Search results

1 – 10 of over 12000
To view the access options for this content please click here
Article
Publication date: 1 August 2006

Florence Appel

The proliferation of electronic databases has given rise to many practices and occurrences that pose serious threats to personal privacy. This paper argues that attention…

Abstract

The proliferation of electronic databases has given rise to many practices and occurrences that pose serious threats to personal privacy. This paper argues that attention to privacy should be an integral part of the database design process, and that database designers are uniquely positioned to ensure that this happens. To motivate students to become privacy‐conscious database design professionals, computer science programs must meet the challenges of implementing an “ethics across the curriculum” methodology to integrate privacy content throughout the design thread of the introductory database course.

Details

Journal of Information, Communication and Ethics in Society, vol. 4 no. 3
Type: Research Article
ISSN: 1477-996X

Keywords

To view the access options for this content please click here
Article
Publication date: 1 June 1994

Roger Clarke

Computer matching is a mass surveillance technique involving thecomparison of data about many people, which have been acquired frommultiple sources. Its use offers…

Abstract

Computer matching is a mass surveillance technique involving the comparison of data about many people, which have been acquired from multiple sources. Its use offers potential benefits, particularly financial savings. It is also error‐prone, and its power results in threats to established patterns and values. The imperatives of efficiency and equity demand that computer matching be used, and the information privacy interest demands that it be used only where justified, and be subjected to effective controls. Provides background to this important technique, including its development and application in the USA and in Australia, and a detailed technical description. Contends that the technique, its use, and controls over its use are very important issues which demand research. Computing, telecommunications and robotics artefacts which have the capacity to change society radically need to be subjected to early and careful analysis, not only by sociologists, lawyers and philosophers, but also by information technologists themselves.

Details

Information Technology & People, vol. 7 no. 2
Type: Research Article
ISSN: 0959-3845

Keywords

To view the access options for this content please click here
Article
Publication date: 26 November 2020

Muhammad Al-Abdullah, Izzat Alsmadi, Ruwaida AlAbdullah and Bernie Farkas

The paper posits that a solution for businesses to use privacy-friendly data repositories for its customers’ data is to change from the traditional centralized repository…

Abstract

Purpose

The paper posits that a solution for businesses to use privacy-friendly data repositories for its customers’ data is to change from the traditional centralized repository to a trusted, decentralized data repository. Blockchain is a technology that provides such a data repository. However, the European Union’s General Data Protection Regulation (GDPR) assumed a centralized data repository, and it is commonly argued that blockchain technology is not usable. This paper aims to posit a framework for adopting a blockchain that follows the GDPR.

Design/methodology/approach

The paper uses the Levy and Ellis’ narrative review of literature methodology, which is based on constructivist theory posited by Lincoln and Guba. Using five information systems and computer science databases, the researchers searched for studies using the keywords GDPR and blockchain, using a forward and backward search technique. The search identified a corpus of 416 candidate studies, from which the researchers applied pre-established criteria to select 39 studies. The researchers mined this corpus for concepts, which they clustered into themes. Using the accepted computer science practice of privacy by design, the researchers combined the clustered themes into the paper’s posited framework.

Findings

The paper posits a framework that provides architectural tactics for designing a blockchain that follows GDPR to enhance privacy. The framework explicitly addresses the challenges of GDPR compliance using the unimagined decentralized storage of personal data. The framework addresses the blockchain–GDPR tension by establishing trust between a business and its customers vis-à-vis storing customers’ data. The trust is established through blockchain’s capability of providing the customer with private keys and control over their data, e.g. processing and access.

Research limitations/implications

The paper provides a framework that demonstrates that blockchain technology can be designed for use in GDPR compliant solutions. In using the framework, a blockchain-based solution provides the ability to audit and monitor privacy measures, demonstrates a legal justification for processing activities, incorporates a data privacy policy, provides a map for data processing and ensures security and privacy awareness among all actors. The research is limited to a focus on blockchain–GDPR compliance; however, future research is needed to investigate the use of the framework in specific domains.

Practical implications

The paper posits a framework that identifies the strategies and tactics necessary for GDPR compliance. Practitioners need to compliment the framework with rigorous privacy risk management, i.e. conducting a privacy risk analysis, identifying strategies and tactics to address such risks and preparing a privacy impact assessment that enhances accountability and transparency of a blockchain.

Originality/value

With the increasingly strategic use of data by businesses and the contravening growth of data privacy regulation, alternative technologies could provide businesses with a means to nurture trust with its customers regarding collected data. However, it is commonly assumed that the decentralized approach of blockchain technology cannot be applied to this business need. This paper posits a framework that enables a blockchain to be designed that follows the GDPR; thereby, providing an alternative for businesses to collect customers’ data while ensuring the customers’ trust.

Details

Digital Policy, Regulation and Governance, vol. 22 no. 5/6
Type: Research Article
ISSN: 2398-5038

Keywords

To view the access options for this content please click here
Article
Publication date: 1 January 1988

Michael Rogers Rubin

This is the second of three articles addressing the critical issue of abusive data collection and usage practices and their effect on personal privacy. The first article…

Abstract

This is the second of three articles addressing the critical issue of abusive data collection and usage practices and their effect on personal privacy. The first article, which appeared in consecutive issue 17 of Library Hi Tech, discussed the individual under assault. This article discusses the evolution of data protection laws within countries and international organizations that have enacted such laws, and compares the scope, major provisions, and enforcement components of the laws.

Details

Library Hi Tech, vol. 6 no. 1
Type: Research Article
ISSN: 0737-8831

To view the access options for this content please click here
Article
Publication date: 1 March 1989

Michael Rogers Rubin

The major federal and state laws that govern the privacy aspects of the use of computer data banks fall into three types of relationships between individuals and…

Abstract

The major federal and state laws that govern the privacy aspects of the use of computer data banks fall into three types of relationships between individuals and institutions: 1) individuals dealing with private institutions such as colleges or universities, 2) individuals interacting with state and local governments; and 3) individuals interacting with the federal government. A separate section is devoted to each of these relationships, containing assessments of the effectiveness of the legal mechanisms that mediate them. The ability of privacy laws that are presently on the books to protect us from abusive information collection, dissemination, and management practices is specifically considered.

Details

Library Hi Tech, vol. 7 no. 3
Type: Research Article
ISSN: 0737-8831

To view the access options for this content please click here
Article
Publication date: 1 February 2005

A.S. Sodiya, H.O.D. Longe and A.T. Akinwale

The goal of our work is to discuss the fundamental issues of privacy and anomaly‐based intrusion detection systems (IDS) and to design an efficient anomaly‐based intrusion…

Abstract

Purpose

The goal of our work is to discuss the fundamental issues of privacy and anomaly‐based intrusion detection systems (IDS) and to design an efficient anomaly‐based intrusion IDS architecture where users' privacy is maintained.

Design/methodology/approach

In this work, any information that can link intrusion detection activity to a user is encrypted so as to pseudonyze the sensitive information. A database of encrypted information would then be created which becomes the source database for the IDS. The design makes use of dynamic key generation algorithm that generates key randomly when an intrusion is detected. The keys are only released when an intrusion occurs and immediately swapped to protect harm access to the mapping database.

Findings

The result after testing the new privacy maintained IDS architecture on an application package shows greater improvement over the ordinary IDSs. Privacy complaints reduced considerably from between 8 and 16 per week to about 1‐2.

Research limitations/implications

We only tested the new privacy maintained IDS on a package, it would also be interesting to test the design on some other systems. There is a possibility that time to detection would increase because of the encryption/decryption part of the new design. All the same, we have designed an IDS architecture where privacy of users on the systems is guaranteed.

Practical implications

This work provides a background for researchers in IDS and it requires further improvements and extensions.

Originality/value

The work shows that it is possible to design an IDS architecture for maintaining privacy of users on the network. The result shows the originality of the new design.

Details

Information Management & Computer Security, vol. 13 no. 1
Type: Research Article
ISSN: 0968-5227

Keywords

To view the access options for this content please click here
Article
Publication date: 1 December 2002

Aimee Fifarek

Adoption of technology in academic libraries sets up circumstances for collection of personal patron information and records of patron information seeking behaviour not…

Abstract

Adoption of technology in academic libraries sets up circumstances for collection of personal patron information and records of patron information seeking behaviour not possible in the pre‐digital library. Even if collected unintentionally, this information may then be seized by law enforcement officials for criminal investigations. Passage of the USA PATRIOT Act has lowered the standards for obtaining search warrants that had previously been set by American legal precedent. This article describes potential situations where patron privacy can be endangered by the presence of information technology and how librarians can protect patron information and prepare patrons for safe information seeking in the online world.

Details

Online Information Review, vol. 26 no. 6
Type: Research Article
ISSN: 1468-4527

Keywords

To view the access options for this content please click here
Article
Publication date: 1 September 2005

Yuval Elovici, Chanan Glezer and Bracha Shapira

To propose a model of a privacy‐enhanced catalogue search system (PECSS) in an attempt to address privacy threats to consumers, who search for products and services on the…

Abstract

Purpose

To propose a model of a privacy‐enhanced catalogue search system (PECSS) in an attempt to address privacy threats to consumers, who search for products and services on the world wide web.

Design/methodology/approach

The model extends an agent‐based architecture for electronic catalogue mediation by supplementing it with a privacy enhancement mechanism. This mechanism introduces fake queries into the original stream of user queries, in an attempt to reduce the similarity between the actual interests of users (“internal user profile”) and the interests as observed by potential eavesdroppers on the web (“external user profile”). A prototype was constructed to demonstrate the feasibility and effectiveness of the model.

Findings

The evaluation of the model indicates that, by generating five fake queries per each original user query, the user's profile is hidden most effectively from any potential eavesdropper. Future research is needed to identify the optimal glossary of fake queries for various clients. The model also should be tested against various attacks perpetrated against the mixed stream of original and fake queries (i.e. statistical clustering).

Research limitations/implications

The model's feasibility was evaluated through a prototype. It was not empirically tested against various statistical methods used by intruders to reveal the original queries.

Practical implications

A useful architecture for electronic commerce providers, internet service providers (ISP) and individual clients who are concerned with their privacy and wish to minimize their dependencies on third‐party security providers.

Originality/value

The contribution of the PECSS model stems from the fact that, as the internet gradually transforms into a non‐free service, anonymous browsing cannot be employed any more to protect consumers' privacy, and therefore other approaches should be explored. Moreover, unlike other approaches, our model does not rely on the honesty of any third mediators and proxies that are also exposed to the interests of the client. In addition, the proposed model is scalable as it is installed on the user's computer.

Details

Internet Research, vol. 15 no. 4
Type: Research Article
ISSN: 1066-2243

Keywords

To view the access options for this content please click here
Article
Publication date: 1 June 2010

Anja Lorenz and Katrin Borcea‐Pfitzmann

Facing the dilemma between collaboration and privacy is a continual challenge for users. In this setting, the purpose of this paper is to discuss issues of a highly…

Abstract

Purpose

Facing the dilemma between collaboration and privacy is a continual challenge for users. In this setting, the purpose of this paper is to discuss issues of a highly flexible role management integrated in a privacy‐enhanced collaborative environment (PECE).

Design/methodology/approach

The general framework was provided by former findings of several research projects, i.e. collaborative platform BluES and projects of privacy and identity management PRIME and PrimeLife. The role management concept bases on a literature survey and has been proofed by integration into the privacy‐enhanced environment BluES'n.

Findings

A three‐dimensional role management concept was developed describing users' rights, tasks, and positions. A discussion on how to fulfill privacy requirements yielded that a semi‐automated decision making regarding the use of roles with different identities is reasonable to support users' control of their privacy when interacting with others.

Research limitations/implications

The concept of flexible role management complies with the requirements of PECEs. However, a fully automated approach of rule‐based information disclosure is not possible as such decisions depend on personal and situational aspects.

Practical implications

Using the example of a flexible role management concept, research described in this paper demonstrates that privacy and interaction concerns can be balanced and should be considered in application design processes.

Social implications

Concepts of PECEs allow respecting privacy‐related attitudes and could improve the quality of service consumption.

Originality/value

The paper demonstrates contrasts between collaboration and privacy attitudes and presents solutions for the integration of role management to overcome this initially supposed contradiction.

Details

Interactive Technology and Smart Education, vol. 7 no. 2
Type: Research Article
ISSN: 1741-5659

Keywords

To view the access options for this content please click here
Article
Publication date: 1 May 2001

Prema Nakra

In recent months several high‐profile breaches of consumer privacy have raised public concern about data gathering on the Web. The issue of privacy has led to lawsuits by…

Abstract

In recent months several high‐profile breaches of consumer privacy have raised public concern about data gathering on the Web. The issue of privacy has led to lawsuits by consumers and consumer advocacy groups and investigations by government regulations. As businesses wrestle with the question of where to draw the line when it comes to collecting and using customer information, they continue to invest in new technologies to gather and analyze customer data to improve their marketing effectiveness. This paper will address the issue of consumer privacy rights and make recommendations for various stakeholders to assure consumer privacy rights in the age of the Internet.

Details

Management Decision, vol. 39 no. 4
Type: Research Article
ISSN: 0025-1747

Keywords

1 – 10 of over 12000