-
1
المساهمون: Fonds National de la Recherche - FnR [sponsor], Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Software Verification and Validation Lab (SVV Lab) [research center]
المصدر: Software and Systems Modeling. 20:2071-2087
مصطلحات موضوعية: Computer science [C05] [Engineering, computing & technology], Computer science, regulatory compliance, Modeling and Simulation, GDPR, Sciences informatiques [C05] [Ingénierie, informatique & technologie], Data science, Software, Data modeling
الوصف: In Europe and indeed worldwide, the Gen- eral Data Protection Regulation (GDPR) provides pro- tection to individuals regarding their personal data in the face of new technological developments. GDPR is widely viewed as the benchmark for data protection and privacy regulations that harmonizes data privacy laws across Europe. Although the GDPR is highly ben- e cial to individuals, it presents signi cant challenges for organizations monitoring or storing personal infor- mation. Since there is currently no automated solution with broad industrial applicability, organizations have no choice but to carry out expensive manual audits to ensure GDPR compliance. In this paper, we present a complete GDPR UML model as a rst step towards de- signing automated methods for checking GDPR compli- ance. Given that the practical application of the GDPR is infuenced by national laws of the EU Member States,we suggest a two-tiered description of the GDPR, generic and specialized. In this paper, we provide (1) the GDPR conceptual model we developed with complete trace- ability from its classes to the GDPR, (2) a glossary to help understand the model, (3) the plain-English de- scription of 35 compliance rules derived from GDPR along with their encoding in OCL, and (4) the set of 20 variations points derived from GDPR to specialize the generic model. We further present the challenges we faced in our modeling endeavor, the lessons we learned from it, and future directions for research.
الوصول الحر: https://explore.openaire.eu/search/publication?articleId=doi_dedup___::86fd9c324e2a2a23118fbf2bad3f458dTest
https://doi.org/10.1007/s10270-021-00935-5Test -
2
المصدر: Huynh, T D, Tsakalakis, N, Helal, A, Stalla-Bourdillon, S & Moreau, L 2021, ' Addressing Regulatory Requirements on Explanations for Automated Decisions with Provenance : A Case Study ', Digital Government: Research and Practice, vol. 2, no. 2, 16e . https://doi.org/10.1145/3436897Test
مصطلحات موضوعية: explainable computing, Public Administration, Computer Networks and Communications, Computer science, 05 social sciences, data provenance, 020207 software engineering, 02 engineering and technology, 050905 science studies, Data science, Pipeline (software), Computer Science Applications, Whole systems, Variety (cybernetics), automated decisions, Work (electrical), Audit trail, Loan, 0202 electrical engineering, electronic engineering, information engineering, Lower cost, GDPR, 0509 other social sciences, Software, Information Systems
الوصف: AI-based automated decisions are increasingly used as part of new services being deployed to the general public. This approach to building services presents significant potential benefits, such as the reduced speed of execution, increased accuracy, lower cost, and ability to adapt to a wide variety of situations. However, equally significant concerns have been raised and are now well documented such as concerns about privacy, fairness, bias, and ethics. On the consumer side, more often than not, the users of those services are provided with no or inadequate explanations for decisions that may impact their lives. In this article, we report the experience of developing a socio-technical approach to constructing explanations for such decisions from their audit trails, or provenance, in an automated manner. The work has been carried out in collaboration with the UK Information Commissioner’s Office. In particular, we have implemented an automated Loan Decision scenario, instrumented its decision pipeline to record provenance, categorized relevant explanations according to their audience and their regulatory purposes, built an explanation-generation prototype, and deployed the whole system in an online demonstrator.
وصف الملف: text; application/pdf
الوصول الحر: https://explore.openaire.eu/search/publication?articleId=doi_dedup___::2c501aaaad83e4d5d6be9a776ca1f148Test
https://doi.org/10.1145/3436897Test -
3
المؤلفون: Jennifer Cobbe, Heleen Janssen, Chris Norval, Jatinder Singh
المساهمون: Janssen, Heleen [0000-0002-2785-5741], Cobbe, Jennifer [0000-0001-8912-4760], Singh, Jat [0000-0002-5102-6564], Apollo - University of Cambridge Repository, IViR (FdR)
المصدر: International Data Privacy Law, 10(4). Oxford University Press
مصطلحات موضوعية: transparency, data protection, personal and household exemption, Class (computer programming), Relation (database), Computer science, Federated data processing, Business model, Data science, restrict, User control, General Data Protection Regulation, special categories of data, Key (cryptography), Confidentiality, responsibility, GDPR, personal data stores, control, Law, lawful grounds
الوصف: When it comes to online services, users have limited control over how their personal data is processed. This is partly due to the nature of the business models of those services, where data is typically stored and aggregated in data centres. This has recently led to the development of technologies aiming at leveraging user control over the processing of their personal data. Personal Data Stores (“PDSs”) represent a class of these technologies; PDSs provide users with a device, enabling them to capture, aggregate and manage their personal data. The device provides tools for users to control and monitor access, sharing and computation over data on their device. The motivation for PDSs are described as (i) to assist users with their confidentiality and privacy concerns, and/or (ii) to provide opportunities for users to transact with or otherwise monetise their data.While PDSs potentially might enable some degree of user empowerment, they raise interesting considerations and uncertainties in relation to the responsibilities under the General Data Protection Regulation (GDPR). More specifically, the designations of responsibilities among key parties involved in PDS ecosystems are unclear. Further, the technical architecture of PDSs appears to restrict certain lawful grounds for processing, while technical means to identify certain special categories of personal data, as proposed by some, may remain theoretical.We explore the considerations, uncertainties, and limitations of PDSs with respect to some key obligations under the GDPR. As PDS technologies continue to develop and proliferate, potentially providing an alternative to centralised approaches to data processing, we identify issues which require consideration by regulators, PDS platform providers and technologists.
وصف الملف: application/pdf
الوصول الحر: https://explore.openaire.eu/search/publication?articleId=doi_dedup___::23510623883eb9f47d32214241c936feTest
https://doi.org/10.1093/idpl/ipaa016Test -
4
المؤلفون: Dorota Krekora-Zając, Błażej Marciniak, Jakub Pawlikowski
المصدر: Frontiers in Genetics, Vol 12 (2021)
Frontiers in Geneticsمصطلحات موضوعية: Code of conduct, GDPR Poland, Measure (data warehouse), Data processing, Computer science, code of conduct, QH426-470, Biobank, Data science, Biological materials, biobanking, Policy and Practice Reviews, recommendations, genetic data, Genetics, Molecular Medicine, Normative, Data Protection Act 1998, Genetics (clinical), Soft law
الوصف: Personal data protection has become a fundamental normative challenge for biobankers and scientists researching human biological samples and associated data. The General Data Protection Regulation (GDPR) harmonises the law on protecting personal data throughout Europe and allows developing codes of conduct for processing personal data based on GDPR art. 40. Codes of conduct are a soft law measure to create protective standards for data processing adapted to the specific area, among others, to biobanking of human biological material. Challenges in this area were noticed by the European Data Protection Supervisor on data protection and Biobanking and BioMolecular Resources Research Infrastructure–European Research Infrastructure Consortium (BBMRI.ERIC). They concern mainly the specification of the definitions of the GDPR and the determination of the appropriate legal basis for data processing, particularly for transferring data to other European countries. Recommendations indicated in the article, which are based on the GDPR, guidelines published by the authority and expert bodies, and our experiences regarding the creation of the Polish code of conduct, should help develop how a code of conduct for processing personal data in biobanks should be developed.
الوصول الحر: https://explore.openaire.eu/search/publication?articleId=doi_dedup___::21b8e74c5510685ab060fc0ff37c9ecdTest
https://www.frontiersin.org/articles/10.3389/fgene.2021.711614/fullTest -
5
المصدر: Knowledge and Information Systems
مصطلحات موضوعية: Computer science, 02 engineering and technology, Permission, Ontology (information science), computer.software_genre, Consent, Artificial Intelligence, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Regular Paper, SPARQL, RDF, GDPR, computer.programming_language, Web Ontology Language, computer.file_format, Data science, Human-Computer Interaction, Hardware and Architecture, General Data Protection Regulation, 020201 artificial intelligence & image processing, Data integration, computer, Personally identifiable information, Software, Information Systems
الوصف: Data processing is increasingly becoming the subject of various policies and regulations, such as the European General Data Protection Regulation (GDPR) that came into effect in May 2018. One important aspect of GDPR is informed consent, which captures one’s permission for using one’s personal information for specific data processing purposes. Organizations must demonstrate that they comply with these policies. The fines that come with non-compliance are of such importance that it has driven research in facilitating compliance verification. The state-of-the-art primarily focuses on, for instance, the analysis of prescriptive models and posthoc analysis on logs to check whether data processing is compliant to GDPR. We argue that GDPR compliance can be facilitated by ensuring datasets used in processing activities are compliant with consent from the very start. The problem addressed in this paper is how we can generate datasets that comply with given consent “just-in-time”. We propose RDF and OWL ontologies to represent the consent that an organization has collected and its relationship with data processing purposes. We use this ontology to annotate schemas, allowing us to generate declarative mappings that transform (relational) data into RDF driven by the annotations. We furthermore demonstrate how we can create compliant datasets by altering the results of the mapping. The use of RDF and OWL allows us to implement the entire process in a declarative manner using SPARQL. We have integrated all components in a service that furthermore captures provenance information for each step, further contributing to the transparency that is needed towards facilitating compliance verification. We demonstrate the approach with a synthetic dataset simulating users (re-)giving, withdrawing, and rejecting their consent on data processing purposes of systems. In summary, it is argued that the approach facilitates transparency and compliance verification from the start, reducing the need for posthoc compliance analysis common in the state-of-the-art.
الوصول الحر: https://explore.openaire.eu/search/publication?articleId=doi_dedup___::f5a60ce8992c13e645e2d61d2ae33adcTest
http://europepmc.org/articles/PMC7327958Test -
6
المؤلفون: Zheming Zuo, Robert E. Hall, Noura Al Moubayed, David Budgen, Chris Kennelly, Matthew Watson
المصدر: JMIR Medical Informatics
مصطلحات موضوعية: Information privacy, DPA 2018, EHR, reidentification risk, Computer science, Health Informatics, privacy-preserving, Review, SLM, anonymization, Health Information Management, Health care, media_common.cataloged_instance, Data Protection Act 1998, Information governance, European union, GDPR, media_common, Data anonymization, business.industry, healthcare, Usability, Data science, usability, Information sensitivity, data science, business
الوصف: BackgroundData science offers an unparalleled opportunity to identify new insights into many aspects of human life with recent advances in health care. Using data science in digital health raises significant challenges regarding data privacy, transparency, and trustworthiness. Recent regulations enforce the need for a clear legal basis for collecting, processing, and sharing data, for example, the European Union’s General Data Protection Regulation (2016) and the United Kingdom’s Data Protection Act (2018). For health care providers, legal use of the electronic health record (EHR) is permitted only in clinical care cases. Any other use of the data requires thoughtful considerations of the legal context and direct patient consent. Identifiable personal and sensitive information must be sufficiently anonymized. Raw data are commonly anonymized to be used for research purposes, with risk assessment for reidentification and utility. Although health care organizations have internal policies defined for information governance, there is a significant lack of practical tools and intuitive guidance about the use of data for research and modeling. Off-the-shelf data anonymization tools are developed frequently, but privacy-related functionalities are often incomparable with regard to use in different problem domains. In addition, tools to support measuring the risk of the anonymized data with regard to reidentification against the usefulness of the data exist, but there are question marks over their efficacy.ObjectiveIn this systematic literature mapping study, we aim to alleviate the aforementioned issues by reviewing the landscape of data anonymization for digital health care.MethodsWe used Google Scholar, Web of Science, Elsevier Scopus, and PubMed to retrieve academic studies published in English up to June 2020. Noteworthy gray literature was also used to initialize the search. We focused on review questions covering 5 bottom-up aspects: basic anonymization operations, privacy models, reidentification risk and usability metrics, off-the-shelf anonymization tools, and the lawful basis for EHR data anonymization.ResultsWe identified 239 eligible studies, of which 60 were chosen for general background information; 16 were selected for 7 basic anonymization operations; 104 covered 72 conventional and machine learning–based privacy models; four and 19 papers included seven and 15 metrics, respectively, for measuring the reidentification risk and degree of usability; and 36 explored 20 data anonymization software tools. In addition, we also evaluated the practical feasibility of performing anonymization on EHR data with reference to their usability in medical decision-making. Furthermore, we summarized the lawful basis for delivering guidance on practical EHR data anonymization.ConclusionsThis systematic literature mapping study indicates that anonymization of EHR data is theoretically achievable; yet, it requires more research efforts in practical implementations to balance privacy preservation and usability to ensure more reliable health care applications.
الوصول الحر: https://explore.openaire.eu/search/publication?articleId=doi_dedup___::49077bafe85b4e27e91cc7ffe06536e2Test
http://europepmc.org/articles/PMC8556642Test -
7
المؤلفون: Tristan Henderson, Zoe Zwiebelmann
المساهمون: University of St Andrews. School of Computer Science, University of St Andrews. Centre for Research into Equality, Diversity & Inclusion
المصدر: UbiComp/ISWC Adjunct
مصطلحات موضوعية: Fitness Trackers, QA75, Activity tracking, Computer science, QA75 Electronic computers. Computer science, T-NDAS, Audit, NIS, External auditor, Data science, Set (abstract data type), Upload, General Data Protection Regulation, Accountability, Data portability, K Law, GDPR
الوصف: Pervasive systems are almost omnipresent in their collection andprocessing of personal data. Understanding what these systems ar edoing is essential for trust, and to ensure that data being collected are accurate. Auditing these systems can help to determine the accuracy of these data. Such audit may take place internally by systems designers, but external audit is important for accountability. In this paper we explore whether users can conduct their own external audit of the systems with which they interact. In particular, we use the Right to Data Portability afforded to data subjects through the General Data Protection Regulation. Using fitness trackers, we collect and upload running data to a set of data controllers. By using data portability to then obtain a copy of our data, we compare the data held by the controllers with our ground-truth data. We find some inaccuracies in the data, but also that audit can be impeded by insufficient explanations from data controllers. Postprint
وصف الملف: application/pdf
الوصول الحر: https://explore.openaire.eu/search/publication?articleId=doi_dedup___::19623252fc78af082054e07880dd6f0cTest
https://wraps-workshop.github.ioTest/ -
8
المؤلفون: Erika Nazaruka
المصدر: Complex Systems Informatics and Modeling Quarterly, Vol 0, Iss 24 (2020)
Complex Systems Informatics and Modeling Quarterly; No 24 (2020): Complex Systems Informatics and Modeling Quarterly; I-IIمصطلحات موضوعية: Information management, Data collection, lcsh:T58.5-58.64, Process (engineering), Computer science, lcsh:Information technology, Enterprise architecture, Information security, security, gdpr, privacy, Data science, Data type, Monitoring System, Internet of Things (IoT), Virtual Assistant, Privacy, Security, GDPR, Compliance, Enterprise Architecture, Digital Transformation, Water Quality, compliance, water quality, Security controls, internet of things (iot), enterprise architecture, virtual assistant, digital transformation, General Materials Science, monitoring system, Dissemination
الوصف: Complex systems consist of multiple interacting parts; some of them (or even all of them) may also be systems. While performing their tasks, these parts operate with multiple data and information flows. Data are gathered, created, transferred, and analyzed. Information based on the analyzed data is assessed and taken into account during decision making. Different types of data and a large number of data flows can be considered as one of the sources of system complexity. Thus, information management, including data control, is an important aspect of complex systems development and management. According to ISO/IEC/IEEE 15288:2015, “the purpose of the Information Management Process is to generate, obtain, confirm, transform, retain, retrieve, disseminate and dispose of information, to designated stakeholders…”. Information management strategies consider the scope of information, constrains, security controls and information life cycle. This means that information management activities should be implemented starting from the level of primitive data gathering and ending with enterprise-level decision making. The articles, which have been recommended by reviewers for this issue of CSIMQ, present contributions in different aspects of information management in complex systems, namely, implementation of harmful environment monitoring and data transmitting by Internet-of-Things (IoT) systems, analysis of technological and organizational means for mitigating issues related to information security and users’ privacy that can lead to changes in corresponding systems’ processes, organization and infrastructure, as well as assessment of potential benefits that a controlled (i.e. based on the up-to-date information) change process can bring to an enterprise.
وصف الملف: application/pdf
الوصول الحر: https://explore.openaire.eu/search/publication?articleId=doi_dedup___::5e40bfe88a5072bd33511b0175a69759Test
https://csimq-journals.rtu.lv/article/view/4253Test -
9
المؤلفون: Norbert A. Streitz, Maurits Kaptein, Marc Böhlen, Dimitris Charitos
المساهمون: Department of Methodology and Statistics
المصدر: Journal of Ambient Intelligence and Smart Environments, 11(1), 87-107. IOS Press
مصطلحات موضوعية: spatial communication interfaces, Privacy by Design, autonomous intelligent systems, Computer science, multi-armed bandit problem, 02 engineering and technology, smart-everything, 01 natural sciences, ethically aligned design, Smart city, 0202 electrical engineering, electronic engineering, information engineering, general data protection regulations, GDPR, uncertainty, Design methods, future data, traceability of algorithms, Grand Challenges, Ambient intelligence, human control, 010401 analytical chemistry, citizen-centered design, Intelligent decision support system, 020206 networking & telecommunications, artificial intelligence, design trade-offs, Data science, human in the loop, self-aware city, 0104 chemical sciences, general artificial intelligence, machine learning, smart city, hybrid city, Software deployment, smart environments, governance of technology, privacy by design, Smart environment, Opaque AI, data science, non-verbal communication, humane and sociable AmI, Software, algorithmic transparency
الوصف: This paper highlights selected grand challenges that concern especially the social and the design dimensions of research and development in Ambient Intelligence (AmI) and Smart Environments (SmE). Due to the increasing deployment and usage of ‘smart’ technologies determining a wide range of everyday life activities, there is an urgent need to reconsider their societal implications and how to address these implications with appropriate design methods. The paper presents four perspectives on the subject grounded in different approaches. First, introducing and reflecting on the implications of the ‘smart-everything’ paradigm, the resulting design trade-offs and their application to smart cities. Second, discussing the potential of non-verbal communication for informing the design of spatial interfaces for AmI design practices. Third, reflecting on the role of new data categories such as ‘future data’ and the role of uncertainty and their implications for the next generation of AmI environments. Finally, debating the merits and shortfalls of the world’s largest professional engineering community effort to craft a global standards body on ethically aligned design for autonomous and intelligent systems. The paper benefits from taking different perspectives on common issues, provides commonalities and relationships between them and provides anchor points for important challenges in the field of ambient intelligence.
الوصول الحر: https://explore.openaire.eu/search/publication?articleId=doi_dedup___::9142613aeb2beed317539dae341678d1Test
https://doi.org/10.3233/ais-180507Test -
10
المؤلفون: Andreas Öjehag-Pettersson, Michaela Padden
مصطلحات موضوعية: Public Administration, Sociology and Political Science, Computer science, Discourse analysis, Political Science, Statsvetenskap, 05 social sciences, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Data science, 050601 international relations, 0506 political science, WPR, General Data Protection Regulation, 050602 political science & public administration, surveillance, ComputingMilieux_COMPUTERSANDSOCIETY, Profiling (information science), Annan samhällsvetenskap, Tracking (education), GDPR, profiling, discourse analysis, Other Social Sciences
الوصف: How we choose to utilize digital technology has the potential to undermine the healthy functioning of democratic systems. Surveillance practices such as the tracking, collection and profiling of our online and real-world behavior pose a direct challenge to privacy rights and democratic freedoms such as fairness and anti-discrimination. This paper aims to understand how the GDPR represents risk and, in turn, how that representation shapes protection. Using Carol Bacchi's 'What's the Problem Represented to Be?' (WPR) approach to policy analysis, we illustrate how the GDPR's dual aims of protecting both people and the free flow of personal data exist in a state of tension and that the GDPR's framing of 'public interest' privileges economic growth over individual rights. Also problematic is the assumption that people are sufficiently informed to exercise control over their data, yet are being asked to agree to practices which may undermine that very autonomy.
وصف الملف: application/pdf
الوصول الحر: https://explore.openaire.eu/search/publication?articleId=doi_dedup___::fad4f2a30ec4237407caa588c2a79b26Test
http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-84453Test
