Modeling, Analysis and Control of Personal Data to Ensure Data Privacy – A Use Case Driven Approach

2017 ◽  
pp. 87-96 ◽  
Author(s):  
Christian Zinke ◽  
Jürgen Anke ◽  
Kyrill Meyer ◽  
Johannes Schmidt
Keyword(s):  
Data Privacy ◽  
Personal Data ◽  
Use Case ◽  
Modeling Analysis ◽  
And Control

scholarly journals Towards an Architecture to Guarantee Both Data Privacy and Utility in the First Phases of Digital Clinical Trials

Sensors ◽  
2018 ◽  
Vol 18 (12) ◽  
pp. 4175 ◽  
Author(s):  
Fabio Angeletti ◽  
Ioannis Chatzigiannakis ◽  
Andrea Vitaletti
Keyword(s):  
Clinical Trial ◽  
Real World ◽  
Social Life ◽  
Data Privacy ◽  
Medical Condition ◽  
Personal Data ◽  
Technical Requirements ◽  
Confidential Data ◽  
User Data ◽  
And Control

In the era of the Internet of Things (IoT), drug developers can potentially access a wealth of real-world, participant-generated data that enable better insights and streamlined clinical trial processes. Protection of confidential data is of primary interest when it comes to health data, as medical condition influences daily, professional, and social life. Current approaches in digital trials entail that private user data are provisioned to the trial investigator that is considered a trusted party. The aim of this paper is to present the technical requirements and the research challenges to secure the flow and control of personal data and to protect the interests of all the involved parties during the first phases of a clinical trial, namely the characterization of the potential patients and their possible recruitment. The proposed architecture will let the individuals keep their data private during these phases while providing a useful sketch of their data to the investigator. Proof-of-concept implementations are evaluated in terms of performances achieved in real-world environments.

scholarly journals Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation–Compliant Health Data Exchange: A Use Case in Blood Glucose Data (Preprint)

2019 ◽  
Author(s):  
David Hawig ◽  
Chao Zhou ◽  
Sebastian Fuhrhop ◽  
Andre S Fialho ◽  
Navin Ramachandran
Keyword(s):  
Blood Glucose ◽  
Data Privacy ◽  
Data Exchange ◽  
Personal Data ◽  
Use Case ◽  
Concept System ◽  
General Data Protection Regulation ◽  
The Public ◽  
Distributed Ledger ◽  
General Data

BACKGROUND Distributed ledger technology (DLT) holds great potential to improve health information exchange. However, the immutable and transparent character of this technology may conflict with data privacy regulations and data processing best practices. OBJECTIVE The aim of this paper is to develop a proof-of-concept system for immutable, interoperable, and General Data Protection Regulation (GDPR)–compliant exchange of blood glucose data. METHODS Given that there is no ideal design for a DLT-based patient-provider data exchange solution, we proposed two different variations for our proof-of-concept system. One design was based purely on the public IOTA distributed ledger (a directed acyclic graph-based DLT) and the second used the same public IOTA ledger in combination with a private InterPlanetary File System (IPFS) cluster. Both designs were assessed according to (1) data reversal risk, (2) data linkability risks, (3) processing time, (4) file size compatibility, and (5) overall system complexity. RESULTS The public IOTA design slightly increased the risk of personal data linkability, had an overall low processing time (requiring mean 6.1, SD 1.9 seconds to upload one blood glucose data sample into the DLT), and was relatively simple to implement. The combination of the public IOTA with a private IPFS cluster minimized both reversal and linkability risks, allowed for the exchange of large files (3 months of blood glucose data were uploaded into the DLT in mean 38.1, SD 13.4 seconds), but involved a relatively higher setup complexity. CONCLUSIONS For the specific use case of blood glucose explored in this study, both designs presented a suitable performance in enabling the interoperable exchange of data between patients and providers. Additionally, both systems were designed considering the latest guidelines on personal data processing, thereby maximizing the alignment with recent GDPR requirements. For future works, these results suggest that the conflict between DLT and data privacy regulations can be addressed if careful considerations are made regarding the use case and the design of the data exchange system.

scholarly journals Study on the Technical Evaluation of De-Identification Procedures for Personal Data in the Automotive Sector

2021 ◽  
Author(s):  
Kai Rannenberg ◽  
Sebastian Pape ◽  
Frédéric Tronnier ◽  
Sascha Löbner
Keyword(s):  
Data Privacy ◽  
Differential Privacy ◽  
Homomorphic Encryption ◽  
Personal Data ◽  
Legal Aspects ◽  
Use Cases ◽  
Use Case ◽  
User Privacy ◽  
External Data ◽  
Identification Techniques

The aim of this study was to identify and evaluate different de-identification techniques that may be used in several mobility-related use cases. To do so, four use cases have been defined in accordance with a project partner that focused on the legal aspects of this project, as well as with the VDA/FAT working group. Each use case aims to create different legal and technical issues with regards to the data and information that are to be gathered, used and transferred in the specific scenario. Use cases should therefore differ in the type and frequency of data that is gathered as well as the level of privacy and the speed of computation that is needed for the data. Upon identifying use cases, a systematic literature review has been performed to identify suitable de-identification techniques to provide data privacy. Additionally, external databases have been considered as data that is expected to be anonymous might be reidentified through the combination of existing data with such external data. For each case, requirements and possible attack scenarios were created to illustrate where exactly privacy-related issues could occur and how exactly such issues could impact data subjects, data processors or data controllers. Suitable de-identification techniques should be able to withstand these attack scenarios. Based on a series of additional criteria, de-identification techniques are then analyzed for each use case. Possible solutions are then discussed individually in chapters 6.1 - 6.2. It is evident that no one-size-fits-all approach to protect privacy in the mobility domain exists. While all techniques that are analyzed in detail in this report, e.g., homomorphic encryption, differential privacy, secure multiparty computation and federated learning, are able to successfully protect user privacy in certain instances, their overall effectiveness differs depending on the specifics of each use case.

scholarly journals How Blockchain and AI Enable Personal Data Privacy and Support Cybersecurity

2021 ◽  
Author(s):  
Stanton Heister ◽  
Kristi Yuthas
Keyword(s):  
Artificial Intelligence ◽  
Data Privacy ◽  
Personal Data ◽  
Analytical Models ◽  
Data Sets ◽  
Privacy And Security ◽  
Security Breaches ◽  
Digital Surveillance ◽  
User Data ◽  
And Control

Recent increases in security breaches and digital surveillance highlight the need for improved privacy and security, particularly over users’ personal data. Advances in cybersecurity and new legislation promise to improve data protection. Blockchain and distributed ledger technologies provide novel opportunities for protecting user data through decentralized identity and other privacy mechanisms. These systems can allow users greater sovereignty through tools that enable them to own and control their own data. Artificial intelligence provides further possibilities for enhancing system and user security, enriching data sets, and supporting improved analytical models.

scholarly journals Is There a Predisposition towards the Use of New Technologies within the Traffic Field of Emerging Countries? The Case of the Dominican Republic

Electronics ◽  
2021 ◽  
Vol 10 (10) ◽  
pp. 1208
Author(s):  
Francisco Alonso ◽  
Mireia Faus ◽  
Cristina Esteban ◽  
Sergio A. Useche
Keyword(s):  
Dominican Republic ◽  
Road Safety ◽  
New Technologies ◽  
Technological Development ◽  
Personal Data ◽  
Emerging Countries ◽  
Level Of Knowledge ◽  
One Year ◽  
The One ◽  
And Control

Technological devices are becoming more and more integrated in the management and control of traffic in big cities. The population perceives the benefits provided by these systems, and, therefore, citizens usually have a favorable opinion of them. However, emerging countries, which have fewer available infrastructures, could present a certain lack of trust. The objective of this work is to detect the level of knowledge and predisposition towards the use of new technologies in the transportation field of the Dominican Republic. For this study, the National Survey on Mobility was administered to a sample of Dominican citizens, proportional to the ONE census and to sex, age and province. The knowledge of ITS topics, as well as the use of mobile applications for mobility, are scarce; however, there was a significant increase that can be observed in only one year. Moreover, technology is, in general, positively assessed for what concerns the improvement of the traffic field, even though there is a lack of predisposition to provide one’s personal data, which is necessary for these devices. The process of technological development in the country must be backed up by laws that protect the citizens’ privacy. Thus, technologies that can improve road safety, mobility and sustainability can be implemented in the country.

Recorded Business Meetings and AI Algorithmic Tools: Negotiating Privacy Concerns, Psychological Safety, and Control

2021 ◽  
pp. 232948842110370
Author(s):  
Peter W. Cardon ◽  
Haibing Ma ◽  
Carolin Fleischmann
Keyword(s):  
Social Contract ◽  
Data Privacy ◽  
Psychological Safety ◽  
Two Dimensions ◽  
Management Control ◽  
Privacy Concerns ◽  
Business Meetings ◽  
Control Versus ◽  
Algorithmic Analysis ◽  
And Control

Artificial intelligence (AI) algorithmic tools that analyze and evaluate recorded meeting data may provide many new opportunities for employees, teams, and organizations. Yet, these new and emerging AI tools raise a variety of issues related to privacy, psychological safety, and control. Based on in-depth interviews with 50 American, Chinese, and German employees, this research identified five key tensions related to algorithmic analysis of recorded meetings: employee control of data versus management control of data, privacy versus transparency, reduced psychological safety versus enhanced psychological safety, learning versus evaluation, and trust in AI versus trust in people. More broadly, these tensions reflect two dimensions to inform organizational policymaking and guidelines: safety versus risk and employee control versus management control. Based on a quadrant configuration of these dimensions, we propose the following approaches to managing algorithmic applications to recording meeting data: the surveillance, benevolent control, meritocratic, and social contract approaches. We suggest the social contract approach facilitates the most robust dialog about the application of algorithmic tools to recorded meeting data, potentially leading to higher employee control and sense of safety.

Sign in / Sign up

Export Citation Format

Share Document