muestran al proyecto alejado del derecho de petición español, con un sistema de testeo laxo y que basa sus beneficios en el coste por adquisición.

Les enjeux juridiques concernant les nouveaux modèles d’affaires basés sur la commercialisation des données

Cet essai est présenté en tant que mémoire de maîtrise dans le cadre du programme de droit des technologies de l’information. Ce mémoire traite de différents modèles d’affaires qui ont pour caractéristique commune de commercialiser les données dans le contexte des technologies de l’information. Les pratiques commerciales observées sont peu connues et l’un des objectifs est d’informer le lecteur quant au fonctionnement de ces pratiques. Dans le but de bien situer les enjeux, cet essai discutera d’abord des concepts théoriques de vie privée et de protection des renseignements personnels. Une fois ce survol tracé, les pratiques de « data brokerage », de « cloud computing » et des solutions « analytics » seront décortiquées. Au cours de cette description, les enjeux juridiques soulevés par chaque aspect de la pratique en question seront étudiés. Enfin, le dernier chapitre de cet essai sera réservé à deux enjeux, soit le rôle du consentement et la sécurité des données, qui ne relèvent pas d’une pratique commerciale spécifique, mais qui sont avant tout des conséquences directes de l’évolution des technologies de l’information.

Les enjeux juridiques concernant les nouveaux modèles d’affaires basés sur la commercialisation des données

Cet essai est présenté en tant que mémoire de maîtrise dans le cadre du programme de droit des technologies de l’information. Ce mémoire traite de différents modèles d’affaires qui ont pour caractéristique commune de commercialiser les données dans le contexte des technologies de l’information. Les pratiques commerciales observées sont peu connues et l’un des objectifs est d’informer le lecteur quant au fonctionnement de ces pratiques. Dans le but de bien situer les enjeux, cet essai discutera d’abord des concepts théoriques de vie privée et de protection des renseignements personnels. Une fois ce survol tracé, les pratiques de « data brokerage », de « cloud computing » et des solutions « analytics » seront décortiquées. Au cours de cette description, les enjeux juridiques soulevés par chaque aspect de la pratique en question seront étudiés. Enfin, le dernier chapitre de cet essai sera réservé à deux enjeux, soit le rôle du consentement et la sécurité des données, qui ne relèvent pas d’une pratique commerciale spécifique, mais qui sont avant tout des conséquences directes de l’évolution des technologies de l’information.

A conceptualisation of a governance model for biobanks in the digital society

Biobanks are key infrastructures in data-driven biomedical research. The counterpoint of this optimistic vision is the reality of biobank governance, which must address various ethical, legal and social issues, especially in terms of open consent, privacy and secondary uses which, if not sufficiently resolved, may undermine participants’ and society’s trust in biobanking. The effect of the digital paradigm on biomedical research has only accentuated these issues by adding new pressure for the data protection of biobank participants against the risks of covert discrimination, abuse of power against individuals and groups, and critical commercial uses. Moreover, the traditional research-ethics framework has been unable to keep pace with the transformative developments of the digital era, and has proven inadequate in protecting biobank participants and providing guidance for ethical practices. To this must be added the challenge of an increased tendency towards exploitation and the commercialisation of personal data in the field of biomedical research, which may undermine the altruistic and solidaristic values associated with biobank participation and risk losing alignment with societal interests in biobanking. My research critically analyses, from a bioethical perspective, the challenges and the goals of biobank governance in data-driven biomedical research in order to understand the conditions for the implementation of a governance model that can foster biomedical research and innovation, while ensuring adequate protection for biobank participants and an alignment of biobank procedures and policies with society’s interests and expectations. The main outcome is a conceptualisation of a socially-oriented and participatory model of biobanks by proposing a new ethical framework that relies on the principles of transparency, data protection and participation to tackle the key challenges of biobanks in the digital age and that is well-suited to foster these goals.

Surveillance risks in IoT applied to smart cities

Nowadays, cities deal with unprecedented pollution and overpopulation problems, and Internet of Things (IoT) technologies are supporting them in facing these issues and becoming increasingly smart. IoT sensors embedded in public infrastructure can provide granular data on the urban environment, and help public authorities to make their cities more sustainable and efficient. Nonetheless, this pervasive data collection also raises high surveillance risks, jeopardizing privacy and data protection rights. Against this backdrop, this thesis addresses how IoT surveillance technologies can be implemented in a legally compliant and ethically acceptable fashion in smart cities. An interdisciplinary approach is embraced to investigate this question, combining doctrinal legal research (on privacy, data protection, criminal procedure) with insights from philosophy, governance, and urban studies. The fundamental normative argument of this work is that surveillance constitutes a necessary feature of modern information societies. Nonetheless, as the complexity of surveillance phenomena increases, there emerges a need to develop more fine-attuned proportionality assessments to ensure a legitimate implementation of monitoring technologies. This research tackles this gap from different perspectives, analyzing the EU data protection legislation and the United States and European case law on privacy expectations and surveillance. Specifically, a coherent multi-factor test assessing privacy expectations in public IoT environments and a surveillance taxonomy are proposed to inform proportionality assessments of surveillance initiatives in smart cities. These insights are also applied to four use cases: facial recognition technologies, drones, environmental policing, and smart nudging. Lastly, the investigation examines competing data governance models in the digital domain and the smart city, reviewing the EU upcoming data governance framework. It is argued that, despite the stated policy goals, the balance of interests may often favor corporate strategies in data sharing, to the detriment of common good uses of data in the urban context.

The right to explanation

This research investigates the use of Artificial Intelligence (AI) systems for profiling and decision-making, and the consequences that it poses to rights and freedoms of individuals. In particular, the research considers that automated decision-making systems (ADMs) are opaque, can be biased, and their logic is correlation-based. For these reasons, ADMs do not take decisions as human beings do. Against this background, the risks for the rights of individuals combined with the demand for transparency of algorithms have created a debate on the need for a new 'right to explanation'. Assuming that, except in cases provided for by law, a decision made by a human does not entitle to a right to explanation, the question has been raised as to whether – if the decision is made by an algorithm – it is necessary to configure a right to explanation for the decision-subject. Therefore, the research addresses a right to explanation of automated decision-making, examining the relation between today’s technology and legal concepts of explanation, reasoning, and transparency. In particular, it focuses on the existence and scope of the right to explanation, considering legal and technical issues surrounding the use of ADMs. The research analyses the use of AI and the problems arising from it from a legal perspective, studying the EU legal framework – especially in the data protection field. In this context, a part of the research is focused on transparency requirements under the GDPR (namely, Articles 13–15, 22, as well as Recital 71). The research aims to outline an interpretative framework of such a right and make recommendations about its development, aiming to provide guidelines for an adequate explanation of automated decisions. Hence, the thesis analyses what an explanation might consist of, and the benefits of explainable AI – examined from legal and technical perspectives.