scholarly journals 如何平衡治理效率與隱私保護?中國和新加坡新冠病毒接觸者追蹤應用程式隱私政策的文本分析

2020 ◽  
Vol 18 (1) ◽  
pp. 113-143
Author(s):  
Bian XIONG ◽  
Fen LIN
Keyword(s):  
Informed Consent ◽  
Personal Information ◽  
Information Storage ◽  
Contact Tracing ◽  
Limited Information ◽  
Data Governance ◽  
Privacy Policies ◽  
Public Interests ◽  
Authorized User ◽  
Balancing Efficiency

LANGUAGE NOTE | Document text in Chinese; abstract also in English.新冠病毒疫情催生了以中國的“健康碼”和新加坡的“TraceTogether”為代表的接觸者追蹤應用程式在全球的應用和擴散。如何利用人工智慧科技,在資料治理中平衡效率與隱私倫理的闢係,成為使用數位追蹤工具進行疫情治理的國家共同面對的難題。兩國法律都規定,在收集個人資訊前必須向個人資訊主體明確告知所收集的個人資訊類型、使用個人資訊的規則,並獲得個人資訊主體的授權同意。本文通過對“健康碼”和“TraceTogether”隱私政策的對比分析發現,在應用 上,中國健康碼的使用有效幫助防控疫情,但是收集的個人資訊範園廣、處理目的多、存儲時間不明確、隱私政策内容較含糊、知情同意流於形式。新加坡的“TraceTogether”則更好地遵守了資訊收集最少夠用、資訊處理目的限定、資訊存儲時間最小化、隱私政策公開透明、知情同意等原則。中國和新加坡兩種利用資料抗疫的糢式表明,風險社會裡的資料治理需要進一步調和公共利益與個人權利,平衡治理效率和資料倫理的邊界。The COVID-19 pandemic has spawned the spread of contact-tracing applications such as China's “Health Code” and Singapore’s “TraceTogether.” Balancing efficiency and privacy ethics in data governance has become a common problem faced by all countries using digital tracing tools to control the pandemic. The laws of both China and Singapore stipulate that prior to collecting personal information, organizations and institutions must clearly inform individuals about the types of personal information collected and the rules for the use of personal information, and must obtain authorized user consent. This article analyzes the privacy policies of Health Code in China and TraceTogether in Singapore and identifies five potential problems in Health Code’s privacy policies: the broad collection of personal information, multiple processing purposes, indeterminate storage time, ambiguous privacy policy content, and the ineffectiveness of informed consent, although Health Code has been deemed an efficient tool to fight against the pandemic. Singapore’s TraceTogether adheres to the principles of minimum information collection, limited information processing purposes, minimum duration of information storage, openness and transparency of privacy policies, and informed consent. These two models for using big data in the fight against the pandemic in China and Singapore suggest that data governance needs to reconcile public interests and individual rights, and should balance governance efficiency and data ethics.DOWNLOAD HISTORY | This article has been downloaded 69 times in Digital Commons before migrating into this platform.

scholarly journals COVID-19 Contact-Tracing Apps: Analysis of the Readability of Privacy Policies (Preprint)

2020 ◽  
Author(s):  
Melvyn Zhang ◽  
Aloysius Chow ◽  
Helen Smith
Keyword(s):  
Reading Ability ◽  
Personal Information ◽  
Rapid Identification ◽  
Contact Tracing ◽  
Privacy Policies ◽  
Sensitive Data ◽  
Web Based ◽  
Flesch Reading Ease ◽  
Reading Grade Level ◽  
Complex Words

UNSTRUCTURED Apps that enable contact-tracing are instrumental in mitigating the transmission of COVID-19, but there have been concerns among users about the data collected by these apps and their management. Contact tracing is of paramount importance when dealing with a pandemic, as it allows for rapid identification of cases based on the information collected from infected individuals about other individuals they may have had recent contact with. Advances in digital technology have enabled devices such as mobile phones to be used in the contract-tracing process. However, there is a potential risk of users’ personal information and sensitive data being stolen should hackers be in the near vicinity of these devices. Thus, there is a need to develop privacy-preserving apps. Meanwhile, privacy policies that outline the risk associated with the use of contact-tracing apps are needed, in formats that are easily readable and comprehensible by the public. To our knowledge, no previous study has examined the readability of privacy policies of contact-tracings apps. Therefore, we performed a readability analysis to evaluate the comprehensibility of privacy policies of 7 contact-tracing apps currently in use. The contents of the privacy policies of these apps were assessed for readability using Readability Test Tool, a free web-based reliability calculator, which computes scores based on a number of statistics (ie, word count and the number of complex words) and indices (ie, Flesch Reading Ease, Flesch-Kincaid Reading Grade Level, Gunning Fog Index, and Simplified Measure of Gobbledygook index). Our analysis revealed that explanations used in the privacy policies of these apps require a reading grade between 7 and 14, which is considerably higher than the reading ability of the average individual. We believe that improving the readability of privacy policies of apps could be potentially reassuring for users and may help facilitate the increased use of such apps.

scholarly journals Moving Faster than the COVID-19 Pandemic: The Rapid, Digital Transformation of a Public Health System

2021 ◽  
Vol 12 (02) ◽  
pp. 229-236
Author(s):  
Clair Sullivan ◽  
Ides Wong ◽  
Emily Adams ◽  
Magid Fahim ◽  
Jon Fraser ◽  
...  
Keyword(s):  
Public Health ◽  
Health System ◽  
Public Health System ◽  
Digital Transformation ◽  
Contact Tracing ◽  
Programming Approach ◽  
Data Governance ◽  
Application Development ◽  
Containment Strategy

Abstract Background Queensland, Australia has been successful in containing the COVID-19 pandemic. Underpinning that response has been a highly effective virus containment strategy which relies on identification, isolation, and contact tracing of cases. The dramatic emergence of the COVID-19 pandemic rendered traditional paper-based systems for managing contact tracing no longer fit for purpose. A rapid digital transformation of the public health contact tracing system occurred to support this effort. Objectives The objectives of the digital transformation were to shift legacy systems (paper or standalone electronic systems) to a digitally enabled public health system, where data are centered around the consumer rather than isolated databases. The objective of this paper is to outline this case study and detail the lessons learnt to inform and give confidence to others contemplating digitization of public health systems in response to the COVID-19 pandemic. Methods This case study is set in Queensland, Australia. Universal health care is available. A multidisciplinary team was established consisting of clinical informaticians, developers, data strategists, and health information managers. An agile “pair-programming” approach was undertaken to application development and extensive change efforts were made to maximize adoption of the new digital workflows. Data governance and flows were changed to support rapid management of the pandemic. Results The digital coronavirus application (DCOVA) is a web-based application that securely captures information about people required to quarantine and creates a multiagency secure database to support a successful containment strategy. Conclusion Most of the literature surrounding digital transformation allows time for significant consultation, which was simply not possible under crisis conditions. Our observation is that staff was willing to adopt new digital systems because the reason for change (the COVID-19 pandemic) was clearly pressing. This case study highlights just how critical a unified purpose, is to successful, rapid digital transformation.

Automated Extraction and Presentation of Data Practices in Privacy Policies

2021 ◽  
Vol 2021 (2) ◽  
pp. 88-110
Author(s):  
Duc Bui ◽  
Kang G. Shin ◽  
Jong-Min Choi ◽  
Junbum Shin
Keyword(s):  
User Study ◽  
Personal Information ◽  
Personal Data ◽  
Neural Model ◽  
Automated Analysis ◽  
Entity Recognition ◽  
Automated System ◽  
Privacy Policies ◽  
Fine Grained ◽  
Data Practices

Abstract Privacy policies are documents required by law and regulations that notify users of the collection, use, and sharing of their personal information on services or applications. While the extraction of personal data objects and their usage thereon is one of the fundamental steps in their automated analysis, it remains challenging due to the complex policy statements written in legal (vague) language. Prior work is limited by small/generated datasets and manually created rules. We formulate the extraction of fine-grained personal data phrases and the corresponding data collection or sharing practices as a sequence-labeling problem that can be solved by an entity-recognition model. We create a large dataset with 4.1k sentences (97k tokens) and 2.6k annotated fine-grained data practices from 30 real-world privacy policies to train and evaluate neural networks. We present a fully automated system, called PI-Extract, which accurately extracts privacy practices by a neural model and outperforms, by a large margin, strong rule-based baselines. We conduct a user study on the effects of data practice annotation which highlights and describes the data practices extracted by PI-Extract to help users better understand privacy-policy documents. Our experimental evaluation results show that the annotation significantly improves the users’ reading comprehension of policy texts, as indicated by a 26.6% increase in the average total reading score.

The complication of cyber manhunt: How cyber manhunt further complicated the ethical conflict between breaching the confidentiality and endangering the society in face of the COVID-19 pandemic (Preprint)

2021 ◽  
Author(s):  
Yen-Chang Chen ◽  
Yen-Yuan Chen
Keyword(s):  
Public Health ◽  
Large Scale ◽  
Health Workers ◽  
Early Stage ◽  
Personal Information ◽  
Public Health Intervention ◽  
Contact Tracing ◽  
Online Activity ◽  
Contact Investigation ◽  
The Impact

UNSTRUCTURED While health care and public health workers are working on measures to mitigate the COVID-19 pandemic, there is an unprecedentedly large number of people spending much more time indoors, and relying heavily on the Internet as their lifeline. What has been overlooked is the influence of the increasing online activities on public health issues. In this article, we pointed out how a large-scale online activity called cyber manhunt may threaten to offset the efficacy of contact tracing investigation, a public health intervention considered highly effective in limiting further transmission in the early stage of a highly contagious disease outbreak such as the COVID-19 pandemic. In the first section, we presented a case to show how personal information obtained from contact investigation and disclosed in part on the media provoked a vehement cyber manhunt. We then discussed the possible reasons why netizens collaborate to reveal anonymized personal information about contact investigation, and specify, from the perspective of public health and public health ethics, four problems of cyber manhunt, including the lack of legitimate public health goals, the concerns about privacy breach, the impact of misinformation, and social inequality. Based on our analysis, we concluded that more moral weight may be given to protecting one's confidentiality, especially in an era with the rapid advance of digital and information technologies.

Information Privacy

2013 ◽  
pp. 52-69
Author(s):  
Garry L. White ◽  
Francis A. Méndez Mediavilla ◽  
Jaymeen R. Shah
Keyword(s):  
Personal Information ◽  
The United States ◽  
Information Privacy ◽  
Multinational Companies ◽  
Privacy Policies ◽  
Corporate Managers ◽  
Secondary Use ◽  
Privacy Laws ◽  
Foreign Countries ◽  
Corporate Information

In the Web dependent world, companies must respect and protect individuals’ information privacy. Companies develop and implement corporate information privacy policies to comply with the domestic and international information privacy laws and regulations. This paper investigates: (a) the approach used by multinational and domestic companies to develop and implement corporate information privacy policies; and (b) the perception of corporate managers/professionals toward information privacy legislation and secondary use of personally identifiable information (PII) that organizations collect. A survey was conducted to collect data from corporate CEOs, managers, and technical professionals of national and multinational companies. Findings indicate the following: 1) Views regarding the practicality and effectiveness of information privacy legislations are similar for respondents from the national and multinational companies. 2) Respondents are undecided about whether the privacy laws of the United States and foreign countries are equally restrictive. 3) Multinational companies do not favor developing and implementing uniform information privacy policies or different information privacy policies across countries of operations. 4) Respondents strongly agreed that unauthorized secondary use of personal information is unacceptable.

The Dutch Participation Society Needs Open Data, but What is Meant by Open?

2017 ◽  
pp. 304-322
Author(s):  
Roel During ◽  
Marcel Pleijte ◽  
Rosalie I. van Dam ◽  
Irini E. Salverda
Keyword(s):  
Social Action ◽  
Web Sites ◽  
Information Exchange ◽  
Personal Information ◽  
Open Data ◽  
Data Access ◽  
Representative Democracy ◽  
Sensitive Information ◽  
Data Governance ◽  
Societal Benefit

Open data and citizen-led initiatives can be both friends and foes. Where it is available and ‘open', official data not only encourages increased public participation but can also generate the production and scrutiny of new material, potentially of benefit to the original provider and others, official or otherwise. In this way, official open data can be seen to improve democracy or, more accurately, the so-called ‘participative democracy'. On the other hand, the public is not always eager to share their personal information in the most open ways. Private and sometimes sensitive information however is required to initiate projects of societal benefit in difficult times. Many citizens appear content to channel personal information exchange via social media instead of putting it on public web sites. The perceived benefits from sharing and complete openness do not outweigh any disadvantages or fear of regulation. This is caused by various sources of contingency, such as the different appeals on citizens, construed in discourses on the participation society and the representative democracy, calling for social openness in the first and privacy protection in the latter. Moreover, the discourse on open data is an economic argument fighting the rules of privacy instead of the promotion of open data as one of the prerequisites for social action. Civil servants acknowledge that access to open data via all sorts of apps could contribute to the mushrooming of public initiatives, but are reluctant to release person-related sensitive information. The authors will describe and discuss this dilemma in the context of some recent case studies from the Netherlands concerning governmental programmes on open data and citizens' initiatives, to highlight both the governance constraints and uncertainties as well as citizens' concerns on data access and data sharing. It will be shown that openness has a different meaning and understanding in the participation society and representative democracy: i.e. the tension surrounding the sharing of private social information versus transparency. Looking from both sides at openness reveals double contingency: understanding and intentions on this openness invokes mutual enforcing uncertainties. This double contingency hampers citizens' eagerness to participate. The paper will conclude with a practical recommendation for improving data governance.

An Analysis of Online Privacy Policies of Fortune 100 Companies

2009 ◽  
pp. 269-283
Author(s):  
Suhong Li
Keyword(s):  
Personal Information ◽  
Online Privacy ◽  
Third Party ◽  
Security Requirements ◽  
Current Status ◽  
Safe Harbor ◽  
Privacy Policy ◽  
Privacy Policies ◽  
Fair Information Practices ◽  
Fortune 100

The purpose of this chapter is to investigate the current status of online privacy policies of Fortune 100 Companies. It was found that 94% of the surveyed companies have posted an online privacy policy and 82% of them collect personal information from consumers. The majority of the companies only partially follow the four principles (notice, choice, access, and security) of fair information practices. For example, most of the organizations give consumers some notice and choice in term of the collection and use of their personal information. However, organizations fall short in security requirements. Only 19% of organizations mention that they have taken steps to provide security for information both during transmission and after their sites have received the information. The results also reveal that a few organizations have obtained third-party privacy seals including TRUSTe, BBBOnline Privacy, and Safe Harbor.

Privacy Control and Assurance

2009 ◽  
pp. 165-189
Author(s):  
Alan Rea ◽  
Kuanchin Chen
Keyword(s):  
Personal Information ◽  
Privacy Policies ◽  
User Interactions ◽  
Survey Results ◽  
Targeted Marketing ◽  
Web Surfing ◽  
Policies And Practices

Protecting personal information while Web surfing has become a struggle. This is especially the case when transactions require a modicum of trust to be successfully completed. E-businesses argue that they need personal information so they can create viable data to tailor user interactions and provide targeted marketing. However; users are wary of providing personal information because they lack trust in e-businesses’ personal information policies and practices. E-businesses have attempted to mitigate user apprehension and build a relationship base in B2C transactions to facilitate the sharing of personal information. Some efforts have been successful. This chapter presents survey results that suggest a relationship between gender and how users control personal information. The findings suggest that e-businesses should modify information and privacy policies to increase information and transactional exchanges.

scholarly journals Epidemiological trend of COVID-19 in Nepal and the importance of social distancing to contain the virus

2020 ◽  
Vol 1 (1) ◽  
pp. 15-25
Author(s):  
Amod K. Pokhrel ◽  
Yadav P. Joshi ◽  
Sopnil Bhattarai
Keyword(s):  
Mitigation Measures ◽  
Contact Tracing ◽  
Limited Information ◽  
Social Distancing ◽  
Mobility Data ◽  
Epidemiological Trend ◽  
Reproduction Numbers ◽  
The Government ◽  
Testing Case ◽  
The Impact

There is limited information on the epidemiology and the effects of mitigation measures on the spread of COVID-19 in Nepal. Using publicly available databases, we analyzed the epidemiological trend, the people's movement trends at different intervals across different categories of places and evaluated implications of social mobility on COVID-19. We also estimated the epidemic peak. As of June 9, 2020, Provinces 2 and 5 have most of the cases. People between 15 and 54 years are vulnerable to becoming infected, and more males than females are affected. The cases are growing exponentially. The growth rate of 0.13 and >1 reproduction numbers (R0) over time (median: 1.48; minimum: 0.58, and maximum: 3.71) confirms this trend. The case doubling time is five days. Google's community mobility data suggest that people strictly followed social distancing measures for one month after the lockdown. By around the 4th week of April, the individual's movement started rising, and social contacts increased. The number of cases peaked on May 12, with 83 confirmed cases in one day. The Susceptible-Exposed-Infectious-Removed (SEIR) model suggests that the epidemic will peak approximately on day 41 (July 21, 2020), and start to plateau after day 80. To contain the spread of the virus, people should maintain social distancing. The Government needs to continue active surveillance, more PCR-based testing, case detection, contact tracing, isolation, and quarantine. The Government should also provide financial support and safety-nets to the citizen to limit the impact of COVID-19.

scholarly journals Attitudes and Knowledge of Adolescents in Jordan Regarding the Ethics of Social Media Data Use for Research Purposes

2020 ◽  
Vol 15 (1-2) ◽  
pp. 87-96
Author(s):  
Hiba Wazeer Al Zou’bi ◽  
Moawiah Khatatbeh ◽  
Karem H. Alzoubi ◽  
Omar F. Khabour ◽  
Wael K. Al-Delaimy
Keyword(s):  
Social Media ◽  
Informed Consent ◽  
Online Survey ◽  
Personal Information ◽  
Data Use ◽  
Ethical Aspects ◽  
Social Media Data ◽  
Attitudes And Knowledge ◽  
Media Data ◽  
Research Studies

This study assessed the awareness and attitudes of adolescents in Jordan concerning the ethics of using their social media data for scientific studies. Using an online survey, 393 adolescents were recruited (mean age: 17.2 years ± 1.8). The results showed that 88% of participants were using their real personal information on social media sites, with males more likely to provide their information than females. More than two thirds of participants (72.5%) were aware that researchers may use their data for research purposes, with the majority believing that informed consent must be obtained from both the adolescents and their parents. However, more than three quarters of those surveyed (76%) did not trust the results of research that depended on collecting data from social media. These findings suggest that adolescents in Jordan understood most of the ethical aspects related to the utilization of their data from social media websites for research studies.

Sign in / Sign up

Export Citation Format

Share Document