Privacy in the 21st Century

The events of 9/11 along with the bombarding in Madrid and London forced governments to resort to new structures of privacy safeguarding and electronic surveillance under the common denominator of terrorism and transnational crime fighting. Legislation as US PATRIOT Act and EU Data Retention Directive altered fundamentally the collection, processing and sharing methods of personal data, while it granted increased powers to police and law enforcement authorities concerning their jurisdiction in obtaining and processing personal information to an excessive degree. As an aftermath of the resulted opacity and the public outcry, a shift is recorded during the last years towards a more open governance by the implementation of open data and cloud computing practices in order to enhance transparency and accountability from the side of governments, restore the trust between the State and the citizens, and amplify the citizens' participation to the decision-making procedures. However, privacy and personal data protection are major issues in all occasions and, thus, must be safeguarded without sacrificing national security and public interest on one hand, but without crossing the thin line between protection and infringement on the other. Where this delicate balance stands, is the focal point of this paper trying to demonstrate that it is better to be cautious with open practices than hostage of clandestine practices.

Download Full-text

Privacy in the 21st Century

Standards and Standardization ◽

10.4018/978-1-4666-8111-8.ch075 ◽

2015 ◽

pp. 1638-1652

Author(s):

Panagiotis Kitsos ◽

Aikaterini Yannoukakou

Keyword(s):

Public Interest ◽

Focal Point ◽

Personal Information ◽

Open Data ◽

Personal Data ◽

Common Denominator ◽

Patriot Act ◽

The Public ◽

Personal Data Protection ◽

The Common

Download Full-text

Limits of data anonymity: lack of public awareness risks trust in health system activities

Life Sciences Society and Policy ◽

10.1186/s40504-021-00115-9 ◽

2021 ◽

Vol 17 (1) ◽

Author(s):

Felix Gille ◽

Caroline Brall

Keyword(s):

Large Scale ◽

Public Awareness ◽

Personal Data ◽

Public Trust ◽

Online News ◽

Healthcare Management ◽

Contact Tracing ◽

Common Denominator ◽

The Public ◽

Privacy And Anonymity

AbstractPublic trust is paramount for the well functioning of data driven healthcare activities such as digital health interventions, contact tracing or the build-up of electronic health records. As the use of personal data is the common denominator for these healthcare activities, healthcare actors have an interest to ensure privacy and anonymity of the personal data they depend on. Maintaining privacy and anonymity of personal data contribute to the trustworthiness of these healthcare activities and are associated with the public willingness to trust these activities with their personal data. An analysis of online news readership comments about the failed care.data programme in England revealed that parts of the public have a false understanding of anonymity in the context of privacy protection of personal data as used for healthcare management and medical research. Some of those commenting demanded complete anonymity of their data to be willing to trust the process of data collection and analysis. As this demand is impossible to fulfil and trust is built on a false understanding of anonymity, the inability to meet this demand risks undermining public trust. Since public concerns about anonymity and privacy of personal data appear to be increasing, a large-scale information campaign about the limits and possibilities of anonymity with respect to the various uses of personal health data is urgently needed to help the public to make better informed choices about providing personal data.

Download Full-text

Development of Personal Information Privacy Concerns Evaluation

Encyclopedia of Information Science and Technology, Fourth Edition ◽

10.4018/978-1-5225-2255-3.ch421 ◽

2018 ◽

pp. 4862-4871

Author(s):

Anna Rohunen ◽

Jouni Markkula

Keyword(s):

Service Providers ◽

Personal Information ◽

Personal Data ◽

Future Research ◽

Privacy Concerns ◽

The Public ◽

Data Intensive ◽

Information Privacy Concerns ◽

Evaluation Instruments ◽

Information And Communication

Personal data is increasingly collected with the support of rapidly advancing information and communication technology, which raises privacy concerns among data subjects. In order to address these concerns and offer the full benefits of personal data intensive services to the public, service providers need to understand how to evaluate privacy concerns in evolving service contexts. By analyzing the earlier used privacy concerns evaluation instruments, we can learn how to adapt them to new contexts. In this article, the historical development of the most widely used privacy concerns evaluation instruments is presented and analyzed regarding privacy concerns' dimensions. Privacy concerns' core dimensions, and the types of context dependent dimensions, to be incorporated into evaluation instruments are identified. Following this, recommendations on how to utilize the existing evaluation instruments are given, as well as suggestions for future research dealing with validation and standardization of the instruments.

Download Full-text

Adataink biztonságban - adatainkban a biztonság?

Információs Társadalom ◽

10.22503/inftars.xvii.2017.1.3 ◽

2017 ◽

Vol 17 (1) ◽

pp. 45

Author(s):

Endre Győző Szabó ◽

Balázs Révész

Keyword(s):

European Union ◽

Data Security ◽

Personal Information ◽

Personal Data ◽

The Other ◽

Legal Regulations ◽

The European Union ◽

Privacy And Security ◽

Personal Data Protection ◽

Common Field

A magánélet és a biztonság népszerű ellentétpárként tűnhet fel az adatvédelmi gondolkodásban. Leegyszerűsítve olvashatjuk sokszor, hogy ha bizonyos feltételek hiányoznak, aránytalanul nagy áldozatot hozhatunk a személyes magánszféra, a privacy oldalán a biztonság érdekében, és magánszféránk túlzott feláldozása a biztonság oltárán visszafordíthatatlan folyamathoz és orwelli világhoz vezet. Más, a biztonság szempontjait mindenek felettinek hirdető érvelésben viszont a személyes adatok védelmére való hivatkozást alkotmányjogi bűvészkedésnek csúfolják és igyekeznek kisebbíteni a magánszféra-védelem egyébként méltányolandó értékeit. A magánélet és a személyes adatok védelmének pedig nagy a tétje, az adatok illetéktelenek részére való kiszolgáltatása, rosszhiszemű felhasználása egzisztenciákat, családokat tehet tönkre, boldogulási lehetőségeket hiúsíthat meg, ha a védelem alacsony szintre süllyed. Másrészről pedig az információszerzés, illetve előzetes adatgyűjtés a különböző bűnelkövetések, terrorcselekmények előkészületi cselekményei is egyben. Azzal, ha a személyes adataink, magánszféránk védelmében ésszerű lépéseket teszünk, élünk a jog és a technológia adta védelmi lehetőségekkel, adatainkat nemcsak az államtól és a piaci szereplőktől, de a bűnözőktől is elzárjuk, és ezzel mindannyiunk biztonságát szolgáljuk. Egy terület tehát biztosan létezik, ahol a biztonság és magánszféra mezsgyéje összeér: az adatbiztonságé és ezzel összefüggésben a tudatos, felelős felhasználói attitűdé, aminek azonban sokszor az emberi tényező a gátja. Jelen tanulmányban a magánszféra és biztonság kérdéskörének komplexitásáról szólunk, és közös nevezőt keresünk az adatkezelések nézőpontjából, kitérve az új adatvédelmi rendelet (GDPR) magánszféránkat és biztonságunkat egyaránt szolgáló leendő jogintézményeinek bemutatására is. --- Data in security – security in our data? Privacy and security may be deemed as a popular dichotomy. It is often argued that even if security is vital, we might sacrifice too much of our privacy in return. This may be irreversible when it comes to the intrusiveness of surveillance. On the other hand, it is also sometimes argued that the importance of personal data protection deserves less attention than security. There is much at stake when it comes to privacy and the protection of personal data. Misuse of personal information may damage families’ lives and ruin people’s livelihoods, thus this may all have significant repercussions for society as a whole – this is the price to be paid if protection is at a low level. Using sophisticated measures that technology and legal regulations can provide, privacy can be protected. Data security is a common field for the protection of privacy and security – crucial for both endeavours to make people’s lives better. This essay describes the complexity of issues related to privacy and security, while also taking new legislation of the European Union into account.

Download Full-text

Processing Personal Data by the Police in the Light of Changes in EU Law

Internal Security ◽

10.5604/01.3001.0012.1715 ◽

2018 ◽

Vol 9 (2) ◽

pp. 229-237

Author(s):

Andrzej Sprycha

Keyword(s):

Personal Information ◽

Personal Data ◽

European Parliament ◽

Private Life ◽

Eu Law ◽

Sensitive Data ◽

Personal Data Protection ◽

Council Directive ◽

Council Regulation ◽

Polish Law

In implementing their statutory tasks the Police can acquire a whole range of personal information, including sensitive data. This usually has a direct relation with combating crime. Therefore, such powers might be implemented without the knowledge and consent of persons to whom the information (data) concerns. Because police activities cause serious and profound intrusion into the sphere of a person’s private life, whose protection is guaranteed by the Constitution, they must be carried out within the limits strictly permitted by law. When discussing national regulations in force which control the issue of personal data protection, one must also take into consideration EU regulations. First of all the European Parliament and Council Regulation (EU) 2016/679 of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and the European Parliament and Council Directive (EU) 2016/680 of 27th April 2016 on the protection of natural persons with regard to the processing of personal data. This directive, commonly known as the police directive, constitutes regulations on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection and prosecution of criminal offences and execution of penalties. The national legislator faces a difficult task of implementation of the above-mentioned European legal acts, all the more so because the choice of particular solutions, to be adopted in their transposition to the legislative and implementing provisions, still remains an open issue. The adopted solutions ought to, on the one hand, ensure coherence with national regulations that implement them, on the other hand, they ought to cause the appropriate adjustment of the Polish law regulations to their requirements. The article presents the normative contents and remarks regarding appropriate, consistent with EU law processing of personal data by the Police.

Download Full-text

Ecological aspects of visual tracking technology and personal data protection

Ukrainian Journal of Ecology ◽

10.15421/2020_220 ◽

2020 ◽

Vol 10 (5) ◽

pp. 142-144

Author(s):

E.A. Remmikh ◽

A.A. Vasiliev ◽

A.A. Vasiliev

Keyword(s):

Visual Tracking ◽

Personal Data ◽

The Public ◽

Personal Data Protection ◽

Ecological Aspects ◽

Improper Use ◽

The Face ◽

Protection Of Human Rights ◽

The Individual ◽

The Relationship

The article deals with the most important problems of protection of human rights in the field of personal data connected with information collection through the visual tracking. The possible risks of using CCTV (closed-circuit television) cameras and the consequences of their improper use are considered. In addition, the authors assessed the relationship between the public security interests and the need to protect the privacy of the individual citizen. This study is related to the widespread digitalization of society and the expansion of application scope regards the face recognition technology.

Download Full-text

Use of Clinical Indicators in the Municipal Hospitals in Japan: An Analysis Based on a Nationwide Questionnaire Survey concerning Medical Information Management

10.31124/advance.13266443 ◽

2020 ◽

Author(s):

Yasutoshi Moteki ◽

Kiyomi Hashimoto

Keyword(s):

Questionnaire Survey ◽

Medical Information ◽

Personal Information ◽

Average Length ◽

Personal Data ◽

Public Hospitals ◽

Care Plan ◽

Clinical Indicators ◽

Personal Data Protection ◽

Local Municipalities

We conducted a questionnaire survey of public hospitals across the country of Japan in order to analyze the issues and challenges concerning personal data protection faced by medical institutions managed by local municipalities in Japan. The reason for targeting public hospitals is that they are more closely related to the regional medical care plan. Questionnaires were sent to all municipal hospitals (887 hospitals with 20 or more beds that are members of the Japan Municipal Hospital Association: JMHA). Key parts of the findings were published as research material in another journal in 2018. This paper summarizes and analyzes the unpublished portion of the 2017 questionnaire survey by the authors. The analysis of the results focuses on the characteristics of the municipal hospitals surveyed and the use of clinical indicators compared by the size of hospitals. While many small and medium-sized hospitals use a common form of consent for the use of personal information, and many large hospitals have specific consent forms for each department (26.4%). Concerning primal method for disposing or deleting personal information, the most chosen item among small and medium-sized hospitals was the incineration or dissolution method (62.5%); the percentage of contractors outsourcing was relatively high in large hospitals (39.5%). In addition, we found the differences between large and small/medium hospitals concerning the use of the clinical indicators. The most used indicator is average length of hospitalization and the rate of hospital bed utilization (80.4%).

Download Full-text

Demarcation of the public and private in the interaction of the state and citizens on digital network platforms

Digital sociology ◽

10.26425/2658-347x-2021-4-3-16-26 ◽

2021 ◽

Vol 4 (3) ◽

pp. 16-26

Author(s):

V. V. Zotov

Keyword(s):

Personal Information ◽

Personal Data ◽

The State ◽

Sociological Study ◽

Negative Experience ◽

Public And Private ◽

Digital Platforms ◽

The Public ◽

Digital Network ◽

Private And Public

Digital network platforms are built on sociotechnical interaction between actors and actors. The creation and development of new public services based on digital platforms inevitably leads to the transformation of the relationship between the state and citizens. The attractiveness of state digital platforms for citizens increases when resolving the contradiction between the possibilities of new forms of social interaction and the threat of misuse of personal data, the risk of harm or persecution.The article presents the results of the analysis of the boundaries of the public and private in the interaction of the state with citizens on digital network platforms. The research method is a comparative analysis, which is based on the dichotomy of public and private, reflected in the concept of private and public X. Arendt, concepts of the public sphere J. Habermas, regulatory and legal concepts of privacy by R. Gavison. The empirical base was made up of a sociological study conducted to obtain information about the boundaries of privacy and publicity of personal data in the digital network space (n = 1 000 among the population over 18 years old living in metropolitan megacities and median regions by the level of informatization, 2020) and the results of Kaspersky Lab surveys conducted in 2019–2020.The conducted research allows us to assert that almost 2/3 of citizens have faced the misuse of confidential information on the Internet. Most of the respondents are aware that websites, social networks and search engines can collect data for web analytics. At the same time, citizens consider it possible to transfer personal data to the authorities in a generalized form for making managerial decisions. Half of the surveyed population does not object to the implementation of digital control over the actions and movements of citizens. Thus, despite the existing negative experience, it is unlikely that there will be any obvious resistance to organizing the collection of personal information on digital network platforms.

Download Full-text

Internet Industry Data Openness and Personal Information Protection Based on Privacy Laws

10.21203/rs.3.rs-924655/v1 ◽

2021 ◽

Author(s):

Yurong Gao ◽

Yiping Guo ◽

Awais Khan Jumani ◽

Achyut Shankar

Keyword(s):

Data Protection ◽

Data Privacy ◽

Personal Information ◽

Open Data ◽

Personal Data ◽

International Standards ◽

Information Protection ◽

Technical Standards ◽

Consumption Ratio ◽

Personal Information Protection

Abstract Data security needs a comprehensive system design approach that combines legal, administrative, and technical protection. These laws generally contain complete rules and principles relevant to the collecting, storing, and using personal information in line with international standards on privacy and data protection. Personal data should be legally collected for a specified reason and not be used without authorization for unlawful monitoring or profiling by governments or third parties. In advocacy and open data activity, increasing attention has been placed on privacy problems. To secure the protection of this data, the Privacy Law (PL) and the Regulations typically put forth industrial and technical standards on IT systems that hold and handle personal data. Concerns about information privacy are genuine, valid, and exacerbated on the Internet of Things (IoT) and Cyber-Physical Systems (CPS). This article suggests that compliance with IoT and CPS Data Privacy (DP) at technical and non-technical levels should be dealt with. The proposed architecture is then coupled with a reference framework for the business architecture to offer a DP-IoT model focused on the industry and technology and positioned to comply with the Personal Information Protection Act (POPI). Therefore, methods are necessary to protect data privacy based on both system and organizational reference designs. In the end, users should have specific rights to information about them, including the capacity and method to seek recourse to protect such rights, to acquire and amend incorrect details. The DP-IoT model shows a privacy ratio of 92.6%, scalability ratio of 91.5, data management ratio of 94.3%, data protection ratio of 96.7%, customer satisfaction rate of 92.2 %, attack prevention ratio of 95.5% and energy consumption ratio of 25.5 % compared to the existing methods.

Download Full-text

OpenEHR and General Data Protection Regulation: Evaluation of Principles and Requirements (Preprint)

10.2196/preprints.9845 ◽

2018 ◽

Author(s):

Duarte Gonçalves-Ferreira ◽

Mariana Sousa ◽

Gustavo M Bacelar-Silva ◽

Samuel Frade ◽

Luís Filipe Antunes ◽

...

Keyword(s):

Data Protection ◽

Personal Data ◽

Design Principles ◽

Security And Privacy ◽

The European Union ◽

Health Records ◽

General Data Protection Regulation ◽

Personal Data Protection ◽

General Data ◽

The Common

BACKGROUND Concerns about privacy and personal data protection resulted in reforms of the existing legislation in the European Union (EU). The General Data Protection Regulation (GDPR) aims to reform the existing directive on the topic of personal data protection of EU citizens with a strong emphasis on more control of the citizens over their data and in the establishment of rules for the processing of personal data. OpenEHR is a standard that embodies many principles of interoperable and secure software for electronic health records (EHRs) and has been advocated as the best approach for the development of hospital information systems. OBJECTIVE This study aimed to understand to what extent the openEHR standard can help in the compliance of EHR systems to the GDPR requirements. METHODS A list of requirements for an EHR to support GDPR compliance and also a list of the openEHR design principles were made. The requirements were categorized and compared with the principles by experts on openEHR and GDPR. RESULTS A total of 50 GDPR requirements and 8 openEHR design principles were identified. The openEHR principles conformed to 30% (15/50) of GDPR requirements. All the openEHR principles were aligned with GDPR requirements. CONCLUSIONS This study showed that the openEHR principles conform well to GDPR, underlining the common wisdom that truly realizing security and privacy requires it to be built in from the start. By using an openEHR-based EHR, the institutions are closer to becoming compliant with GDPR while safeguarding the medical data.

Download Full-text