Data sanitization in a clearing system for public transport operators

In this work we will discuss about a project started by the Emilia-Romagna Regional Government regarding the manage of the public transport. In particular we will perform a data mining analysis on the data-set of this project. After introducing the Weka software used to make our analysis, we will discover the most useful data mining techniques and algorithms; and we will show how these results can be used to violate the privacy of the same public transport operators. At the end, despite is off topic of this work, we will spend also a few words about how it's possible to prevent this kind of attack.

Privacy Tradeoffs in Information Technology Law

The thesis aims to make the dynamics of the tradeoffs involving privacy more visible; both theoretically and in two of the central current policy debates in European data protection law, the right to be forgotten and online tracking. In doing so, it offers an explanation for data protection law from an economic perspective and provides a basis for the evaluation of further data protection measures.

Modelli e Strumenti di Classifciazione Automatica per il Controllo dell'Accesso su Piattaforme Big Data

Dall'analisi dei big data si possono trarre degli enormi benefici in svariati ambiti applicativi. Uno dei fattori principali che contribuisce alla ricchezza dei big data, consiste nell'uso non previsto a priori di dati immagazzinati in precedenza, anche in congiunzione con altri dataset eterogenei: questo permette di trovare correlazioni significative e inaspettate tra i dati. Proprio per questo, il Valore, che il dato potenzialmente porta con sè, stimola le organizzazioni a raccogliere e immagazzinare sempre più dati e a ricercare approcci innovativi e originali per effettuare analisi su di essi. L’uso fortemente innovativo che viene fatto dei big data in questo senso e i requisiti tecnologici richiesti per gestirli hanno aperto importanti problematiche in materia di sicurezza e privacy, tali da rendere inadeguati o difficilmente gestibili, gli strumenti di sicurezza utilizzati finora nei sistemi tradizionali. Con questo lavoro di tesi si intende analizzare molteplici aspetti della sicurezza in ambito big data e offrire un possibile approccio alla sicurezza dei dati. In primo luogo, la tesi si occupa di comprendere quali sono le principali minacce introdotte dai big data in ambito di privacy, valutando la fattibilità delle contromisure presenti all’attuale stato dell’arte. Tra queste anche il controllo dell’accesso ha riscontrato notevoli sfide causate dalle necessità richieste dai big data: questo elaborato analizza pregi e difetti del controllo dell’accesso basato su attributi (ABAC), un modello attualmente oggetto di discussione nel dibattito inerente sicurezza e privacy nei big data. Per rendere attuabile ABAC in un contesto big data, risulta necessario l’ausilio di un supporto per assegnare gli attributi di visibilità alle informazioni da proteggere. L’obiettivo di questa tesi consiste nel valutare fattibilità, caratteristiche significative e limiti del machine learning come possibile approccio di utilizzo.

Smart City e Analisi di Big Data da Tracce Vodafone di Dispositivi Mobili

I dispositivi mobili, dagli smartphone ai tablet, sono entrati a far parte della nostra quotidianità. Controllando l’infrastruttura delle comunicazioni, rispetto a qualsiasi altro settore, si ha un maggiore accesso a informazioni relative alla geo-localizzazione degli utenti e alle loro interazioni. Questa grande mole di informazioni può aiutare a costruire città intelligenti e sostenibili, che significa modernizzare ed innovare le infrastrutture, migliorare la qualità della vita e soddisfare le esigenze di cittadini, imprese e istituzioni. Vodafone offre soluzioni concrete nel campo dell’info-mobilità consentendo la trasformazione delle nostre città in Smart City. Obiettivo della tesi e del progetto Proactive è cercare di sviluppare strumenti che, a partire da dati provenienti dalla rete mobile Vodafone, consentano di ricavare e di rappresentare su cartografia dati indicanti la presenza dei cittadini in determinati punti d’interesse, il profilo di traffico di determinati segmenti viari e le matrici origine/destinazione. Per fare questo verranno prima raccolti e filtrati i dati della città di Milano e della regione Lombardia provenienti dalla rete mobile Vodafone per poi, in un secondo momento, sviluppare degli algoritmi e delle procedure in PL/SQL che siano in grado di ricevere questo tipo di dato, di analizzarlo ed elaborarlo restituendo i risultati prestabiliti. Questi risultati saranno poi rappresentati su cartografia grazie a QGis e grazie ad una Dashboard aziendale interna di Vodafone. Lo sviluppo delle procedure e la rappresentazione cartografica dei risultati verranno eseguite in ambiente di Test e se i risultati soddisferanno i requisiti di progetto verrà effettuato il porting in ambiente di produzione. Grazie a questo tipo di soluzioni, che forniscono dati in modalità anonima e aggregata in ottemperanza alle normative di privacy, le aziende di trasporto pubblico, ad esempio, potranno essere in grado di gestire il traffico in modo più efficiente.

“All Data is Credit Data,” or, On Close Reading as a Reciprocal Process in Digital Knowledge Environments

The new knowledge environments of the digital age are oen described as places where we are all closely read, with our buying habits, location, and identities available to advertisers, online merchants, the government, and others through our use of the Internet. This is represented as a loss of privacy in which these entities learn about our activities and desires, using means that were unavailable in the pre-digital era. This article argues that the reciprocal nature of digital networks means 1) that the privacy issues that we face online are not radically different from those of the pre-Internet era, and 2) that we need to reconceive of close reading as an activity of which both humans and computer algorithms are capable.

Impulses for an Effective and Modern Data Protection System

A substantial reform of data protection law is on the agenda of the European Commission as it is widely agreed that data protection law is faced by lots of challenges, due to fundamental technical and social changes or even revolutions. Therefore, the authors have issued draft new provisions on data protection law that would work in both Germany and Europe. The draft is intended to provide a new approach and deal with the consequences of such an approach. This article contains some key theses on the main legislatory changes that appear both necessary and adequate.

Privacy in the Post-NSA Era: Time for a Fundamental Revision?

Big Brother Watch and others have filed a complaint against the United Kingdom under the European Convention on Human Rights about a violation of Article 8, the right to privacy. It regards the NSA affair and UK-based surveillance activities operated by secret services. The question is whether it will be declared admissible and, if so, whether the European Court of Human Rights will find a violation. This article discusses three possible challenges for these types of complaints and analyses whether the current privacy paradigm is still adequate in view of the development known as Big Data.

EU Data Protection Law and Targeted Advertising: Consent and the Cookie Monster - Tracking the crumbs of online user behaviour

This article provides a holistic legal analysis of the use of cookies in Online Behavioural Advertising. The current EU legislative framework is outlined in detail, and the legal obligations are examined. Consent and the debates surrounding its implementation form a large portion of the analysis. The article outlines the current difficulties associated with the reliance on this requirement as a condition for the placing and accessing of cookies. Alternatives to this approach are explored, and the implementation of solutions based on the application of the Privacy by Design and Privacy by Default concepts are presented. This discussion involves an analysis of the use of code and, therefore, product architecture to ensure adequate protections.

Welcome to the Jungle: The Liability of Internet Intermediaries for Privacy Violations in Europe

In Europe, roughly three regimes apply to the liability of Internet intermediaries for privacy violations conducted by users through their network. These are: the e-Commerce Directive, which, under certain conditions, excludes them from liability; the Data Protection Directive, which imposes a number of duties and responsibilities on providers processing personal data; and the freedom of expression, contained inter alia in the ECHR, which, under certain conditions, grants Internet providers several privileges and freedoms. Each doctrine has its own field of application, but they also have partial overlap. In practice, this creates legal inequality and uncertainty, especially with regard to providers that host online platforms and process User Generated Content.

From big smartphone data to worldwide research: The Mobile Data Challenge

This paper presents an overview of the Mobile Data Challenge (MDC), a large-scale research initiative aimed at generating innovations around smartphone-based research, as well as community-based evaluation of mobile data analysis methodologies. First, we review the Lausanne Data Collection Campaign (LDCC), an initiative to collect unique longitudinal smartphone dataset for the MDC. Then, we introduce the Open and Dedicated Tracks of the MDC, describe the specific datasets used in each of them, discuss the key design and implementation aspects introduced in order to generate privacy-preserving and scientifically relevant mobile data resources for wider use by the research community, and summarize the main research trends found among the 100+ challenge submissions. We finalize by discussing the main lessons learned from the participation of several hundred researchers worldwide in the MDC Tracks.

Privacy Panel: Usable and Quantifiable Mobile Privacy

The ever increasing popularity of apps stems from their ability to provide highly customized services to the user. The flip side is that in order to provide such services, apps need access to very sensitive private information about the user. This leads to malicious apps that collect personal user information in the background and exploit it in various ways. Studies have shown that current app vetting processes which are mainly restricted to install time verification mechanisms are incapable of detecting and preventing such attacks. We argue that the missing fundamental aspect here is a comprehensive and usable mobile privacy solution, one that not only protects the user's location information, but also other equally sensitive user data such as the user's contacts and documents. A solution that is usable by the average user who does not understand or care about the low level technical details. To bridge this gap, we propose privacy metrics that quantify low-level app accesses in terms of privacy impact and transforms them to high-level user understandable ratings. We also provide the design and architecture of our Privacy Panel app that represents the computed ratings in a graphical user-friendly format and allows the user to define policies based on them. Finally, experimental results are given to validate the scalability of the proposed solution.

Online privacy concerns and legal assurance: a user perspective

Since the emergence of the Internet and Social Media, privacy concerns and need for regulation in this area have been a frequent subject on the agenda of numerous stakeholders and policy-makers worldwide. Contributing to this debate, this paper builds on the responses of 553 Internet users to uncover users’ current privacy concerns and their attitudes towards legal assurances in this context. Our findings suggest that users have a complex attitude towards these issues. While they express strong concerns about privacy when asked directly, they often have difficulties formulating the exact nature of these concerns. In the Facebook context, Facebook itself is often mentioned as the primary source of threat, closely followed by marketing organizations. Users feel ill-protected by existing legal framework, especially when using Social Networking Sites. Reasons include common beliefs that the law is unable to address complexities of the Internet; local character of laws; possibilities to disregard the law, particularly since enforcement is difficult. Overall, positive changes in legal framework are desirable, with many respondents willing to pay more in taxes to ensure progress in this area.

Privacy Policies and Users’ Trust: Does Readability Matter?

Over the years, a drastic increase in online information disclosure spurs a wave of concerns from multiple stakeholders. Among others, users resent the “behind the closed doors” processing of their personal data by companies. Privacy policies are supposed to inform users how their personal information is handled by a website. However, several studies have shown that users rarely read privacy policies for various reasons, not least because limitedly readable policy texts are difficult to understand. Based on our online survey with over 440 responses, we examine the objective and subjective readability of privacy policies and investigate their impact on users’ trust in five big Internet services. Our findings show the stronger a user believes in having understood the privacy policy, the higher he or she trusts a web site across all companies we studied. Our results call for making readability of privacy policies more accessible to an average reader.

An Economic Theory of Mortgage Redemption Laws

Redemption laws give mortgagors the right to redeem their property following default for a statutorily set period of time. This paper develops a theory that explains these laws as a means of protecting landowners against the loss of non-transferable values associated with their land. A longer redemption period reduces the risk that this value will be lost but also increases the likelihood of default. The optimal redemption period balances these effects. Empirical analysis of cross-state data from the early twentieth century suggests that these factors, in combination with political considerations, explain the existence and length of redemption laws.

An Economic Theory of Mortgage Redemption Laws

Redemption laws give mortgagors the right to redeem their property following default for a statutorily set period of time. This paper develops a theory that explains these laws as a means of protecting landowners against the loss of nontransferable values associated with their land. A longer redemption period reduces the risk that this value will be lost but also increases the likelihood of default. The optimal redemption period balances these effects. Empirical analysis of cross-state data from the early twentieth century suggests that these factors, in combination with political considerations, explain the existence and length of redemption laws.