Spionage im Zeitalter von Big Data: globale Überwachung und der Schutz der Privatsphäre im Völkerrecht
In: Archiv des Völkerrechts: AVR, Volume 52, Issue 3, p. [375]-406
ISSN: 0003-892X
9613 results
Sort by:
In: Archiv des Völkerrechts: AVR, Volume 52, Issue 3, p. [375]-406
ISSN: 0003-892X
World Affairs Online
After numerous revisions of the initial draft of the ePrivacy Regulation, the Portuguese presidency finally submitted a draft that all EU Member States agreed on. We would like to take the opportunity of the beginning of the trilogue to point out a serious technical flaw in the current draft. This flaw lies in the ambiguous relationship between the ePrivacy Regulation and the GDPR. As such, this ambiguity calls into question the applicability of several decisive provisions of the GDPR; first and foremost, the data protection by design approach and co-regulation instruments such as codes of conduct and certificates. The electronic communications sector is characterised by two key aspects in particular: its rapid pace of technological development and the dependency of users on the trustworthiness of electronic communication providers. Since third parties mediate the data subjects' communication, data subjects on their own can only exercise limited control over their privacy, freedom, equality, etc. Based on our interdisciplinary research focusing on personalised content and tracking technologies, we observe that the current draft of the ePrivacy Regulation itself does not provide a level of protection that could be considered effective in meeting the needs of electronic communications users. Effective protection could however be provided by applying the aforementioned GDPR-provisions. It would therefore be contradictory for the ePrivacy Regulation to jeopardize through its ambiguous interplay with the GDPR the application of the very GDPR provisions that are best suited to keep up with the needs of the data subjects. In our opinion, to avoid this ambiguity, the legislator has two options: Either the legislator may specifically clarify the application of the data protection by design approach and other related provisions (in particular the processing principles, data subjects' rights and certification mechanisms) in the ePrivacy Regulation. Or, more fundamentally, the legislator may clarify, firstly, in Art. 1 ...
BASE
In: Data Governance Network, Working Paper 18, 2021
SSRN
The development of modern technology has brought many benefits to its users but it has also seriously endangered individual privacy and raised numerous issues concerning the the protection of personal data. The common assumption that Internet users are largely anonymous in cyberspace is wrong because they leave a trail of all their online activities. Actively or passively, consciously or unconsciously, individuals leave certain personal data which can be either abused or used without the owner's authorization. Thus, personal privacy can be seriously endangered. In this paper, the author provides an overview of the normative framework on online privacy in the European Union and in Serbia. The EU regulation concerning the protection of privacy in cyberspace is fairly satisfactory, and it is constantly updated in order to keep up with the latest technological developments. The Republic of Serbia has enacted a number of legislative acts regulating some segments of online privacy but the Serbian legislation in this area is generally more suitable for the analogue than for the digital environment, for which reason it has to be further amended and upgraded. ; Informatička tehnologija omogućila je mnoge pogodnosti korisnicima, ali je ozbiljno dovela u pitanje privatnost pojedinca. Pogrešno je mišljenje da se bilo koja radnja može obavljati na Internetu (dakle onlajn), a da to ne bude primećeno i/ili zabeleženo. Koristeći različite Internet servise, korisnici svesno ili nesvesno, aktivno ili pasivno ostavljaju određene lične podatke o sebi. Neko može te podatke kasnije neovlašćeno upotrebiti ili zloupotrebiti i tako povrediti privatnost pojedinca. U Evropskoj Uniji postoji sasvim zadovoljavajuća regulativa u oblasti zaštite privatnosti u digitalnom okruženju. Uz to, u težnji da se ide u korak sa tehnologijom stalno se donose novi propisi. Sa druge strane, uprkos činjenici da postoje određeni zakoni koji regulišu pojedine segmente privatnosti, zakonodavstvo u Srbiji je još uvek primerenije analognoj tehnologiji, odnosno ...
BASE
With the implementation of the updated minimum emergency data set MIND3 in 2011, the German Interdisciplinary Association for Intensive Care and Emergency Medicine (DIVI) created a simplified and therefore more powerful tool for supraregional acquisition of prehospital emergency medical data and quality management. While discussing the adaptation, the working group of the Austrian Society for Anesthesiology, Resuscitation and Intensive Care Medicine (ÖGARI) raised the question for further usability of the data set, e.g. linkage to other health records or use for scientific purposes. Most important to achieve this goal is the possibility of data association and matching data sets. Data privacy protection laws prohibit use of individual patient data for register purposes. Although being a good tool for overall quality management, MIND3 especially fails in questions where it is crucial to handle an individual as a consistent entity without disclosing personally identifiable information. Future application spectrum seems to be limited. To facilitate higher performance, it is urgently necessary to define the further purposes of patient data recording and to develop safe technological solutions. Possible implementations on privacy protection politics have to be identified and discussed.
BASE
Objective A wealth of data is generated through Australia's universal health care arrangements. However, use of these data has been hampered by different federal and state legislation, privacy concerns and challenges in linking data across jurisdictions. A series of data reforms have been touted to increase population health research capacity in Australia, including pharmacoepidemiology research. Here we catalogued research leveraging Australia's Pharmaceutical Benefits Scheme (PBS) data (2014-2018) and discussed these outputs in the context of previously implemented and new data reforms. Methods We conducted a systematic review of population-based studies using PBS dispensing claims. Independent reviewers screened abstracts of 4,996 articles and 310 full-text manuscripts. We characterised publications according to study population, analytical approach, data sources used, aims and medicines focus. Results We identified 180 studies; 133 used individual-level data, 70 linked PBS dispensing claims with other health data (66 across jurisdictions). Studies using individual-level data focussed on Australians receiving government benefits (87 studies) rather than all PBS-eligible persons. 63 studies examined clinician or patient practices and 33 examined exposure-outcome relationships (27 evaluated medicines safety, 6 evaluated effectiveness). Medicines acting on the nervous and cardiovascular system account for the greatest volume of PBS medicines dispensed and were the most commonly studied (67 and 40 studies, respectively). Antineoplastic and immunomodulating agents account for approximately one third of PBS expenditure but represented only 10% of studies in this review. Conclusions The studies in this review represent more than a third of all population-based pharmacoepidemiology research published in the last three decades in Australia. Recent data reforms have contributed to this escalating output. However, studies are concentrated among specific subpopulations and medicines classes, and there remains a limited understanding of population benefits and harms derived from medicines use. The current draft Data Availability and Transparency legislation should further bolster efforts in population health research.
BASE
This resource is divided into two primary sections. The first is an annotated bibliography of works related to our integrated literature review on data justice, and the second is a table of organisations conducting data justice or data justice adjacent work. The annotated bibliography contains works relevant to each theme of the integrated literature review which is an accompanying document to this resource. Within each theme and sub-theme key works as well as summaries are provided to direct the reader to additional readings about the topics. This annotated bibliography is not an exhaustive resource, but rather meant to serve as a starting point for learning more about these topics. The table of organisations contains information about organisations conducting data justice or adjacent data justice work across the globe. To ensure the inclusion of a diverse set of organisations from across the globe and across relevant stakeholder groups, the team adopted a three-pronged approach to the identification of organisations. First, recommendations were taken from our existing advisory board members whose expertise on data justice within their regions of operation allowed them to identify organisations which might have been missed. Second, existing networks were examined to identify small organisations working at the intersection of datafication and social justice. This included the Association of Progressive Communications whose aim is 'empowering and supporting people working for peace, human rights, development and protection of the environment, through the strategic use of information and technologies and Privacy International who aim 'to protect democracy, defend people's dignity, and demand accountability from institutions who breach public trust'. Third, through active research and cascading search, additional organisations were identified based on prior work on datafication and social justice, previous experience of stakeholder engagement, and strong networks among relevant stakeholder groups. The table serves ...
BASE
Questa tesi di Dottorato discute la centralità degli utenti nei processi di gestione della privacy e della protezione dei dati personali, propone e sostiene un modello applicativo basato su politiche users-centric di tipo Sticky Privacy Policies per un efficace e dinamico controllo contestuale del trattamento e della divulgazione dei dati personali, in contesti informazionali rispetto ai quali il mantenimento dei requisiti di qualità tanto dell'informativa quanto del consenso o dell'autorizzazione al trattamento risultano critici per il differenziarsi – rispetto alle condizioni iniziali, dei possibili utilizzi, delle molteplici finalità e dei possibili soggetti interessati. La ricerca tiene conto sia delle prescrizioni regolatorie giuridiche allo stato vigenti sia di quelle tecniche, quindi degli standard applicativi de facto in materia di privacy framework; propone rinnovate forme di rischio in contesti distinti da elevata inferenza informativa e da una pluralità di soggetti interessati (Multiple Subjects Personal Data), esemplificandone e provandone alcune implicazioni per le informazioni personali condivise nella lista contatti dell'App WhatsApp Messenger e rispetto alle quali formula azioni di controllo basate sull'utilizzo di Sticky Privacy Policies; propone una modellazione della privacy per l'espressione di politiche d'uso user-centric associate alla struttura dati. La tesi è organizzata su cinque capitoli. I primi tre capitoli descrivono rispettivamente lo scenario normativo e il passaggio in atto tra la Direttiva 24 Ottobre 1995 e il Regolamento Europeo 679/2016 del 24 Aprile 2016; lo stato dell'arte in tema di dato personale e privacy; le contromisure strumentali alla protezione delle informazioni stesse in relazione alle criticità occorrenti. Il quarto e il quinto capitolo contengono una nuova concettualizzazione della privacy e delle nuove vulnerabilità a supporto della quale illustra una semplice Proof of Concept nel contesto d'uso dell'App WhatsApp Messenger. ; This PhD thesis assesses the centrality of users in the privacy and personal data process management. It proposes and defends an application model based on user-centric policies based on Sticky Privacy Policies for an effective and dynamic control and distribution of personal data under circumstances where the maintenance of quality elements concerning the consent or the authorization for the data treatment are crucial changing – in comparison to the initial conditions, the possible applications, the multiple purposes and the multiple subjects involved. The research takes into account both legal and technical requirements in place, therefore including the application standards de facto related to the privacy requirements; it proposes new types of risks in situations with an high degree of informative inference and Multiple Subjects Personal Data, demonstrating and proving some of the implications for the personal information shared in the contact list of the App WhatsApp Messenger and for which it proposes control actions based on the Sticky Privacy Policies; it also proposes a modelling of privacy to express user-centric privacy policies. The thesis is structured on five chapters. The first three chapters describe the regulatory environment and the changes from the Directive 24 October 1995 and the European Rule 679/2016 dated 24 April 2016; the current situation in terms of personal data and privacy, the remedy actions for the protection of the personal data information. The fourth and the fifth chapters include new privacy and weaknesses concepts in relation to which the document shows a simple Proof of Concept in the contest of WhatsApp Messenger App.
BASE
User attributes refer to a person's various demographic characteristics, like income, education, job, age, gender, socioeconomic status (SES), etc. User attributes play an important role in many research areas like sociology and education. Recently, companies have become more and more interested in user attributes because these attributes are also valuable to many emerging applications, such as personalized recommendation, customized marketing and precise advertisements. For example, previous works leverage the users' age, gender, occupation to improve the performance of personalized recommendation. The manual survey is the traditional way to collect user attributes, which is highly expensive and time-consuming. Many researchers try to infer user attributes based on various kinds of user-generated data, like people's tweets or cellphone records. Compared with the survey method, these proposed machine-learning-based user attribute inference (UAI) methods are much quicker and cheaper. However, there are still many open challenges: to introduce new kind of user-generated data source into attribute inference; to improve the accuracy for multiple attribute prediction based on limited data sources; to improve the performance of user-attribute-enhanced (UAE) tasks by UAI methods. For the first challenge, human mobility data based socioeconomic status (SES) inference is chosen as a case study of introducing new data source into UAI. The notion of SES of a person or family reflects the corresponding entity's social and economic rank in society. This attribute can help applications like bank loaning decisions and provide measurable inputs for related studies like social stratification, social welfare and business planning. Traditionally, estimating SES for a large population is performed by national statistical institutes through a large number of household interviews. Recently researchers begin to estimate individual-level SES from people's social media data. However, these methods cannot work if researchers cannot get people's cyberspace data. So we need to continue to introduce new data sources, especially some widely recorded real-world users' behavior such as human mobility. In this work, we leverage Smart Card Data (SCD) for public transport systems, which records the temporal and spatial mobility behavior of a large population of users. More specifically, we develop S2S, a deep learning-based method for estimating people's SES based on their SCD. Essentially, S2S models two types of SES-related features, namely the temporal-sequential feature and general statistical feature, and leverages deep learning for SES estimation. We evaluate our approach in an actual dataset, Shanghai subway SCD, which involves millions of users. The results show that the proposed method can use mobility data for SES inference and clearly outperforms several state-of-art methods in terms of various evaluation metrics. For the next challenge, home location-based multiple Socioeconomic Attributes (SEA) Inference is selected as an example problem of improving the accuracy of multiple attribute inference with the limited input information. Inferring people's socioeconomic attributes (SEAs) including income, occupation and education level is an important problem for applications like personalized recommendation and targeted advertising. Some methods have been proposed to estimate SEAs, if users have rich information like tweet contents through a long period. However, the accuracy of these methods may be affected if researchers can only get limited information of users (e.g., no or very few tweet content). Besides, limited by the budget and time, researchers may have to estimate as many as attributes with a limited data source. Multi-SEA-inference based on limited information is even harder. Here we choose home location as an example of limited data sources. The longitude and latitude of home location is often used as a supportive data source in UAI work. The accuracy of existing methods will be seriously affected if we only get users' home location. In this work, we try to predict a person's income level, family income level, occupation type and education level from his/her home location. We collect people's home locations and socioeconomic attributes through a survey involving 9 provinces and 85 cities of China. Then we design new basic features by enriching home location with the knowledge from real estate websites, government statistics websites, online map services, etc. To learn a shared representation from input features as well as attribute-specific representations for different SEAs, we propose a multi-task learning method with attention mechanism, which is called H2SEA. The factorization machine-based embedding component of H2SEA can also generates more kinds of new interacted features base on the input basic features. Extensive experiment results show that the proposed H2SEA model outperforms alternative models for SEA inference in terms of various evaluation metrics, such as AUC, F-measure, and specificity. The first two works are focusing on improving the performance of UAI itself in different scenarios. In the final work, we expand the focus to improve UAE tasks with the help of UAI. There are two kinds of tasks relying on user attributes. For user-attribute-based (UAB) tasks, researchers cannot carry out these tasks without user attributes. For UAE, attributes are not necessary, but can be used to enhance their performance. From the first two challenges, we can see designing an accurate UAI method requires a lot of works including data mining and model design. UAE researchers usually would rather give up the benefits of UAI to lower the cost, especially if the missing rates of attributes are too high or there are many kinds of missing attributes. In this thesis, we take collaborative filtering (CF) recommender system as a case study of UAE tasks. CF recommendation methods mainly rely on user-item history interactions, which may suffer from the interaction sparsity problem. Therefore, some algorithms have been proposed to leverage user/item attributes (e.g, user location or item brand) to enhance the recommendation performance. However, in real-world datasets, user/item attributes are often missing for reasons like privacy concerns. CF recommender systems usually use unknown tags or zeros as simple substitutes of missing attributes instead of leveraging UAI. In the final work, we first conduct empirical experiments to quantify how the recommending performance can be affected if we just use simple substitutes for missing attributes. Then we discuss how to alleviate this negative impact caused by the missing attributes by UAI. Although recommending and UAI are usually separately studied, we argue they can be both seen as graph node representation learning tasks based on node interactions. We develop a novel multi-task Attribute-Enhanced Graph Convolutional Network (AEGCN) method, which enhances recommendation by auxiliary UAI tasks. The auxiliary attribute inference tasks can send estimated attribute information to the recommending task, improving the recommendation performance with incomplete attributes. More specifically, we define recommending and profiling in one user-item bipartite graph. The two kinds of tasks share one graph convolutional network (GCN) to learn the user/item-hidden representations. Then the user/item representations are used for profiling while their combination is used to predict users' preference on items. Extensive experimental results on three real-world datasets demonstrate that AEGCN is simple yet effective for missing attributes. Compared with attribute-enhanced CF models, AEGCN achieves comparable performance when the attributes are complete, and significant improvements when the missing rate increases. This thesis chooses mobility-based SES prediction, home-based SEA prediction and CF recommender system as case studies of three open challenges of UAI. The three challenges studied in this thesis belong to a general effort to expand UAI from one-attribute-prediction to multiattribute-prediction and finally multi-task framework, which includes both UAI and UAE tasks.
BASE
SSRN
This paper is about the practical usage of distributed ledger technology to promote the application of big data to development, bringing benefits to the relationship between society, media, technology, e-commerce and political power. The main ideas of the work are that there is a subtle limit between the ethical social use of data, fair competition and the privacy right; the data protection regulations are difficult to be traced and possibly insufficient; the use of distributed ledger technology can bring more security, accountability and data protection. This subject is especially important to track the effectiveness of voluntary sustainability standard in a global value chain production economy because there is a wide range of performance, quality and credibility difference among the various standards that have been used. The complexity lies in identifying those that are really relevant to economic, social and environmental development, that do not constitute mere greenwash or unjustifiable excessive demands just to harm the competition. The research aims to contribute to the UN SDGs 12 (responsible production), 16 (justice and effective institutions) and 17 (partnerships and means of implementation).
BASE
This paper is about the practical usage of distributed ledger technology to promote the application of big data to development, bringing benefits to the relationship between society, media, technology, e-commerce and political power. The main ideas of the work are that there is a subtle limit between the ethical social use of data, fair competition and the privacy right; the data protection regulations are difficult to be traced and possibly insufficient; the use of distributed ledger technology can bring more security, accountability and data protection. This subject is especially important to track the effectiveness of voluntary sustainability standard in a global value chain production economy because there is a wide range of performance, quality and credibility difference among the various standards that have been used. The complexity lies in identifying those that are really relevant to economic, social and environmental development, that do not constitute mere greenwash or unjustifiable excessive demands just to harm the competition. The research aims to contribute to the UN SDGs 12 (responsible production), 16 (justice and effective institutions) and 17 (partnerships and means of implementation).
BASE
In: Advances in Information and Communication Research 1
In: Springer eBook Collection
Preface: Overview of the Japanese ICT Policies -- Part I Introduction -- Fundamentals of the Japanese ICT Policies: Regulatory framework -- Broadband development policy, Digital divide and universal service -- Interconnection and number policies -- Part II Radio Spectrum -- Spectrum Management -- Development of Mobile Technology (3G, 4G, 5G) -- Efficient Use of Radio Spectrum -- Part III Personal Data, Privacy and Security -- Cybersecurity -- Consumer protection and security -- Personal Data Protection -- Part IV Cutting-Edge ICT -- Big Data, IoT, AI and Smart City -- Net neutrality -- International Cooperation -- Part V ICT in the Global Context -- ICT for Education and Literacy -- International Cooperation ODA.
The amount of data and information collected and processed by space technologies, in particular through Earth observation programs and telecommunication services, is increasing day by day. Meanwhile, the socio-economic environment surrounding such activities is rapidly changing: data are employed for new purposes, private actors are involved in the dissemination of these information and new users get access to space data. In this context, international law is required to addressed the new challenges deriving from such changes such as the protection of data protection and the right to privacy. The paper aims at analysing the state of the art, focusing on the main provisions of international space law, including both hard law and soft law instruments, covering the collection and dissemination of space data, especially those coming from remote sensing satellites. Then, the focus will shift on assessing the scope of application of new legal provisions which are applicable to this matter, in particular the recent regulation on data protection adopted by the European Union (GDPR). In conclusion, the research aims at assessing a legal framework for the big data, which represents a necessary step to minimize the risks and maximize the benefits stemming from those technologies.
BASE
The advertisements you see while browsing the Internet are rarely accidental. For instance, Alliance Data, one of many new companies in the booming data-marketing industry, can instantaneously recognize that a user visiting their client's website is Joel Stein, a thirty-nine year-old, college educated male, who makes over $125,000 a year. Alliance Data also knows that Joel is likely to make purchases online, but only spends about $25 dollars a purchase. Using this information, and the specifics of over 100 of Joel's past online purchases, Alliance Data creates advertisements specifically tailored to Joel and displays them as he continues to browse the Internet.
BASE