Privacy by Design – Searching for the Balance Between Privacy, Personal Data Protection and Development of Artificial Intelligence Systems

The concept of data protection by default and by design is fundamental step for understanding contemporary personal data protection processes. The principle of "data protection by design" has been introduced to protect the rights of individuals in the automated processing of personal data. It should be reflected in all contemporary epitome of digitalisation, including artificial intelligence. Its continuation is the data protection by default.

Download Full-text

Concept of Development to Regulate Relations in the Field of Artificial Intelligence Technologies and Robotics: Analysis of the Main Provisions

Baikal Research Journal ◽

10.17150/2411-6262.2020.11(4).15 ◽

2020 ◽

Vol 11 (4) ◽

Author(s):

Ildar Begishev

Keyword(s):

Artificial Intelligence ◽

Data Exchange ◽

Personal Data ◽

Liability Insurance ◽

Personal Data Protection ◽

Protection Systems ◽

The Russian Federation ◽

The Government ◽

And Robotics ◽

Artificial Intelligence Systems

Decree of the Government of the Russian Federation No. 2129-R of August 19, 2020 approved the Concept to regulate relations in the field of artificial intelligence and robotics technologies until 2024. This document currently represents a set of legal perspectives in this area and it also defines the framework for creating a multidimensional legal platform in the field of robotics and artificial intelligence. The concept offers different ways to regulate artificial intelligence and robotics systems, in particular, it considers issues related to liability insurance for damage caused by artificial intelligence systems or robots, data exchange and personal data protection systems, problems of exporting artificial intelligence systems and robots, and so on. Analysis of the main provisions of the Concept allowed us to conclude that, given the variety of directions taken into account the document, we can say that, overall, the document is quite logical in the framework of the issue under consideration and with some refinement and additions of individual sections it may take its rightful place among similar foreign analogues.

Download Full-text

Legal Aspects of Artificial Intelligence on Automated Decision-Making in Indonesia

Lentera Hukum ◽

10.19184/ejlh.v7i3.18380 ◽

2020 ◽

Vol 7 (3) ◽

pp. 301

Author(s):

Denindah Olivia

Keyword(s):

Artificial Intelligence ◽

United States ◽

Decision Making ◽

Data Protection ◽

Personal Data ◽

Legal Protection ◽

The United States ◽

The European Union ◽

Personal Data Protection ◽

Automated Decision Making

This paper analyzes the importance of Indonesia's comprehensive legal framework on automated decision-making empowered by Artificial Intelligence, comparing it to the European Union, the United States, and China. Specifically, this paper inquires about the status quo of the legal protection of automated decision-making In Indonesia. The analysis highlights profiling in an automated decision-making system with the following discussion about personal data protection. In this context, the European Union's member states set out the General Data Protection Regulation (GDPR) that prohibits automated decision-making to a certain extent. In the United States, the practice of automated decision-making is rather usual. Simultaneously, China takes an exceptional measure instead and develops this automation through a social credit system. The analysis concludes that Indonesia has weak legal protection towards personal data and profiling, which later becomes the basis in facilitating automated decision-making. The provision of automated decision-making and profiling is the absolute bare minimum to Indonesia's Personal Data Protection Bill due to insufficient legal certainty. In the end, it is paramount for lawmakers to consider a comprehensive regulation on automated decision-making by adopting the European Union's GDPR framework. KEYWORDS: Artificial Intelligence, Automated Decision-Making, Personal Data Protection.

Download Full-text

Effects and Projections of the Brazilian General Data Protection Law (LGPD) Application and the Role of the DPO

Digital Transformation and Challenges to Data Security and Privacy - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-4201-9.ch011 ◽

2021 ◽

pp. 195-208

Author(s):

Claudio Roberto Pessoa ◽

Bruna Cardoso Nunes ◽

Camila de Oliveira ◽

Marco Elísio Marques

Keyword(s):

Artificial Intelligence ◽

Data Protection ◽

Personal Data ◽

Personal Data Protection ◽

Specific Objective ◽

The World ◽

General Data ◽

Data Protection Law ◽

The Impact

The world scenario is changing when we talk about personal data protection. Not that long ago, it was common to find companies that sell databases, and other companies that work with the information contained into these databases, aimed to create profiles and generate solutions, using technologies such as big data and artificial intelligence, among others, looking to be attractive and get more customers. In order to protect the privacy of citizens across the world, laws have been created and/or expanded to reinforce this protection. In Brazil, specifically, the Lei de Proteção de Dados Pessoais – LGPD [General Data Protection Law] was created. This research aims to analyze this law, as well as other laws that orbit around it. The goal is to know the impact of law enforcement on business routine and, as a specific objective, what the role of DPO (Data Protection Officer) in organizations will be.

Download Full-text

Enabling trustworthy personal data protection in eHealth and well-being services through privacy-by-design

International Journal of Distributed Sensor Networks ◽

10.1177/1550147720912110 ◽

2020 ◽

Vol 16 (5) ◽

pp. 155014772091211 ◽

Cited By ~ 2

Author(s):

Tomás Robles ◽

Borja Bordel ◽

Ramón Alcarria ◽

Diego Sánchez-de-Rivera

Keyword(s):

Data Protection ◽

User Satisfaction ◽

Personal Information ◽

Personal Data ◽

Well Being ◽

Smart Contracts ◽

Privacy By Design ◽

Digital Service ◽

Personal Data Protection

Users are each day more aware of their privacy and data protection. Although this problem is transversal to every digital service, it is especially relevant when critical and personal information is managed, as in eHealth and well-being services. During the last years, many different innovative services in this area have been proposed. However, data management challenges are still in need of a solution. In general, data are directly sent to services but no trustworthy instruments to recover these data or remove them from services are available. In this scheme, services become the users’ data owners although users keep the rights to access, modify, and be forgotten. Nevertheless, the adequate implementation of these rights is not guaranteed, as services use the received data with commercial purposes. In order to address and solve this situation, we propose a new trustworthy personal data protection mechanism for well-being services, based on privacy-by-design technologies. This new mechanism is based on Blockchain networks and indirection functions and tokens. Blockchain networks execute transparent smart contracts, where users’ rights are codified, and store the users’ personal data which are never sent or given to external services. Besides, permissions and privacy restrictions designed by users to be applied to their data and services consuming them are also implemented in these smart contracts. Finally, an experimental validation is also described to evaluate the Quality of Experience (in terms of user satisfaction) and Quality of Service (in terms of processing delay) compared to traditional service provision solutions.

Download Full-text

The Effects of Applying Privacy by Design to Preserve Privacy and Personal Data Protection in Mobile Cloud Computing: An Exploratory Study

Symmetry ◽

10.3390/sym12122039 ◽

2020 ◽

Vol 12 (12) ◽

pp. 2039

Author(s):

Hussain Mutlaq Alnajrani ◽

Azah Anir Norman

Keyword(s):

Cloud Computing ◽

Data Protection ◽

Mobile Cloud Computing ◽

Personal Data ◽

Perceived Barriers ◽

Perceived Threat ◽

Mobile Cloud ◽

Privacy By Design ◽

Personal Data Protection ◽

It Systems

Mobile cloud computing (MCC) is a domain that stemmed from advances in mobile technology and cloud computing. Although debate continues about the best strategies to preserve privacy and personal data protection in MCC, it is essential to explore the effects of applying privacy by design (PbD) to preserve privacy and personal data protection in MCC. PbD is a general philosophy that demonstrates privacy should not be overviewed as an afterthought, but rather as a first-class requirement in the design of IT systems. This study explores the effects of applying PbD to preserve privacy and personal data protection in MCC, and is focused on the privacy of personal data. In this exploration, a framework using PbD has been demonstrated, and seven hypotheses were formulated. Moreover, a survey was implemented where 386 responses were used to test the formulated hypotheses. The results of this study supported the perceived benefits, cues to action of PbD, and perceived threat are positively and directly related to privacy and personal data protection behavior in MCC. Moreover, the results supported that the perceived barriers are negatively and directly related to privacy and personal data protection behavior in MCC. Overall, the results support the utilization of PbD to preserve privacy and personal data protection in MCC and encourage the practitioners to utilize PbD to preserve privacy and personal data protection in MCC.

Download Full-text

Comparative legal study on privacy and personal data protection for robots equipped with artificial intelligence: looking at functional and technological aspects

AI & Society ◽

10.1007/s00146-017-0758-8 ◽

2017 ◽

Vol 34 (3) ◽

pp. 509-533 ◽

Cited By ~ 4

Author(s):

Kaori Ishii

Keyword(s):

Artificial Intelligence ◽

Data Protection ◽

Personal Data ◽

Legal Study ◽

Personal Data Protection

Download Full-text

The right to respect private life in the context of the development of artificial intelligence

10.13166/wsge//vptv1229 ◽

2021 ◽

pp. 10-19

Author(s):

Greta Angjeli ◽

Besmir Premalaj

Keyword(s):

Artificial Intelligence ◽

Human Rights ◽

Data Protection ◽

Privacy Protection ◽

Personal Data ◽

Private Life ◽

General Data Protection Regulation ◽

Personal Data Protection ◽

The Right To Privacy ◽

The Right

One of the fundamental human rights protected by various international conventions is the right to the protection of privacy, or as defined in the European Convention on Human Rights, the right to respect private and family life. Affiliated to this right is also the right to data protection, which is described by various authors as a modern derivation of the right to privacy protection. The protection of personal data in the context of privacy protection was jeopardized by the rapid and widespread of information technology, automated data processing and the risk of access to this data by unauthorized persons on the network. The legal regulation for the non-violation of the right to respect private life by the processing of personal data with automated systems was one of the challenges of many states which had to allow the use of artificial intelligence for the benefit of further economic and social development, at the same time they had to ensure the protection of the personal data of their citizens. In this context, the EU has issued another regulation on personal data protection (General Data Protection Regulation (EU) 2016/679). The purpose of this paper is to highlight the impact of artificial intelligence on the right to respect private life and the legal protection of personal data from misuse through artificial intelligence.

Download Full-text

Importance of Personal Data Protection Law for Commercial Air Transport

Transactions on Aerospace Research ◽

10.2478/tar-2017-0004 ◽

2017 ◽

Vol 2017 (1) ◽

pp. 35-44

Author(s):

Dawid Zadura

Keyword(s):

Data Protection ◽

Public Information ◽

Personal Data ◽

Air Transport ◽

Civil Aviation ◽

Aviation Industry ◽

Personal Data Protection ◽

It Systems ◽

Data Protection Law ◽

The Law

Abstract In the review below the author presents a general overview of the selected contemporary legal issues related to the present growth of the aviation industry and the development of aviation technologies. The review is focused on the questions at the intersection of aviation law and personal data protection law. Massive processing of passenger data (Passenger Name Record, PNR) in IT systems is a daily activity for the contemporary aviation industry. Simultaneously, since the mid- 1990s we can observe the rapid growth of personal data protection law as a very new branch of the law. The importance of this new branch of the law for the aviation industry is however still questionable and unclear. This article includes the summary of the author’s own research conducted between 2011 and 2017, in particular his audits in LOT Polish Airlines (June 2011-April 2013) and Lublin Airport (July - September 2013) and the author’s analyses of public information shared by International Civil Aviation Organization (ICAO), International Air Transport Association (IATA), Association of European Airlines (AEA), Civil Aviation Authority (ULC) and (GIODO). The purpose of the author’s research was to determine the applicability of the implementation of technical and organizational measures established by personal data protection law in aviation industry entities.

Download Full-text

Problems of establishment and development of the Institution of personal data protection in the Russian Federation: historical-legal aspect

Вопросы безопасности ◽

10.25136/2409-7543.2020.4.33798 ◽

2020 ◽

pp. 28-35

Author(s):

Yanis Arturovich Sekste ◽

Anna Sergeevna Markevich

Keyword(s):

Russian Federation ◽

Data Protection ◽

Information Technologies ◽

Legal Aspect ◽

Personal Data ◽

Legal Regulation ◽

Private Life ◽

Russian Society ◽

Personal Data Protection ◽

The Russian Federation

The subject of this research is the problems emerging in the process of establishment and development of the Institution of personal data protection in the Russian Federation. Special attention is turned to the comparison of Soviet and Western models of protection of private life and personal data. The authors used interdisciplinary approach, as comprehensive and coherent understanding of socio-legal institution of personal data protection in the Russian Federation is only possible in inseparable connection with examination of peculiarities of the key historical stages in legal regulation of private life of the citizen. After dissolution of the Soviet political and legal system, the primary task of Russian law consisted in development and legal formalization of the institution of protection of human and civil rights and freedoms, first and foremost by means of restricting invasion of privacy by the state and enjoyment of personal freedom. It is concluded that the peculiarities of development of the new Russian political and legal model significantly impacted the formation of the institution of personal data protection in the Russian Federation. The authors believe that the Russian legislator and competent government branches are not always capable to manage the entire information flow of personal data; therefore, one of the priority tasks in modern Russian society is the permanent analysis and constant monitoring of the development of information technologies.

Download Full-text