Search results

General Data Protection Regulation (GDPR) of the European Union (EU) was passed to protect data privacy. Though the GDPR intended to address issues related to data privacy in the EU, it created an extra-territorial effect through Articles 3, 45 and 46. Extra-territorial effect refers to the application or the effect of local laws and regulations in another country. Lawmakers around the globe passed or intensified their efforts to pass laws to have personal data privacy covered so that they meet the adequacy requirement under Articles 45–46 of GDPR while providing comprehensive legislation locally. This study aims to analyze the Malaysian and Saudi Arabian legislation on health data privacy and their adequacy in meeting GDPR data privacy protection requirements.

The research used a systematic literature review, legal content analysis and comparative analysis to critically analyze the health data protection in Malaysia and Saudi Arabia in comparison with GDPR and to see the adequacy of health data protection that could meet the requirement of EU data transfer requirement.

The finding suggested that the private sector is better regulated in Malaysia than the public sector. Saudi Arabia has some general laws to cover health data privacy in both public and private sector organizations until the newly passed data protection law is implemented in 2024. The finding also suggested that the Personal Data Protection Act 2010 of Malaysia and the Personal Data Protection Law 2022 of Saudi Arabia could be considered “adequate” under GDPR.

The research would be able to identify the key principles that could identify the adequacy of the laws about health data in Malaysia and Saudi Arabia as there is a dearth of literature in this area. This will help to propose suggestions to improve the laws concerning health data protection so that various stakeholders can benefit from it.

Research on online user privacy shows that empirical evidence on how privacy literacy relates to users' information privacy empowerment is missing. To fill this gap, this paper investigated the respective influence of two primary dimensions of online privacy literacy – namely declarative and procedural knowledge – on online users' information privacy empowerment.

An empirical analysis is conducted using a dataset collected in Europe. This survey was conducted in 2019 among 27,524 representative respondents of the European population.

The main results show that users' procedural knowledge is positively linked to users' privacy empowerment. The relationship between users' declarative knowledge and users' privacy empowerment is partially supported. While greater awareness about firms and organizations practices in terms of data collections and further uses conditions was found to be significantly associated with increased users' privacy empowerment, unpredictably, results revealed that the awareness about the GDPR and user’s privacy empowerment are negatively associated. The empirical findings reveal also that greater online privacy literacy is associated with heightened users' information privacy empowerment.

While few advanced studies made systematic efforts to measure changes occurred on websites since the GDPR enforcement, it remains unclear, however, how individuals perceive, understand and apply the GDPR rights/guarantees and their likelihood to strengthen users' information privacy control. Therefore, this paper contributes empirically to understanding how online users' privacy literacy shaped by both users' declarative and procedural knowledge is likely to affect users' information privacy empowerment. The study empirically investigates the effectiveness of the GDPR in raising users' information privacy empowerment from user-based perspective. Results stress the importance of greater transparency of data tracking and processing decisions made by online businesses and services to strengthen users' control over information privacy. Study findings also put emphasis on the crucial need for more educational efforts to raise users' awareness about the GDPR rights/guarantees related to data protection. Empirical findings also show that users who are more likely to adopt self-protective approaches to reinforce personal data privacy are more likely to perceive greater control over personal data. A broad implication of this finding for practitioners and E-businesses stresses the need for empowering users with adequate privacy protection tools to ensure more confidential transactions.

The general data protection regulation (GDPR) was designed to address privacy challenges posed by globalisation and rapid technological advancements; however, its implementation has also introduced new hurdles for companies. This study aims to analyse and synthesise the existing literature that focuses on challenges of GDPR implementation in business enterprises, while also outlining the directions for future research.

The methodology of this review follows the preferred reporting items for systematic reviews and meta-analysis guidelines. It uses an extensive search strategy across Scopus and Web of Science databases, rigorously applying inclusion and exclusion criteria, yielding a detailed analysis of 16 selected studies that concentrate on GDPR implementation challenges in business organisations.

The findings indicate a predominant use of conceptual study methodologies in prior research, often limited to specific countries and technology-driven sectors. There is also an inclination towards exploring GDPR challenges within small and medium enterprises, while larger enterprises remain comparatively unexplored. Additionally, further investigation is needed to understand the implications of emerging technologies on GDPR compliance.

This study’s limitations include reliance of the search strategy on two databases, potential exclusion of relevant research, limited existing literature on GDPR implementation challenges in business context and possible influence of diverse methodologies and contexts of previous studies on generalisability of the findings.

The originality of this review lies in its exclusive focus on analysing GDPR implementation challenges within the business context, coupled with a fresh categorisation of these challenges into technical, legal, organisational, and regulatory dimensions.

The purpose of this paper is to try to reach the main factors that could put national security at risk as a result of government cloud computing programs.

The paper adopts the analytical approach to first lay foundations of the relation between national security, cybersecurity and cloud computing, then it moves to analyze the main vulnerabilities that could affect national security in cases of government cloud computing usage.

The paper reached several findings such as the relation between cybersecurity and national security as well as a group of factors that may affect national security when governments shift to cloud computing mainly pertaining to storing data over the internet, the involvement of a third party, the lack of clear regulatory frameworks inside and between countries.

Governments are continuously working on developing their digital capacities to meet citizens’ demands. One of the most trending technologies adopted by governments is “cloud computing”, because of the tremendous advantages that the technology provides; such as huge cost-cutting, huge storage and computing capabilities. However, shifting to cloud computing raises a lot of security concerns.

The value of the paper resides in the novelty of the topic, which is a new contribution to the theoretical literature on relations between new technologies and national security. It is empirically important as well to help governments stay safe while enjoying the advantages of cloud computing.

This paper aims to increase understanding of pertinent exogenous and endogenous antecedents that can reduce data privacy breaches.

A cross-sectional survey was used to source participants' perceptions of relevant exogenous and endogenous antecedents developed from the Antecedents-Privacy Concerns-Outcomes (APCO) model and Social Cognitive Theory. A research model was proposed and tested with empirical data collected from 213 participants based in Canada.

The exogenous factors of external privacy training and external privacy self-assessment tool significantly and positively impact the study's endogenous factors of individual privacy awareness, organizational resources allocated to privacy concerns, and group behavior concerning privacy laws. Further, the proximal determinants of data privacy breaches (dependent construct) are negatively influenced by individual privacy awareness, group behavior related to privacy laws, and organizational resources allocated to privacy concerns. The endogenous factors fully mediated the relationships between the exogenous factors and the dependent construct.

This study contributes to the budding data privacy breach literature by highlighting the impacts of personal and environmental factors in the discourse.

The results offer management insights on mitigating data privacy breach incidents arising from employees' actions. Roles of external privacy training and privacy self-assessment tools are signified.

Antecedents of data privacy breaches have been underexplored. This paper is among the first to elucidate the roles of select exogenous and endogenous antecedents encompassing personal and environmental imperatives on data privacy breaches.

Sharing patient health information (PHI) among hospitals has been much slower than the adoption of health record systems. This paper aims to investigate if privacy regulation (PR) or security measures (SMs) influence hospitals’ use of health information exchange (HIE) to share PHI with other providers (e.g. physicians, labs, hospitals). The study specifically focuses on how multiple PRs can impede and a strong national security infrastructure (NSI) can support HIE.

The study uses secondary data from a multi-national and multi-hospital survey administered by the European Union. The multi-level structure of the cross-sectional panel data is used to test the influence of both hospital-level (e.g. PR) and national-level variables (e.g. NSI) on HIE. A total of nine types of HIE, three types of PRs, nine SMs and other relevant control variables are considered. This study uses a two-level random intercept generalized linear model to test the hypothesis proposed in the study.

The study finds that national-level PRs (NLPR) have the strongest positive influence on HIE in comparison to regional (RLPR) and hospital-level (HLPR) PRs. Moreover, the study finds evidence that the presence of RLPR and HLPR, on average, decreases the positive impact of NLPR by 264%. The SMs also have a significant and positive impact on HIE. Adoption of an additional SM can increase the odds of engaging in a certain type of HIE between 21% and 61%. On the other hand, a strong NSI can also amplify the positive impact of SM on certain types of HIE.

This study extends prior research on the role of PRs in enabling HIE by considering the complexities brought up by adopting multiple PRs. NLPRs have the strongest impact on HIE in comparison to RLPRs or HLPRs. Moreover, public infrastructure initiatives such as those related to secure communications can also complement SMs adopted by the providers by encouraging HIE.

The paper proposes a privacy-preserving artificial intelligence-enabled video surveillance technology to monitor social distancing in public spaces.

The paper proposes a new Responsible Artificial Intelligence Implementation Framework to guide the proposed solution's design and development. It defines responsible artificial intelligence criteria that the solution needs to meet and provides checklists to enforce the criteria throughout the process. To preserve data privacy, the proposed system incorporates a federated learning approach to allow computation performed on edge devices to limit sensitive and identifiable data movement and eliminate the dependency of cloud computing at a central server.

The proposed system is evaluated through a case study of monitoring social distancing at an airport. The results discuss how the system can fully address the case study's requirements in terms of its reliability, its usefulness when deployed to the airport's cameras, and its compliance with responsible artificial intelligence.

The paper makes three contributions. First, it proposes a real-time social distancing breach detection system on edge that extends from a combination of cutting-edge people detection and tracking algorithms to achieve robust performance. Second, it proposes a design approach to develop responsible artificial intelligence in video surveillance contexts. Third, it presents results and discussion from a comprehensive evaluation in the context of a case study at an airport to demonstrate the proposed system's robust performance and practical usefulness.

The authors argue that privacy is integral to the well-being of consumers and an essential component in not only corporate social responsibility (CSR) but what they term uniquely as social media responsibility (SMR). A conceptual framework is proposed that delineates the privacy issues companies should pay attention to in artificial intelligence (AI)-fueled social media environments.

The authors review literature on privacy issues in social media and AI in the academic and practitioner literatures. Based on the review, arguments focus on the need for an SMR framework, proposing responsible use of consumer data that is attentive to consumers' privacy concerns.

Implications from the framework are a path forward for social media companies to treat consumer data more fairly in this new environment. The framework has implications for companies to reduce potential harms to consumers and consider addressing their power and responsibility. With social media and AI transforming consumer behavior so profoundly, there are a variety of short- and long-term social implications.

Since AI tools are becoming integral to social media company activities, this research addresses the changing responsibilities social media companies have in securing consumers' data and enabling consumers the agency to protect their privacy effectively. The authors propose an SMR framework based on CSR research and AI tools employed by social media companies.

This study aims to identify and assess the key ethical challenges associated with integrating artificial intelligence (AI) in knowledge-sharing (KS) practices and their implications for decision-making (DM) processes within organisations.

The study employs a mixed-methods approach, beginning with a comprehensive literature review to extract background information on AI and KS and to identify potential ethical challenges. Subsequently, a confirmatory factor analysis (CFA) is conducted using data collected from individuals employed in business settings to validate the challenges identified in the literature and assess their impact on DM processes.

The findings reveal that challenges related to privacy and data protection, bias and fairness and transparency and explainability are particularly significant in DM. Moreover, challenges related to accountability and responsibility and the impact of AI on employment also show relatively high coefficients, highlighting their importance in the DM process. In contrast, challenges such as intellectual property and ownership, algorithmic manipulation and global governance and regulation are found to be less central to the DM process.

This research contributes to the ongoing discourse on the ethical challenges of AI in knowledge management (KM) and DM within organisations. By providing insights and recommendations for researchers, managers and policymakers, the study emphasises the need for a holistic and collaborative approach to harness the benefits of AI technologies whilst mitigating their associated risks.

This study investigated the attitudes and concerns of Saudi higher educational institution (HEI) academics about privacy and security in online teaching during the COVID-19 pandemic.

Online Questionnaire questionnaire was designed to explore Saudi HEI academic’s attitudes and concerns about privacy and security issues in online teaching. The questionnaire asked about attitudes and concerns held before the pandemic and since the pandemic. The questionnaire included four sections. At the beginning of the questionnaire, participants were asked what the phrase “online privacy and security” meant to them, to gain an initial understanding of what it meant to academics. A definition for what we intended for the survey was then provided: “that a person’s data, including their identity, is not accessible to anyone other than themselves and others whom they have authorised and that their computing devices work properly and are free from unauthorised interference” (based on my reading of a range of sources, e.g. Schatz et al., 2017; Steinberg, 2019; NCS; Windley, 2005). This was to ensure that participants did understand what I was asking about in subsequent sections.

This study investigated the attitudes and concerns of Saudi HEI academics about privacy and security in online teaching during the COVID-19 pandemic. The findings provide several key insights: Key aspects of online privacy and security for Saudi HEI academics: Saudi HEI academic’s notion of online privacy and security is about the protection of personal data, preventing unauthorized access to data and ensuring the confidentiality and integrity of data. This underscores the significance of robust measures to safeguard sensitive information in online teaching, but also the need to make academics aware of the other aspects of online privacy and security. Potential to improve policies and training about online privacy and security in Saudi HEIs: Although many participants were aware of the online privacy and security policies of their HEI, only a small percentage had received training in this area. Thus, there is a need to improve the development and dissemination of policies and to provide academics with appropriate training in this area and encourage them to take available training. Use of videoconferencing and chat technologies and cultural sensitivities: The study highlighted moderate levels of concern among Saudi HEI academics regarding the use of videoconferencing and online chat technologies, and their concerns about cultural factors around the use of these technologies. This emphasizes the need for online teaching and the growing use of technologies in such teaching to respect cultural norms and preferences, highlighting the importance of fostering a culturally sensitive approach to technology deployment and use. Surprising low webcam use: An unexpected finding is the low use of webcams by both academics and students during online teaching sessions, prompting a need for a deeper understanding of the dynamics surrounding webcam engagement in such sessions. This calls for a reevaluation of the effectiveness of webcam use in the teaching process and underscores the importance of exploring methods for enhancing engagement and interaction in online teaching. In summary, this paper investigated the attitudes and concerns about privacy and security in the online teaching of Saudi HEI academics during the coronavirus pandemic. The study reveals areas where further research and policy development can enhance the online teaching experience. As the education landscape continues to evolve, institutions must remain proactive in addressing the concerns of their academics while fostering a culturally sensitive approach to technology deployment.

One limitation of this study is the relatively small qualitative data sample, despite the adequate size of the sample including 36 academics from various Saudi Arabian HEIs for quantitative analysis. It was necessary to make the most of the open-ended questions optional – participants did not have to answer about concerns if they did not want to, as we did not want to make the questionnaire too long and onerous to complete. Consequently, the number of academics responding to the open-ended questions was limited, emphasizing the need for additional data and alternative research methods to further these issues. The study was focused on investigating the concerns of HEI Saudi academics, recognizing that the attitudes and concerns of academics in other countries may differ. Furthermore, the research also includes an exploration of the changes in academic attitudes and concerns before and since the COVID-19 pandemic, which will be the subject of further data analysis.

This research delves into Saudi HEI academics' perceptions and concerns regarding privacy and security in online education during the COVID-19 Pandemic. Notably, it highlights the moderate priority placed on online privacy and security, the unexpectedly low usage of webcams and the potential for enhancing policies and training. The study emphasizes the necessity for comprehensive measures to protect sensitive data and the importance of tailored policies for educators. It also underscores the need for a more nuanced understanding of webcam usage dynamics, offering valuable insights for institutions aiming to improve online education and address educators' concerns amidst evolving educational landscapes.