scholarly journals Excerpt of «Designing for Privacy and its Legal Framework»

sui generis ◽  
2019 ◽  
Author(s):  
Aurelia Tamò-Larrieux
Keyword(s):  
Internet Of Things ◽  
Data Protection ◽  
Legal Framework ◽  
Multiple Perspectives ◽  
Privacy By Design ◽  
Informational Privacy ◽  
Internet Of Things Environment ◽  
Interdisciplinary Nature ◽  
Multiple Services ◽  
The Law

Technical and economic advances have led to the digitalization of our environment. Whether collected from smartphones, smart household devices, or wearable health trackers, data is automatically processed and used to provide us with multiple services throughout the day. While the benefits of such technologies for individual users — as well as society at large — are undisputed, the resulting transformed environment triggers concerns vis-à-vis informational privacy and the loss thereof. These privacy and data protection challenges must be addressed. As privacy protects different and evolving interests, research in this field is a complex undertaking. To do justice to the complex and interdisciplinary nature of privacy and data protection, the topic at hand has to be approached from multiple perspectives. The book «Designing for Privacy and Its Legal Framework» focuses on how the law and technical tools, acting together, can enhance the protection of privacy and data in an Internet of Things environment. In doing so, we provide concrete insights into how to implement the concept of privacy by design.

The Legal Framework for Data and Consumer Protection in Europe

2009 ◽  
pp. 326-346
Author(s):  
Charles O’Mahony
Keyword(s):  
Economic Growth ◽  
European Union ◽  
Consumer Protection ◽  
Data Protection ◽  
Legal Framework ◽  
The European Union ◽  
Legal Structures ◽  
The Creation ◽  
The Law ◽  
Legal Frameworks

This chapter will discuss the legal framework for consumer and data protection in Europe. Central to this discussion will be the law of the European Union (EU) on data and consumer protection.3 Recent years have seen the creation of legal frameworks in Europe which seek to secure the protection of consumers while simultaneously facilitating economic growth in the European Union. This chapter will outline the main sources of law which protect consumers and their privacy. This chapter will outline the important provisions in these sources of law and critically analyse them. The chapter will also point up the gaps and deficiencies in the consumer and data protection legal structures.

scholarly journals Smart meters’ roll out, solutions in favour of a trust enhancing law in the EU

2021 ◽  
Vol 2 (1) ◽  
Author(s):  
Domenico Orlando ◽  
Wim Vandevelde
Keyword(s):  
Data Protection ◽  
National Level ◽  
Legal Framework ◽  
Critical Assessment ◽  
Smart Meters ◽  
The Law ◽  
Roll Out ◽  
The Eu

The article briefly describes the smart meters technology in the electricity field, its potentials and risks in terms of privacy and data protection, which could undermine the trust of customers. Then, the article delineates the EU legal framework that applies to the technology. A critical assessment of the latter follows, with the identification of some flaws. The focus shifts subsequently to the national level of legislation, when the Flemish laws on the matter are analysed. A different part is dedicated to the role that some technologies could have to reduce the risks and implement privacy. In conclusion, some recommendations are proposed to make the law more prone to enhance trust by the customers.   

scholarly journals Right to Customization: Conceptualizing the Right to Repair for Informational Privacy

2021 ◽  
Author(s):  
Aurelia Tamo-Larrieux ◽  
Zaira Zihlmann ◽  
Kimberly Garcia ◽  
Simon Mayer
Keyword(s):  
Data Protection ◽  
Privacy By Design ◽  
Informational Privacy ◽  
General Data Protection Regulation ◽  
Digital Service ◽  
Computer Scientists ◽  
User Data ◽  
General Data ◽  
To Come ◽  
The Right

Using a digital service is often framed in a binary way: Either one agrees to the service provider's data processing practices, and is granted access to the service, or one does not, and is denied the service. Many scholars have lamented these ‘take-it-or-leave-it’ situations, as this goes against the ideals of data protection law. To address this inadequacy, computer scientists and legal scholars have tried to come up with approaches to enable more privacy-friendly products and services. In this article, we call for a right to customize the processing of user data. Our arguments build upon technology-driven approaches as well as on the ideals of privacy by design and the now codified data protection by design and default norm within the General Data Protection Regulation. In addition, we draw upon the right to repair that is propagated to empower consumers and enable a more circular economy. We propose two technologically-oriented approaches, termed ‘variants’ and ‘alternatives’ that could enable the technical implementation of a right to customization. We posit that these approaches cannot be demanded without limitation, and that restrictions will depend on how reasonable a customization demand is.

scholarly journals Privacy Laws and Privacy by Design Schemes for the Internet of Things

2021 ◽  
Vol 54 (5) ◽  
pp. 1-38
Author(s):  
Atheer Aljeraisy ◽  
Masoud Barati ◽  
Omer Rana ◽  
Charith Perera
Keyword(s):  
Internet Of Things ◽  
Data Protection ◽  
Personal Information ◽  
Design Stage ◽  
Sensitive Information ◽  
Privacy By Design ◽  
Framework Analysis ◽  
Systematic Analysis ◽  
Consumer Privacy ◽  
Privacy Act

Internet of Things applications have the potential to derive sensitive information about individuals. Therefore, developers must exercise due diligence to make sure that data are managed according to the privacy regulations and data protection laws. However, doing so can be a difficult and challenging task. Recent research has revealed that developers typically face difficulties when complying with regulations. One key reason is that, at times, regulations are vague and could be challenging to extract and enact such legal requirements. In this article, we have conducted a systematic analysis of the privacy and data protection laws that are used across different continents, namely (i) General Data Protection Regulations, (ii) the Personal Information Protection and Electronic Documents Act, (iii) the California Consumer Privacy Act, (iv) Australian Privacy Principles, and (v) New Zealand’s Privacy Act 1993. Then, we used framework analysis method to attain a comprehensive view of different privacy and data protection laws and highlighted the disparities to assist developers in adhering to the regulations across different regions, along with creating a Combined Privacy Law Framework (CPLF). After that, the key principles and individuals’ rights of the CPLF were mapped with Privacy by Design (PbD) schemes (e.g., privacy principles, strategies, guidelines, and patterns) developed previously by different researchers to investigate the gaps in existing schemes. Subsequently, we have demonstrated how to apply and map privacy patterns into IoT architectures at the design stage and have also highlighted the complexity of doing such mapping. Finally, we have identified the major challenges that should be addressed and potential research directions to take the burden off software developers when applying privacy-preserving techniques that comply with privacy and data protection laws. We have released a companion technical report [3] that comprises all definitions, detailed steps on how we developed the CPLF, and detailed mappings between CPLF and PbD schemes.

Importance of Personal Data Protection Law for Commercial Air Transport

2017 ◽  
Vol 2017 (1) ◽  
pp. 35-44
Author(s):  
Dawid Zadura
Keyword(s):  
Data Protection ◽  
Public Information ◽  
Personal Data ◽  
Air Transport ◽  
Civil Aviation ◽  
Aviation Industry ◽  
Personal Data Protection ◽  
It Systems ◽  
Data Protection Law ◽  
The Law

Abstract In the review below the author presents a general overview of the selected contemporary legal issues related to the present growth of the aviation industry and the development of aviation technologies. The review is focused on the questions at the intersection of aviation law and personal data protection law. Massive processing of passenger data (Passenger Name Record, PNR) in IT systems is a daily activity for the contemporary aviation industry. Simultaneously, since the mid- 1990s we can observe the rapid growth of personal data protection law as a very new branch of the law. The importance of this new branch of the law for the aviation industry is however still questionable and unclear. This article includes the summary of the author’s own research conducted between 2011 and 2017, in particular his audits in LOT Polish Airlines (June 2011-April 2013) and Lublin Airport (July - September 2013) and the author’s analyses of public information shared by International Civil Aviation Organization (ICAO), International Air Transport Association (IATA), Association of European Airlines (AEA), Civil Aviation Authority (ULC) and (GIODO). The purpose of the author’s research was to determine the applicability of the implementation of technical and organizational measures established by personal data protection law in aviation industry entities.

Synthesising Privacy by Design Knowledge Toward Explainable Internet of Things Application Designing in Healthcare

2021 ◽  
Vol 17 (2s) ◽  
pp. 1-29
Author(s):  
Lamya Alkhariji ◽  
Nada Alhirabi ◽  
Mansour Naser Alraja ◽  
Mahmoud Barhamgi ◽  
Omer Rana ◽  
...  
Keyword(s):  
Internet Of Things ◽  
Conceptual Understanding ◽  
Knowledge Engineering ◽  
Privacy Preserving ◽  
Design Knowledge ◽  
Privacy By Design ◽  
Healthcare Applications ◽  
Software Developers ◽  
Healthcare Application ◽  
Application Design

Privacy by Design (PbD) is the most common approach followed by software developers who aim to reduce risks within their application designs, yet it remains commonplace for developers to retain little conceptual understanding of what is meant by privacy. A vision is to develop an intelligent privacy assistant to whom developers can easily ask questions to learn how to incorporate different privacy-preserving ideas into their IoT application designs. This article lays the foundations toward developing such a privacy assistant by synthesising existing PbD knowledge to elicit requirements. It is believed that such a privacy assistant should not just prescribe a list of privacy-preserving ideas that developers should incorporate into their design. Instead, it should explain how each prescribed idea helps to protect privacy in a given application design context—this approach is defined as “Explainable Privacy.” A total of 74 privacy patterns were analysed and reviewed using ten different PbD schemes to understand how each privacy pattern is built and how each helps to ensure privacy. Due to page limitations, we have presented a detailed analysis in Reference [3]. In addition, different real-world Internet of Things (IoT) use-cases, including a healthcare application, were used to demonstrate how each privacy pattern could be applied to a given application design. By doing so, several knowledge engineering requirements were identified that need to be considered when developing a privacy assistant. It was also found that, when compared to other IoT application domains, privacy patterns can significantly benefit healthcare applications. In conclusion, this article identifies the research challenges that must be addressed if one wishes to construct an intelligent privacy assistant that can truly augment software developers’ capabilities at the design phase.

Sign in / Sign up

Export Citation Format

Share Document