Cross-Border Flow of Personal Data in the Context of Emigration of the Faithful of the Catholic Church from Poland

The increased emigration of Poles has caused numerous problems of legal and canonical nature, also relating to the activity of the Catholic Church. The article concerns the cross-border processing of personal data carried out by the Catholic Church entities in the context of the emigration of the faithful. Processing of the data of believers takes place, for example, in the formalities related to preparation for entering marriage. From the point of view of canon law the article deals with such issues as: the legality of the process of cross-border data processing, the obligations of the data controller carrying out such a process and the role of the supervisory authority.

Delegation-Based Personal Data Processing Request Notarization Framework for GDPR Based on Private Blockchain

With the growing awareness regarding the importance of personal data protection, many countries have established laws and regulations to ensure data privacy and are supervising managements to comply with them. Although various studies have suggested compliance methods of the general data protection regulation (GDPR) for personal data, no method exists that can ensure the reliability and integrity of the personal data processing request records of a data subject to enable its utilization as a GDPR compliance audit proof for an auditor. In this paper, we propose a delegation-based personal data processing request notarization framework for GDPR using a private blockchain. The proposed notarization framework allows the data subject to delegate requests to process of personal data; the framework makes the requests to the data controller, which performs the processing. The generated data processing request and processing result data are stored in the blockchain ledger and notarized via a trusted institution of the blockchain network. The Hypderledger Fabric implementation of the framework demonstrates the fulfillment of system requirements and feasibility of implementing a GDPR compliance audit for the processing of personal data. The analysis results with comparisons among the related works indicate that the proposed framework provides better reliability and feasibility for the GDPR audit of personal data processing request than extant methods.

Load Frequency Control for Power Systems with Actuator Faults within a Finite-Time Interval

This paper is concerned with the issue of finite-time H ∞ load frequency control for power systems with actuator faults. Concerning various disturbances, the actuator fault is modeled by a homogeneous Markov chain. The aperiodic sampling data controller is designed to alleviate the conservatism of attained results. Based on a new piecewise Lyapunov functional, some novel sufficient criteria are established, and the resulting power system is stochastic finite-time bounded. Finally, a single-area power system is adjusted to verify the effectiveness of the attained results.

An Inner Product Space-Based Hierarchical Key Assignment Scheme for Access Control

An inner product space-based hierarchical key assignment/access control scheme is presented in this work. The proposed scheme can be utilized in any cloud delivery model where the data controller implements a hierarchical access control policy. In other words, the scheme adjusts any hierarchical access control policy to a digital medium. The scheme is based on inner product spaces and the method of orthogonal projection. While distributing a basis for each class by the data controller, the left-to-right and bottom-up policy can ensure much more flexibility and efficiency, especially during any change in the structure. For each class, the secret keys can be derived only when a predetermined subspace is available. The parent class can obtain the keys of the child class, which means a one-way function, and the opposite direction is not allowed. Our scheme is collusion attack and privilege creep problem resistant, as well as key recovery and indistinguishability secure. The performance analysis shows that the data storage overhead is much more tolerable than other schemes in the literature. In addition, the other advantage of our scheme over many others in the literature is that it needs only one operation for the derivation of the key of child classes.

An Inner Product Space-Based Hierarchical Key Assignment Scheme for Access Control

An inner product space-based hierarchical key assignment/access control scheme is presented in this work. The proposed scheme can be utilized in any cloud delivery model where the data controller implements a hierarchical access control policy. In other words, the scheme adjusts any hierarchical access control policy to a digital medium. The scheme is based on inner product spaces and the method of orthogonal projection. While distributing a basis for each class by the data controller, the left-to-right and bottom-up policy can ensure much more flexibility and efficiency, especially during any change in the structure. For each class, the secret keys can be derived only when a predetermined subspace is available. The parent class can obtain the keys of the child class, which means a one-way function, and the opposite direction is not allowed. Our scheme is collusion attack and privilege creep problem resistant, as well as key recovery and indistinguishability secure. The performance analysis shows that the data storage overhead is much more tolerable than other schemes in the literature. In addition, the other advantage of our scheme over many others in the literature is that it needs only one operation for the derivation of the key of child classes.

Wybrane aspekty prawne dotyczące przetwarzania danych biometrycznych pracowników

<p>Given the growing popularity of biometrics, doubts about the conditions for biometric data processing can be noticed in practice. These inaccuracies take place in various areas of law, including labour law. This article provides a theoretical discussion on the processing of special categories of data. It aims to point to the need for appropriate legal regulations to ensure the security of the processing of biometric data of employees and candidate employees. The article starts with clarifying the concept of biometric data and discusses the practical aspects of the use of biometric tools. Further on, the author analyses the legal regulations concerning the processing of biometric data in the relations between the employer as the personal data controller and the employee as the data subject. As a result of the studies carried out, a position was presented which indicates that the employer who processes biometric data of employees and candidates for employment should always find out whether he has legal justification to process the data in question. This article is one of the few studies on the processing of biometric data in Polish literature on the subject. The main purpose hereof is to present situations under the current legislation, in which the employer can process biometric data of its employees. The article is a form of universal presentation of the problem and may be of interest especially to legal practitioners.</p>