Data Breaches - Staying safe online in 21st Century

International Journal for Modern Trends in Science and Technology - RTT2020 ◽

10.46501/ijmtst0702023 ◽

2021 ◽

pp. 133-139

Keyword(s):

Data Privacy ◽

Personal Information ◽

Personal Data ◽

Cyber Attacks ◽

Security And Privacy ◽

Personal Health ◽

Online Data ◽

Health Records ◽

Travel Information ◽

Data Breaches

A breach of data is a reported occurrence where private, sensitive, or covered records have been compromised and/or released unlawfully mostly due to cyber attacks or theft. Breach of data can include personal health records, personal information, travel information, trade secrets, intellectual property, or information you provided to or is stored on a platform. Data revealed to breaches pose a security and privacy risk to Users around the world. Despite these, guidelines on how organizations can react to breaches, or how to manage information securely once it has leaked, still haveto be established. More than 3 billion people suffered and became victims of data breaches and cyber attacks in the last two decades leading to loss of personal data as well as monetary loss. This research paper conducts real time research about awareness of data privacy, kind of data/information that needs to be protected, basic protocols for staying safe online, and some of the biggest corporate data breaches that happened in this century. We bring people from different cities of India in this study through a survey and use the data provided by these 150 participants to examine their understanding of data privacy, their concern regarding their online data and the practices they follow in their daily life to keep their online data safe in this age of computers and internet.

Download Full-text

That’s Private! Understanding Travelers’ Privacy Concerns and Online Data Disclosure

Journal of Travel Research ◽

10.1177/0047287520951642 ◽

2020 ◽

pp. 004728752095164

Author(s):

Athina Ioannou ◽

Iis Tussyadiah ◽

Graham Miller

Keyword(s):

Data Privacy ◽

Personal Information ◽

Empirical Studies ◽

Personal Data ◽

Tourism Industry ◽

Online Data ◽

Biometric Data ◽

Identity Verification ◽

Privacy Concerns ◽

Travel And Tourism

Against the backdrop of advancements in technology and its deployment by companies and governments to collect sensitive personal information, information privacy has become an issue of great interest for academics, practitioners, and the general public. The travel and tourism industry has been pioneering the collection and use of biometric data for identity verification. Yet, privacy research focusing on the travel context is scarce. This study developed a valid measurement of Travelers’ Online Privacy Concerns (TOPC) through a series of empirical studies: pilot ( n=277) and cross-validation ( n=287). TOPC was then assessed for its predictive validity in its relationships with trust, risk, and intention to disclose four types of personal data: biometric, identifiers, biographic, and behavioral data ( n=685). Results highlight the role of trust in mitigating the relationship between travelers’ privacy concerns and data disclosure. This study provides valuable contribution to research and practice on data privacy in travel.

Download Full-text

Public attitudes towards algorithmic personalization and use of personal data online: evidence from Germany, Great Britain, and the United States

Humanities and Social Sciences Communications ◽

10.1057/s41599-021-00787-w ◽

2021 ◽

Vol 8 (1) ◽

Author(s):

Anastasia Kozyreva ◽

Philipp Lorenz-Spreen ◽

Ralph Hertwig ◽

Stephan Lewandowsky ◽

Stefan M. Herzog

Keyword(s):

United States ◽

Great Britain ◽

Data Privacy ◽

Large Scale ◽

Personal Information ◽

Public Attitudes ◽

Personal Data ◽

The United States ◽

Individual Level ◽

Personalized Services

AbstractPeople rely on data-driven AI technologies nearly every time they go online, whether they are shopping, scrolling through news feeds, or looking for entertainment. Yet despite their ubiquity, personalization algorithms and the associated large-scale collection of personal data have largely escaped public scrutiny. Policy makers who wish to introduce regulations that respect people’s attitudes towards privacy and algorithmic personalization on the Internet would greatly benefit from knowing how people perceive personalization and personal data collection. To contribute to an empirical foundation for this knowledge, we surveyed public attitudes towards key aspects of algorithmic personalization and people’s data privacy concerns and behavior using representative online samples in Germany (N = 1065), Great Britain (N = 1092), and the United States (N = 1059). Our findings show that people object to the collection and use of sensitive personal information and to the personalization of political campaigning and, in Germany and Great Britain, to the personalization of news sources. Encouragingly, attitudes are independent of political preferences: People across the political spectrum share the same concerns about their data privacy and show similar levels of acceptance regarding personalized digital services and the use of private data for personalization. We also found an acceptability gap: People are more accepting of personalized services than of the collection of personal data and information required for these services. A large majority of respondents rated, on average, personalized services as more acceptable than the collection of personal information or data. The acceptability gap can be observed at both the aggregate and the individual level. Across countries, between 64% and 75% of respondents showed an acceptability gap. Our findings suggest a need for transparent algorithmic personalization that minimizes use of personal data, respects people’s preferences on personalization, is easy to adjust, and does not extend to political advertising.

Download Full-text

School Districts Stumbled on Data Privacy

Cases on Educational Technology Integration in Urban Schools ◽

10.4018/978-1-61350-492-5.ch004 ◽

2012 ◽

pp. 12-15 ◽

Cited By ~ 3

Author(s):

Irene Chen

Keyword(s):

Public Schools ◽

School Districts ◽

Middle Schools ◽

Social Security ◽

Private Information ◽

Web Site ◽

Data Privacy ◽

Personal Information ◽

Personal Data ◽

Short Period

The story describes how three school institutes are grappling with the loss of private information, each through a unique set of circumstances. Pasadena City Public Schools discovered that it had sold several computers containing the names and Social Security numbers of employees as surplus. Stephens Public Schools learned that personal information about students at one of its middle schools was lost when a bag containing a thumb drive was stolen. Also, Woodlands Public Schools accidentally exposed employee personal data on a public Web site for a short period of time. How should each of the institutes react?

Download Full-text

A Survey and a Case-Study Regarding Social Media Security and Privacy on Greek Future IT Professionals

International Journal of Human Capital and Information Technology Professionals ◽

10.4018/ijhcitp.2019010102 ◽

2019 ◽

Vol 10 (1) ◽

pp. 22-37 ◽

Cited By ~ 1

Author(s):

Venetis Kanakaris ◽

Georgios Lampropoulos ◽

Kerstin Siakas

Keyword(s):

Social Media ◽

Negative Impact ◽

Personal Information ◽

Personal Data ◽

Security And Privacy ◽

It Professionals ◽

Online Questionnaire ◽

Social Media Platforms ◽

Use Of Social Media

Nowadays, social media and social networks are increasingly used in business as they have drastically changed the way the community works, communicates, collaborates, socialises, creates content and shares knowledge and ideas. However, in particular, IT professionals and practitioners need to be aware of online security and privacy issues and the potential negative impact that they may cause on different aspects of business, such as online breaches or information theft. The use of social media inevitably leads to disclosure of personal information, with the use of open-source intelligence (OSINT) and other similar techniques. Hence, the aim of this article is twofold, namely first to show results of a survey towards future Greek IT practitioners regarding awareness and viewpoints of social media users concerning security and privacy on social media. More specifically the study was based on responses and viewpoints of 178 Greek electrical engineering and IT students to an online questionnaire. Secondly, the aim is also to show how easily a potential malicious user can anonymously track and retrieve sensitive personal information in an automated and undetectable way from popular social media platforms by using publicly available information, resources, and tools. The results of the survey show that most of the respondents are aware of the privacy settings of the social media platforms they use. However, they consider that they should be more careful concerning personal data and whom they add as friends or followers and they do not feel comfortable with the fact that a stranger might be able to access their personal information through their publications on social media platforms.The case study indicates that it is possible for malicious users to acquire sensitive personal data (e.g. user's location via tweets and instas from smartphones). In addition, the ability to map activity could allow malicious users to track the activities of unsuspected users and predict their future locations.

Download Full-text

Internet Industry Data Openness and Personal Information Protection Based on Privacy Laws

10.21203/rs.3.rs-924655/v1 ◽

2021 ◽

Author(s):

Yurong Gao ◽

Yiping Guo ◽

Awais Khan Jumani ◽

Achyut Shankar

Keyword(s):

Data Protection ◽

Data Privacy ◽

Personal Information ◽

Open Data ◽

Personal Data ◽

International Standards ◽

Information Protection ◽

Technical Standards ◽

Consumption Ratio ◽

Personal Information Protection

Abstract Data security needs a comprehensive system design approach that combines legal, administrative, and technical protection. These laws generally contain complete rules and principles relevant to the collecting, storing, and using personal information in line with international standards on privacy and data protection. Personal data should be legally collected for a specified reason and not be used without authorization for unlawful monitoring or profiling by governments or third parties. In advocacy and open data activity, increasing attention has been placed on privacy problems. To secure the protection of this data, the Privacy Law (PL) and the Regulations typically put forth industrial and technical standards on IT systems that hold and handle personal data. Concerns about information privacy are genuine, valid, and exacerbated on the Internet of Things (IoT) and Cyber-Physical Systems (CPS). This article suggests that compliance with IoT and CPS Data Privacy (DP) at technical and non-technical levels should be dealt with. The proposed architecture is then coupled with a reference framework for the business architecture to offer a DP-IoT model focused on the industry and technology and positioned to comply with the Personal Information Protection Act (POPI). Therefore, methods are necessary to protect data privacy based on both system and organizational reference designs. In the end, users should have specific rights to information about them, including the capacity and method to seek recourse to protect such rights, to acquire and amend incorrect details. The DP-IoT model shows a privacy ratio of 92.6%, scalability ratio of 91.5, data management ratio of 94.3%, data protection ratio of 96.7%, customer satisfaction rate of 92.2 %, attack prevention ratio of 95.5% and energy consumption ratio of 25.5 % compared to the existing methods.

Download Full-text

OpenEHR and General Data Protection Regulation: Evaluation of Principles and Requirements (Preprint)

10.2196/preprints.9845 ◽

2018 ◽

Author(s):

Duarte Gonçalves-Ferreira ◽

Mariana Sousa ◽

Gustavo M Bacelar-Silva ◽

Samuel Frade ◽

Luís Filipe Antunes ◽

...

Keyword(s):

Data Protection ◽

Personal Data ◽

Design Principles ◽

Security And Privacy ◽

The European Union ◽

Health Records ◽

General Data Protection Regulation ◽

Personal Data Protection ◽

General Data ◽

The Common

BACKGROUND Concerns about privacy and personal data protection resulted in reforms of the existing legislation in the European Union (EU). The General Data Protection Regulation (GDPR) aims to reform the existing directive on the topic of personal data protection of EU citizens with a strong emphasis on more control of the citizens over their data and in the establishment of rules for the processing of personal data. OpenEHR is a standard that embodies many principles of interoperable and secure software for electronic health records (EHRs) and has been advocated as the best approach for the development of hospital information systems. OBJECTIVE This study aimed to understand to what extent the openEHR standard can help in the compliance of EHR systems to the GDPR requirements. METHODS A list of requirements for an EHR to support GDPR compliance and also a list of the openEHR design principles were made. The requirements were categorized and compared with the principles by experts on openEHR and GDPR. RESULTS A total of 50 GDPR requirements and 8 openEHR design principles were identified. The openEHR principles conformed to 30% (15/50) of GDPR requirements. All the openEHR principles were aligned with GDPR requirements. CONCLUSIONS This study showed that the openEHR principles conform well to GDPR, underlining the common wisdom that truly realizing security and privacy requires it to be built in from the start. By using an openEHR-based EHR, the institutions are closer to becoming compliant with GDPR while safeguarding the medical data.

Download Full-text

An Overview Of Consumer Perceptions And Acceptance As Well As Barriers And Potential Of Electronic Personal Health Records

American Journal of Health Sciences (AJHS) ◽

10.19030/ajhs.v2i2.6627 ◽

2011 ◽

Vol 2 (2) ◽

pp. 45-52 ◽

Cited By ~ 8

Author(s):

Brett Pirtle ◽

Ashish Chandra

Keyword(s):

Personal Health Record ◽

Error Rates ◽

Security And Privacy ◽

Personal Health ◽

Privacy And Security ◽

Health Records ◽

Data Formats ◽

Electronic Personal Health Record ◽

Electronic Personal Health Records ◽

Ehr Adoption

Healthcare industry leaders, government agencies and the general public are beginning to see the value that Electronic Health Records (EHR) systems bring through increased quality, reduced medical error rates, and improved care coordination. One subset of the EHR, known as the electronic personal health record (PHR), is gaining in popularity. Before PHRs will be widely adopted, many barriers to their use must be overcome. These include the costs to the developer, host, and patient. Patient access to electronic resources is a concern. Interoperability is another problem. It is not practical for physicians to convert different data formats so that different PHRs may be adopted. Finally, privacy and security concerns also impact EHR adoption. Patients want assurance that their data is secure and not used for marketing purposes. Despite these barriers, there is high consumer interest in PHR products. In future, it is expected that PHR programs will be certified, security and privacy will be enforced by legislation, and standards for interoperability will be developed. PHR will also incorporate additional decision support aids and may become part of a social network that promotes peer support for positive behavior change. This paper will provide an overview of all these issues pertaining to PHR.

Download Full-text

Auditing Privacy for Cloud-Based EHR Systems

E-Health and Telemedicine ◽

10.4018/978-1-4666-8756-1.ch074 ◽

2016 ◽

pp. 1465-1487

Author(s):

Jonathan Sinclair ◽

Benoit Hudzia ◽

Alan Stewart

Keyword(s):

Data Privacy ◽

Service Providers ◽

Personal Data ◽

Cloud Service ◽

Customer Relationship ◽

Security And Privacy ◽

Audit Data ◽

Personally Identifiable Information ◽

Processing And Storage ◽

Electronic Health Information

An EHR is a modern specialisation of a Customer Relationship Management that specifically focuses on the collection and exchange of electronic health information about individual patients between healthcare organisations. Electronic Heath Records systems hold personally identifiable information, especially that which falls under the category of sensitive personal data. As with all industries, the eHealth industry sees potential in cloud-based service offerings and the reduced infrastructure cost they imply, whilst realising the issues regarding security and privacy that may be encountered from outsourcing processing and storage to untrustworthy Cloud Service Providers (CSPs). In this chapter, the authors propose an approach to handle and audit data privacy requirements by leveraging a carefully designed architecture deployed for auditing data privacy in cloud ecosystems.

Download Full-text

Identity, Credibility, and Trust in Social Networking Sites

Social Network Engineering for Secure Web Data and Services ◽

10.4018/978-1-4666-3926-3.ch002 ◽

2013 ◽

pp. 5-31 ◽

Cited By ~ 2

Author(s):

Stefania Manca ◽

Maria Ranieri

Keyword(s):

Social Studies ◽

Social Networking ◽

Social Networking Sites ◽

Personal Information ◽

Personal Data ◽

Security And Privacy ◽

Privacy And Security ◽

Privacy Threats ◽

Digital Environments

Over recent years, the notions of identity, credibility and trust in digital contexts have been gaining renewed interest from scholars in different fields (from social studies to engineering and computer science), especially for their consequences for privacy and security. Emerging and urgent questions are: What does the management of online personal data entail? How much personal information are we entitled to share with others? What measures do people usually adopt to protect their identity and privacy? Are they always aware of the risks they may run? What consequences may emerge in the long term if cautions are ignored? These are some of the questions that should be addressed by users, experts and scholars engaged with digital environments, especially social networking sites. This chapter focuses on these issues trying to provide a wide overview of the current literature on identity, credibility and trust, and their implications for privacy and security, from the perspective of social and behavioral sciences. Some measures provided by experts on how to protect against the most common security and privacy threats are also outlined.

Download Full-text

Data confidentiality and computations hiding in cloud services for public administration

Computer Science and Mathematical Modelling ◽

10.5604/01.3001.0012.2001 ◽

2018 ◽

Vol 0 (7/2018) ◽

pp. 11-18

Author(s):

Aleksandra Horubała ◽

Daniel Waszkiewicz ◽

Michał Andrzejczak ◽

Piotr Sapiecha

Keyword(s):

Public Administration ◽

Data Privacy ◽

Homomorphic Encryption ◽

Personal Data ◽

Cloud Services ◽

Security And Privacy ◽

Data Confidentiality ◽

Encryption Schemes

Cloud services are gaining interest and are very interesting option for public administration. Although, there is a lot of concern about security and privacy of storing personal data in cloud. In this work mathematical tools for securing data and hiding computations are presented. Data privacy is obtained by using homomorphic encryption schemes. Computation hiding is done by algorithm cryptographic obfuscation. Both primitives are presented and their application for public administration is discussed.

Download Full-text