scholarly journals 'Dark Patterns': the case for regulatory pluralism

2020 ◽  
Author(s):  
Mark Leiser
Keyword(s):  
Data Privacy ◽  
Personal Data ◽  
Regulatory Regime ◽  
Privacy By Design ◽  
Legal Requirements ◽  
Legal Principles ◽  
Regulatory Perspective ◽  
Pluralistic Approach ◽  
Web Designers ◽  
The Web

‘Dark patterns’ is a term commonly used by the web collective to describe a user interface that exploits users into doing something that they would not normally do. It is a coercive and manipulative design technique used by web designers when some sort of action is needed from a user - typically to begin the processing of personal data or indication of agreement to a contract. As dark patterns can compromise legal requirements like consent and privacy-by-design and legal principles found in both regimes, like fairness and transparency, this article analyses ‘dark patterns’ from a regulatory perspective. Two frameworks are critiqued: the European Union’s regime for data privacy and consumer protection. The paper also provides an overview of the enforcement measures available for the regulation of dark patterns. It concludes that a pluralistic approach that mixes the strengths of one regulatory regime while compensating for its weaknesses by the use of the other is needed to harness dark patterns.

scholarly journals A Systematic Mapping Study on Privacy by Design in Software Engineering

2019 ◽  
Vol 22 (1) ◽  
Author(s):  
Miguel Ehecatl Morales-Trujillo ◽  
Gabriel Alberto García-Mireles ◽  
Erick Orlando Matla-Cruz ◽  
Mario Piattini
Keyword(s):  
Software Development ◽  
Data Privacy ◽  
Theoretical Perspective ◽  
Relevant Literature ◽  
Personal Data ◽  
Software Systems ◽  
Systematic Mapping Study ◽  
Privacy By Design ◽  
Mapping Study ◽  
Systematic Mapping

Protecting personal data in current software systems is a complex issue that requires legal regulations and constraints to manage personal data as well as a methodological support to develop software systems that would safeguard data privacy of their respective users. Privacy by Design (PbD) approach has been proposed to address this issue and has been applied to systems development in a variety of application domains. The aim of this work is to determine the presence of PbD and its extent in software development efforts. A systematic mapping study was conducted in order to identify relevant literature that collects PbD principles and goals in software development as well as methods and/or practices that support privacy aware software development. 53 selected papers address PbD mostly from a theoretical perspective with proposals validation based primarily on experiences or examples. The findings suggest that there is a need to develop privacy-aware methods to be integrated at all stages of software development life cycle and validate them in industrial settings.

The Risks of Mobile Payment and Regulatory Responses: A Hong Kong Perspective

2020 ◽  
Vol 7 (2) ◽  
pp. 325-343
Author(s):  
Robin Hui HUANG ◽  
Cynthia Sze Wai CHEUNG ◽  
Christine Meng Lu WANG
Keyword(s):  
Hong Kong ◽  
Data Privacy ◽  
Personal Data ◽  
Regulatory Framework ◽  
Mobile Payment ◽  
Regulatory Regime ◽  
Financial Industry ◽  
Fast Growing ◽  
Financial Centre ◽  
Disruptive Technologies

AbstractMobile payment generally refers to transactions made through the applications of a portable electronic gadget without the transfer of cash. As one of the most disruptive technologies for finance, mobile payment has been rapidly transforming the traditional financial industry. While it brings important benefits, there are also various risks, in terms of liquidity, security, and data privacy, that call for adequate regulatory responses. As a global financial centre, Hong Kong has gradually established a regulatory framework for mobile payment, addressing the relevant risks with rules on payment and privacy. However, there is still room for further improvement, in terms of measures to deal with cybersecurity issues and strengthen the protection of personal data. The Hong Kong experiences suggest that, to regulate a new and fast-growing industry such as mobile payment, the regulatory regime needs to be improved continuously to alleviate the risk concerns, so as to enhance the protection of financial consumers and society at large.

scholarly journals When Data Protection by Design and Data Subject Rights Clash

2018 ◽  
Author(s):  
Michael Veale ◽  
Reuben Binns ◽  
Jef Ausloos
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Personal Data ◽  
Large Data ◽  
Holistic Approach ◽  
Privacy By Design ◽  
Privacy Law ◽  
Ex Post ◽  
Trade Offs ◽  
Data Subject

Cite as: Michael Veale, Reuben Binns and Jef Ausloos (2018) When Data Protection by Design and Data Subject Rights Clash. International Data Privacy Law (2018) doi:10.1093/idpl/ipy002. [Note: An earlier draft was entitled "We Can't Find Your Data, But A Hacker Could: How 'Privacy by Design' Trades-Off Data Protection Rights"]Abstract➔Data Protection by Design (DPbD), a holistic approach to embedding principles in technical and organisational measures undertaken by data controllers, building on the notion of Privacy by Design, is now a qualified duty in the GDPR.➔Practitioners have seen DPbD less holistically, instead framing it through the confidentiality-focussed lens of Privacy Enhancing Technologies (PETs).➔While focussing primarily on confidentiality risk, we show that some DPbD strategies deployed by large data controllers result in personal data which, despite remaining clearly reidentifiable by a capable adversary, make it difficult for the controller to grant data subjects rights (eg access, erasure, objection) over for the purposes of managing this risk.➔Informed by case studies of Apple's Siri voice assistant and Transport for London's Wi-Fi analytics, we suggest three main ways to make deployed DPbD more accountable and data subject-centric: building parallel systems to fulfil rights, including dealing with volunteered data; making inevitable trade-offs more explicit and transparent through Data Protection Impact Assessments; and through ex ante and ex post information rights (arts 13-15), which we argue may require the provision of information concerning DPbD trade-offs.➔Despite steep technical hurdles, we call both for researchers in PETs to develop rigorous techniques to balance privacy-as-control with privacy-as-confidentiality, and for DPAs to consider tailoring guidance and future frameworks to better oversee the trade-offs being made by primarily well-intentioned data controllers employing DPbD.

Solving the Internet Jurisdiction Puzzle

2017 ◽  
Author(s):  
Dan Jerker B. Svantesson
Keyword(s):  
International Law ◽  
Cyber Security ◽  
Data Privacy ◽  
Modern World ◽  
The Internet ◽  
Private International Law ◽  
Reform Initiatives ◽  
Legal Principles ◽  
Privacy Law ◽  
History Of

Internet jurisdiction has emerged as one of the greatest and most urgent challenges online, severely affecting areas as diverse as e-commerce, data privacy, law enforcement, content take-downs, cloud computing, e-health, Cyber security, intellectual property, freedom of speech, and Cyberwar. In this innovative book, Professor Svantesson presents a vision for a new approach to Internet jurisdiction––for both private international law and public international law––based on sixteen years of research dedicated specifically to the topic. The book demonstrates that our current paradigm remains attached to a territorial thinking that is out of sync with our modern world, especially, but not only, online. Having made the claim that our adherence to the territoriality principle is based more on habit than on any clear and universally accepted legal principles, Professor Svantesson advances a new jurisprudential framework for how we approach jurisdiction. He also proposes several other reform initiatives such as the concept of ‘investigative jurisdiction’ and an approach to geo-blocking, aimed at equipping us to solve the Internet jurisdiction puzzle. In addition, the book provides a history of Internet jurisdiction, and challenges our traditional categorisation of different types of jurisdiction. It places Internet jurisdiction in a broader context and outlines methods for how properly to understand and work with rules of Internet jurisdiction. While Solving the Internet Puzzle paints a clear picture of the concerns involved and the problems that needs to be overcome, this book is distinctly aimed at finding practical solutions anchored in a solid theoretical framework.

Personal Data Broker: A Solution to Assure Data Privacy in EdTech

2019 ◽  
pp. 3-14
Author(s):  
Daniel Amo ◽  
David Fonseca ◽  
Marc Alier ◽  
Francisco José García-Peñalvo ◽  
María José Casañ ◽  
...  
Keyword(s):  
Data Privacy ◽  
Personal Data ◽  
Data Broker

scholarly journals Clinical Research Informatics Contributions from 2015

2016 ◽  
Vol 25 (01) ◽  
pp. 219-223
Author(s):  
R. Choquet ◽  
C. Daniel ◽  
Keyword(s):  
Clinical Research ◽  
Data Privacy ◽  
Design Stage ◽  
Editorial Team ◽  
Legal Requirements ◽  
Double Blind ◽  
Blind Review ◽  
Healthcare Data ◽  
Clinical Research Informatics ◽  
Electronic Health

Summary Objectives: To summarize key contributions to current research in the field of Clinical Research Informatics (CRI) and to select best papers published in 2015. Method: A bibliographic search using a combination of MeSH and free terms search over PubMed on Clinical Research Informatics (CRI) was performed followed by a double-blind review in order to select a list of candidate best papers to be then peer-reviewed by external reviewers. A consensus meeting between the two section editors and the editorial team was finally organized to conclude on the selection of best papers. Results: Among the 579 returned papers published in the past year in the various areas of Clinical Research Informatics (CRI) - i) methods supporting clinical research, ii) data sharing and interoperability, iii) re-use of healthcare data for research, iv) patient recruitment and engagement, v) data privacy, security and regulatory issues and vi) policy and perspectives - the full review process selected four best papers. The first selected paper evaluates the capability of the Clinical Data Interchange Standards Consortium (CDISC) Operational Data Model (ODM) to support the representation of case report forms (in both the design stage and with patient level data) during a complete clinical study lifecycle. The second selected paper describes a prototype for secondary use of electronic health records data captured in non-standardized text. The third selected paper presents a privacy preserving electronic health record linkage tool and the last selected paper describes how big data use in US relies on access to health information governed by varying and often misunderstood legal requirements and ethical considerations. Conclusions: A major trend in the 2015 publications is the analysis of observational, “nonexperimental” information and the potential biases and confounding factors hidden in the data that will have to be carefully taken into account to validate new predictive models. In addiction, researchers have to understand complicated and sometimes contradictory legal requirements and to consider ethical obligations in order to balance privacy and promoting discovery.

scholarly journals Solutions to Big Data Privacy and Security Challenges Associated With COVID-19 Surveillance Systems

2021 ◽  
Vol 4 ◽  
Author(s):  
Vibhushinie Bentotahewa ◽  
Chaminda Hewage ◽  
Jason Williams
Keyword(s):  
Big Data ◽  
Data Privacy ◽  
Personal Data ◽  
Surveillance Systems ◽  
Privacy Rights ◽  
Personal Privacy ◽  
Privacy And Security ◽  
Digital Surveillance ◽  
Feasible Solutions ◽  
The Impact

The growing dependency on digital technologies is becoming a way of life, and at the same time, the collection of data using them for surveillance operations has raised concerns. Notably, some countries use digital surveillance technologies for tracking and monitoring individuals and populations to prevent the transmission of the new coronavirus. The technology has the capacity to contribute towards tackling the pandemic effectively, but the success also comes at the expense of privacy rights. The crucial point to make is regardless of who uses and which mechanism, in one way another will infringe personal privacy. Therefore, when considering the use of technologies to combat the pandemic, the focus should also be on the impact of facial recognition cameras, police surveillance drones, and other digital surveillance devices on the privacy rights of those under surveillance. The GDPR was established to ensure that information could be shared without causing any infringement on personal data and businesses; therefore, in generating Big Data, it is important to ensure that the information is securely collected, processed, transmitted, stored, and accessed in accordance with established rules. This paper focuses on Big Data challenges associated with surveillance methods used within the COVID-19 parameters. The aim of this research is to propose practical solutions to Big Data challenges associated with COVID-19 pandemic surveillance approaches. To that end, the researcher will identify the surveillance measures being used by countries in different regions, the sensitivity of generated data, and the issues associated with the collection of large volumes of data and finally propose feasible solutions to protect the privacy rights of the people, during the post-COVID-19 era.

scholarly journals Role of Legal Principles in Eliminating and Minimizing the Risks of Genomic Technologies

Lex Russica ◽  
2019 ◽  
pp. 121-128 ◽  
Author(s):  
M. N. Maleina
Keyword(s):  
Genetic Information ◽  
Personal Data ◽  
Negative Consequences ◽  
Genetic Characteristics ◽  
Legal Principles ◽  
Genomic Technologies ◽  
Preventive Actions ◽  
The Individual ◽  
Modern Genomic

The use of modern genomic technologies, along with the benefits to the man and society, can lead to negative consequences. Such risks exist both in the process and after the production, isolation, modification, storage of DNA. Prior to detailed legislative regulation of relations regarding the use of genomic technologies for medicinal purposes and not for medical reasons, legal principles become vital.The paper formulates the following basic legal principles of genomic technologies application: the principle of preventive actions of the state to protect citizens from the risks of using genomic technologies; the principle of preserving the human genome as a special species; the principle of guaranteeing the inviolability of the individual of every citizen when using genomic technologies; the principle of priority of life and health of citizens over the interests of science and society; the principle of equality of citizens regardless of genetic characteristics; the principle of protection of genetic information of every citizen as part of personal data; the principle of guaranteeing access to the citizen’s own genetic information. Legal principles can be used to resolve a dispute by analogy of law.

scholarly journals Saving the web by decentralizing data networks? A socio-technical reflection on the promise of decentralization and personal data stores

2021 ◽  
Author(s):  
Peter Mechant ◽  
Ralf De Wolf ◽  
Mathias Van Compernolle ◽  
Glen Joris ◽  
Tom Evens ◽  
...  
Keyword(s):  
Personal Data ◽  
Data Networks ◽  
The Web
Sign in / Sign up

Export Citation Format

Share Document