scholarly journals Biometrics, e-Identity, and the Balance between Security and Privacy: Case Study of the Passenger Name Record (PNR) System

2011 ◽  
Vol 11 ◽  
pp. 474-477 ◽  
Author(s):  
G. Nouskalis
Keyword(s):  
Human Rights ◽  
Data Processing ◽  
Credit Card ◽  
Personal Data ◽  
Security And Privacy ◽  
European Convention ◽  
Continuous State ◽  
Other Information ◽  
September 11 Attacks ◽  
Passport Data

The implementation of biometrics entails either the establishment of an identity or tracing a person's identity. Biometric passport data (e.g., irises, fingers, faces) can be used in order to verify a passenger's identity. The proposed Passenger Name Record (PNR) system contains all the information necessary to enable reservations to be processed and controlled by the booking and participating air carriers for each journey booked by or on behalf of any person. PNR data are related to travel movements, usually flights, and include passport data, name, address, telephone numbers, travel agent, credit card number, history of changes in the flight schedule, seat preferences, and other information. In the aftermath of the September 11 attacks, a new emergency political-law status of society was established: the continuous state of “war” against the so-called unlawful combatants of the “enemy”. Officially, the enemy is the terrorists, but the victims of the privacy invasions caused by the above new form of data processing are the civilians. The data processing based on biometrics is covered both by Directive 95/46 EC and Article 8 of the Convention on the Protection of Human Rights and Fundamental Freedoms (now the European Convention on Human Rights, “ECHR”). According to Article 2, Paragraph a of the above Directive, personal data shall mean any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his/her physical, physiological, mental, economic, cultural, or social identity.

scholarly journals The normative framework of the protection of personal data in the field of (bio)medicine

Temida ◽  
2012 ◽  
Vol 15 (3) ◽  
pp. 99-114 ◽  
Author(s):  
Natasa Rajic
Keyword(s):  
Human Rights ◽  
Personal Data ◽  
European Convention ◽  
International Treaties ◽  
Normative Framework ◽  
The Status ◽  
The Republic ◽  
The Right ◽  
Treatment Procedures ◽  
Biomedical Treatment

This paper discusses the normative framework of regulating the right to protection of personal data relating to biomedical treatment procedures of patients as human rights. The subjects of analysis are the European Convention, the Convention on Human Rights and Biomedicine and the relevant provisions of the Constitution of the Republic of Serbia. The right to protection of personal data in the field of biomedicine is analyzed comparatively in terms of the content of this right and in terms of basis for limiting this right. The analysis is carried out to find answers to the question if the constitutional framework is consistent in terms of exercising this right, taking into account the constitutional provision on the direct application of human rights guaranteed by international treaties and other provisions that determine the status of international sources of law in our legal system.

Personal Data Sharing and Legal Issues of Human Rights in the Era of Artificial Intelligence

2019 ◽  
Vol 15 (3) ◽  
pp. 21-36
Author(s):  
Sheshadri Chatterjee ◽  
Sreenivasulu N.S.
Keyword(s):  
Artificial Intelligence ◽  
Human Rights ◽  
Data Sharing ◽  
Personal Data ◽  
Security And Privacy ◽  
Human Right ◽  
Public And Private ◽  
Analyse Data ◽  
Regulatory Controls ◽  
The Impact

Personal data sharing has become an important issue in public and private sectors of our society. However, data subjects are perceived to be always unwilling to share their data on security and privacy reasons. They apprehend that those data will be misused at the cost of their privacy jeopardising their human rights. Thus, personal data sharing is closely associated with human right issues. This concern of data subjects has increased manifolds owing to the interference of Artificial Intelligence (AI) since AI can analyse data without human intervention. In this background, this article has taken an attempt to investigate how applications of AI and imposition of regulatory controls with appropriate governance can influence the impact of personal data sharing on the issues of human right abuses.

scholarly journals The right to private communication using telecommunication means: National and international legal aspects of protection

2019 ◽  
Vol 68 ◽  
pp. 01021
Author(s):  
Olexandr Panasiuk ◽  
Larysa Grynko ◽  
Anna Prokhazka
Keyword(s):  
Human Rights ◽  
Personal Data ◽  
Legal Aspects ◽  
The State ◽  
European Countries ◽  
European Convention ◽  
Private Communication ◽  
Criminal Proceedings ◽  
The Right ◽  
Case Basis

Today's challenges dictate the need to strengthen the national and international legal mechanisms for the protection of personal data and the right to private communication. However, considered rights are not absolute. Legitimate restriction of guaranteed rights is possible, since these means of communication are a powerful tool in the investigation and disclosure of hard/very hard crimes, including transnational ones, especially considering the terrorist threats to Ukraine and other European countries. The possibility of restricting human rights, arising from the guarantees enshrined in the European Convention on Human Rights and consistently enshrined in the ECHR, demands from the state the least compulsory guarantee while interfering with the rights of individuals – to act “in accordance with the law”. Law protection of personal data and right to privacy are researched in the context of peculiarities of conducting investigative (search), secret investigative (search) and other procedural actions in criminal proceedings, which concern access to some telecommunication means (e.g., smartphones). Taking into account different functional purposes of technical means of telecommunication, access and collecting of evidence contained therein, should be carried out on a case-to-case basis, in a different procedural form, considering specifics of telecommunication technologies in each particular case.

Addressing Privacy in Traditional and Cloud-Based Systems

2017 ◽  
pp. 1900-1930
Author(s):  
Christos Kalloniatis ◽  
Evangelia Kavakli ◽  
Stefanos Gritzalis
Keyword(s):  
Credit Card ◽  
System Analysis ◽  
Systems Design ◽  
Personal Data ◽  
Research Area ◽  
Security And Privacy ◽  
Software Systems ◽  
Privacy Requirements ◽  
Credit Card Data ◽  
Privacy Violation

A major challenge in the field of software engineering is to make users trust the software that they use in their everyday activities for professional or recreational reasons. Amid the main criteria that formulate users' trust is the way that that their privacy is protected. Indeed, privacy violation is an issue of great importance for active online users that daily accomplish several transactions that may convey personal data, sensitive personal data, employee data, credit card data and so on. In addition, the appearance of cloud computing has elevated the number of personally identifiable information that users provide in order to gain access to various services, further raising user concerns as to how and to what extend information about them is communicated to others. The aim of this work is to elevate the modern practices for ensuring privacy during software systems design. To this end, the basic privacy requirements that should be considered during system analysis are introduced. Additionally, a number of well-known methods that have been introduced in the research area of requirements engineering which aim on eliciting and modeling privacy requirements during system design are introduced and critically analyzed. The work completes with a discussion of the additional security and privacy concepts that should be considered in the context of cloud-based information systems and how these affect current research.

Addressing Privacy in Traditional and Cloud-Based Systems

2015 ◽  
pp. 1631-1659
Author(s):  
Christos Kalloniatis ◽  
Evangelia Kavakli ◽  
Stefanos Gritzalis
Keyword(s):  
Credit Card ◽  
System Analysis ◽  
Systems Design ◽  
Personal Data ◽  
Research Area ◽  
Security And Privacy ◽  
Software Systems ◽  
Privacy Requirements ◽  
Credit Card Data ◽  
Privacy Violation

A major challenge in the field of software engineering is to make users trust the software that they use in their everyday activities for professional or recreational reasons. Amid the main criteria that formulate users' trust is the way that that their privacy is protected. Indeed, privacy violation is an issue of great importance for active online users that daily accomplish several transactions that may convey personal data, sensitive personal data, employee data, credit card data and so on. In addition, the appearance of cloud computing has elevated the number of personally identifiable information that users provide in order to gain access to various services, further raising user concerns as to how and to what extend information about them is communicated to others. The aim of this work is to elevate the modern practices for ensuring privacy during software systems design. To this end, the basic privacy requirements that should be considered during system analysis are introduced. Additionally, a number of well-known methods that have been introduced in the research area of requirements engineering which aim on eliciting and modeling privacy requirements during system design are introduced and critically analyzed. The work completes with a discussion of the additional security and privacy concepts that should be considered in the context of cloud-based information systems and how these affect current research.

scholarly journals Deep Learning Approaches for Continuous Authentication Based on Activity Patterns Using Mobile Sensing

Sensors ◽  
2021 ◽  
Vol 21 (22) ◽  
pp. 7519
Author(s):  
Sakorn Mekruksavanich ◽  
Anuchit Jitpattanakul
Keyword(s):  
Deep Learning ◽  
Credit Card ◽  
User Authentication ◽  
Binary Classification ◽  
Activity Patterns ◽  
Personal Data ◽  
Security And Privacy ◽  
Sensor Data ◽  
Learning Approaches ◽  
Continuous Authentication

Smartphones as ubiquitous gadgets are rapidly becoming more intelligent and context-aware as sensing, networking, and processing capabilities advance. These devices provide users with a comprehensive platform to undertake activities such as socializing, communicating, sending and receiving e-mails, and storing and accessing personal data at any time and from any location. Nowadays, smartphones are used to store a multitude of private and sensitive data including bank account information, personal identifiers, account passwords and credit card information. Many users remain permanently signed in and, as a result, their mobile devices are vulnerable to security and privacy risks through assaults by criminals. Passcodes, PINs, pattern locks, facial verification, and fingerprint scans are all susceptible to various assaults including smudge attacks, side-channel attacks, and shoulder-surfing attacks. To solve these issues, this research introduces a new continuous authentication framework called DeepAuthen, which identifies smartphone users based on their physical activity patterns as measured by the accelerometer, gyroscope, and magnetometer sensors on their smartphone. We conducted a series of tests on user authentication using several deep learning classifiers, including our proposed deep learning network termed DeepConvLSTM on the three benchmark datasets UCI-HAR, WISDM-HARB and HMOG. Results demonstrated that combining various motion sensor data obtained the highest accuracy and energy efficiency ratio (EER) values for binary classification. We also conducted a thorough examination of the continuous authentication outcomes, and the results supported the efficacy of our framework.

scholarly journals OCHRONA DANYCH OSOBOWYCH KONSUMENTA USŁUGI UBEZPIECZENIOWEJ

2017 ◽  
Vol 4 (2) ◽  
pp. 205
Author(s):  
Monika Kalina
Keyword(s):  
Data Processing ◽  
Consumer Protection ◽  
Data Protection ◽  
Personal Data ◽  
European Convention ◽  
Processing Conditions ◽  
Insurance Law ◽  
Personal Data Protection ◽  
Polish Law

CONSUMER PROTECTION WITH REGARD TO THE PROCESSING OF PERSONAL DATA IN THE INSURANCE SERVICESSummaryThis Article is an attem pt to prove that Polish national law provides personal data protection in the insurance services required by the provisions of Directive 95/46/EC and European Convention No. 108.The Author makes an attem pt to create a list o f fundamental principles, which should be respected in the light o f this Directive and Convention. She analyses implementation of these principles into Polish law by comparing the former and present regulations: the Act of Insurance Activity and the Act on Protection of Personal Data. She discusses special processing conditions - for specific sector (insurance) and special categories of data (sensitive).The next part of the article discusses problems connected with personal data processing in the insurance services by means of Internet.Finally this paper presents different aspects of responsibility of a controller, including special regulations of the insurance law.

scholarly journals The Right to Know the Truth in the Light of the Right to Privacy: The Case of Victims of the Communist Regime in Europe

2017 ◽  
Vol 7 (2) ◽  
pp. 284-310
Author(s):  
Edita Gruodytė ◽  
Silvija Gervienė
Keyword(s):  
Human Rights ◽  
Personal Data ◽  
European Convention ◽  
Communist Regime ◽  
Right To Know ◽  
Privacy Rights ◽  
The Right To Know ◽  
Effective Remedy ◽  
The Right ◽  
Communist Countries

Abstract The right to know the truth is established as one of the rights constituting the right to effective remedy but in post-Communist countries this right is limited to victims of the Communist regime because of failure to access the files of former secret services on two different grounds: certain victim’s information is protected as personal data on the grounds of privacy rights and certain files are still kept as a classified information. Thus, the article analyses if such limitations in post-Communist countries are compatible with Article 8 of the European Convention on Human Rights. The answer is provided using mainly an analysis of the case law of the European Court of Human Rights. Lithuania as a case study was chosen for the analysis in a situation where certain files are kept as classified information.

Balancing the Protection of Genetic Data and National Security in the Era of New Technology

2011 ◽  
pp. 142-154
Author(s):  
Cristina Contartese
Keyword(s):  
Human Rights ◽  
National Security ◽  
Data Protection ◽  
New Technologies ◽  
New Technology ◽  
Personal Data ◽  
Genetic Data ◽  
European Convention ◽  
Personal Data Protection ◽  
European Court

The aim of this work is to examine the European Court of Human Rights’ (ECtHR) balancing exercise between genetic data protection and national security, under Article 8 of the European Convention of Human Rights (ECHR). It analyzes, more specifically, the core principles of the Strasbourg Court that the Council of Europe’s Contracting States are required to apply when they collect and store genetic data in order to reach specific purposes in terms of public security, such as the fight against crimes. It will emerge that the Court, in consideration of the risks new technologies pose to an individual’s data safeguards, pays special attention to the strict periods of storage of such data and requires that their collection be justified by the existing of a pressing social need and a “careful scrutiny” of the principle of proportionally between the intrusive measure and the aim pursued. This work is divided into three main parts. The first part provides a general overview on personal data protection under Article 8, while the second and third part concentrate, respectively, on the collection of genetic data and on their storage for police purposes.

Book Reviews

2014 ◽  
Vol 52 (4) ◽  
pp. 1177-1178
Keyword(s):  
Information Security ◽  
Credit Card ◽  
Personal Data ◽  
Security And Privacy ◽  
Management Tool ◽  
Security Risks ◽  
Economics Of Information ◽  
Security Costs ◽  
The Cost ◽  
The University

Shane Greenstein of Northwestern University reviews “The Economics of Information Security and Privacy”, by Rainer Bohme. The Econlit abstract of this book begins: “Thirteen papers, revised and previously presented at the 11th Workshop on the Economics of Information Security held in Berlin in June 2012, explore the economics of information security and privacy, focusing on the management of information security, the economics of information security, the economics of privacy, and the economics of cybercrime. Papers discuss information security costs; whether to invest or not to invest--assessing the economic viability of a policy and security configuration management tool; ad-blocking games--monetizing online content under the threat of ad avoidance; software security economics--theory, in practice; an empirical study on information security behaviors and awareness; sectoral and regional interdependency of Japanese firms under the influence of information security risks; whether we can afford integrity by proof-of-work--scenarios inspired by the Bitcoin currency; online promiscuity--prophylactic patching and the spread of computer transmitted infections; the privacy economics of voluntary overdisclosure in web forms; choice architecture and smartphone privacy--there's a price for that; personal data disclosure in a simulated credit card application; measuring the cost of cybercrime; and an analysis of e-crime in crowd-sourced labor markets--Mechanical Turk versus Freelancer. Böhme is with the European Research Center for Information Systems at the University of Münster.”

Sign in / Sign up

Export Citation Format

Share Document