Search results

Since the European Union’s (EU) Charter of Fundamental Rights became binding in 2009, data protection has attained the status of a fundamental right (Article 8) throughout the EU. This chapter discusses the relevance of data protection in the context of security. It shows that data protection has been of particular relevance in the German context – not only against the backdrop of rapidly evolving information technology, but also of the historical experiences with political regimes collecting information in order to oppress citizens.

The purpose of this paper is to develop a usable configuration management for Archistar, which utilizes secret sharing for redundantly storing data over multiple independent storage clouds in a secure and privacy-friendly manner. Selecting the optimal secret sharing parameters, cloud storage servers and other settings for securely storing the secret data shares, while meeting all of end user’s requirements and other restrictions, is a complex task. In particular, complex trade-offs between different protection goals and legal privacy requirements need to be made.

A human-centered design approach with structured interviews and cognitive walkthroughs of user interface mockups with system administrators and other technically skilled users was used.

Even technically skilled users have difficulties to adequately select secret sharing parameters and other configuration settings for adequately securing the data to be outsourced.

Through these automatic settings, not only system administrators but also non-technical users will be able to easily derive suitable configurations.

The authors present novel human computer interaction (HCI) guidelines for a usable configuration management, which propose to automatically set configuration parameters and to solve trade-offs based on the type of data to be stored in the cloud. Through these automatic settings, not only system administrators but also non-technical users will be able to easily derive suitable configurations.

In response to food supply constraints resulting from coronavirus disease 2019 (COVID-19) restrictions, in the year 2020, the project developed automated household Aquaponics units to guarantee food self-sufficiency. However, the automated aquaponics solution did not fully comply with data privacy and portability best practices to protect the data of household owners. The purpose of this study is to develop a data privacy and portability layer on top of the previously developed automated Aquaponics units.

Design Science Research (DSR) is the research method implemented in this study.

General Data Protection and Privacy Regulations (GDPR)-inspired principles empowering data subjects including data minimisation, purpose limitation, storage limitation as well as integrity and confidentiality can be implemented in a federated learning (FL) architecture using Pinecone Matrix home servers and edge devices.

The literature reviewed for this study demonstrates that the GDPR right to data portability can have a positive impact on data protection by giving individuals more control over their own data. This is achieved by allowing data subjects to obtain their personal information from a data controller in a format that makes it simple to reuse it in another context and to transmit this information freely to any other data controller of their choice. Data portability is not strictly governed or enforced by data protection laws in the developing world, such as Zimbabwe's Data Protection Act of 2021.

Privacy requirements can be implemented in end-point technology such as smartphones, microcontrollers and single board computer clusters enabling data subjects to be incentivised whilst unlocking the value of their own data in the process fostering competition among data controllers and processors.

The use of end-to-end encryption with Matrix Pinecone on edge endpoints and fog servers, as well as the practical implementation of data portability, are currently not adequately covered in the literature. The study acts as a springboard for a future conversation on the topic.

Research on online user privacy shows that empirical evidence on how privacy literacy relates to users' information privacy empowerment is missing. To fill this gap, this paper investigated the respective influence of two primary dimensions of online privacy literacy – namely declarative and procedural knowledge – on online users' information privacy empowerment.

An empirical analysis is conducted using a dataset collected in Europe. This survey was conducted in 2019 among 27,524 representative respondents of the European population.

The main results show that users' procedural knowledge is positively linked to users' privacy empowerment. The relationship between users' declarative knowledge and users' privacy empowerment is partially supported. While greater awareness about firms and organizations practices in terms of data collections and further uses conditions was found to be significantly associated with increased users' privacy empowerment, unpredictably, results revealed that the awareness about the GDPR and user’s privacy empowerment are negatively associated. The empirical findings reveal also that greater online privacy literacy is associated with heightened users' information privacy empowerment.

While few advanced studies made systematic efforts to measure changes occurred on websites since the GDPR enforcement, it remains unclear, however, how individuals perceive, understand and apply the GDPR rights/guarantees and their likelihood to strengthen users' information privacy control. Therefore, this paper contributes empirically to understanding how online users' privacy literacy shaped by both users' declarative and procedural knowledge is likely to affect users' information privacy empowerment. The study empirically investigates the effectiveness of the GDPR in raising users' information privacy empowerment from user-based perspective. Results stress the importance of greater transparency of data tracking and processing decisions made by online businesses and services to strengthen users' control over information privacy. Study findings also put emphasis on the crucial need for more educational efforts to raise users' awareness about the GDPR rights/guarantees related to data protection. Empirical findings also show that users who are more likely to adopt self-protective approaches to reinforce personal data privacy are more likely to perceive greater control over personal data. A broad implication of this finding for practitioners and E-businesses stresses the need for empowering users with adequate privacy protection tools to ensure more confidential transactions.

Involvement of children in research on different aspects of children's rights, including research on violence against children, is continuously increasing, as is the interest in participatory approaches (European Agency for Fundamental Rights [FRA], 2014; Larsson et al., 2018; UN Committee on the Rights of the Child, 2011). Svevo-Cianci et al. (2011) noted that ‘as researchers commit to learning from community members, including children and adolescents themselves, it has become more clear that an understanding of the lived reality and definition of violence for children in their individual communities, is essential to envision and implement effective child protection’ (p. 985).

In this chapter, the legislative context regarding children's rights to be heard and participate is initially discussed; currently applied age requirements for children to acquire rights across the countries of the European Union (EU) are briefly presented; and children's potential roles and relevant provisions for their participation in social research are explored. The last part is dedicated to the presentation and discussion of the General Data Protection Regulation (GDPR; Regulation [EU] 2016/679, 2016) – specifically, children's personal data–related recitals and articles; the importance of the definition of a legal basis for personal data processing according to the GDPR, including consent; and the necessary information to be provided to children before their data are processed.

Advances in Big Data, artificial Intelligence and data-driven innovation bring enormous benefits for the overall society and for different sectors. By contrast, their misuse can lead to data workflows bypassing the intent of privacy and data protection law, as well as of ethical mandates. It may be referred to as the ‘creep factor’ of Big Data, and needs to be tackled right away, especially considering that we are moving towards the ‘datafication’ of society, where devices to capture, collect, store and process data are becoming ever-cheaper and faster, whilst the computational power is continuously increasing. If using Big Data in truly anonymisable ways, within an ethically sound and societally focussed framework, is capable of acting as an enabler of sustainable development, using Big Data outside such a framework poses a number of threats, potential hurdles and multiple ethical challenges. Some examples are the impact on privacy caused by new surveillance tools and data gathering techniques, including also group privacy, high-tech profiling, automated decision making and discriminatory practices. In our society, everything can be given a score and critical life changing opportunities are increasingly determined by such scoring systems, often obtained through secret predictive algorithms applied to data to determine who has value. It is therefore essential to guarantee the fairness and accurateness of such scoring systems and that the decisions relying upon them are realised in a legal and ethical manner, avoiding the risk of stigmatisation capable of affecting individuals’ opportunities. Likewise, it is necessary to prevent the so-called ‘social cooling’. This represents the long-term negative side effects of the data-driven innovation, in particular of such scoring systems and of the reputation economy. It is reflected in terms, for instance, of self-censorship, risk-aversion and lack of exercise of free speech generated by increasingly intrusive Big Data practices lacking an ethical foundation. Another key ethics dimension pertains to human-data interaction in Internet of Things (IoT) environments, which is increasing the volume of data collected, the speed of the process and the variety of data sources. It is urgent to further investigate aspects like the ‘ownership’ of data and other hurdles, especially considering that the regulatory landscape is developing at a much slower pace than IoT and the evolution of Big Data technologies. These are only some examples of the issues and consequences that Big Data raise, which require adequate measures in response to the ‘data trust deficit’, moving not towards the prohibition of the collection of data but rather towards the identification and prohibition of their misuse and unfair behaviours and treatments, once government and companies have such data. At the same time, the debate should further investigate ‘data altruism’, deepening how the increasing amounts of data in our society can be concretely used for public good and the best implementation modalities.

There is significant national interest in tackling issues surrounding the needs of vulnerable children and adults. This paper aims to argue that much value can be gained from the application of new data-analytic approaches to assist with the care provided to vulnerable children. This paper highlights the ethical and information governance issues raised in the development of a research project that sought to access and analyse children’s social care data.

The paper documents the process involved in identifying, accessing and using data held in Birmingham City Council’s social care system for collaborative research with a partner organisation. This includes identifying the data, its structure and format; understanding the Data Protection Act 1998 and 2018 (DPA) exemptions that are relevant to ensure that legal obligations are met; data security and access management; the ethical and governance approval process.

The findings will include approaches to understanding the data, its structure and accessibility tasks involved in addressing ethical and legal obligations and requirements of the ethical and governance processes.

The aim of this research is to highlight the potential use of use new data-analytic techniques to examine the flow of children’s social care data from referral, through the assessment process, to the resulting service provision. Data held by Birmingham City Council are used throughout, and this paper highlights key ethical and information governance issues which were addressed in preparing and conducting the research. The findings provide insight for other data-led studies of a similar nature.

The purpose of this paper is to try to reach the main factors that could put national security at risk as a result of government cloud computing programs.

The paper adopts the analytical approach to first lay foundations of the relation between national security, cybersecurity and cloud computing, then it moves to analyze the main vulnerabilities that could affect national security in cases of government cloud computing usage.

The paper reached several findings such as the relation between cybersecurity and national security as well as a group of factors that may affect national security when governments shift to cloud computing mainly pertaining to storing data over the internet, the involvement of a third party, the lack of clear regulatory frameworks inside and between countries.

Governments are continuously working on developing their digital capacities to meet citizens’ demands. One of the most trending technologies adopted by governments is “cloud computing”, because of the tremendous advantages that the technology provides; such as huge cost-cutting, huge storage and computing capabilities. However, shifting to cloud computing raises a lot of security concerns.

The value of the paper resides in the novelty of the topic, which is a new contribution to the theoretical literature on relations between new technologies and national security. It is empirically important as well to help governments stay safe while enjoying the advantages of cloud computing.

A policy of surveillance which interferes with the fundamental right to a private life requires credible justification and a supportive evidence base. The authority for such interference should be clearly detailed in law, overseen by a transparent process and not left to the vagaries of administrative discretion. If a state surveils those it governs and claims the interference to be in the public interest, then the evidence base on which that claim stands and the operative conception of public interest should be subject to critical examination. Unfortunately, there is an inconsistency in the regulatory burden associated with access to confidential patient information for non-health-related surveillance purposes and access for health-related surveillance or research purposes. This inconsistency represents a systemic weakness to inform or challenge an evidence-based policy of non-health-related surveillance. This inconsistency is unjustified and undermines the qualities recognised to be necessary to maintain a trustworthy confidential public health service. Taking the withdrawn Memorandum of Understanding (MoU) between NHS Digital and the Home Office as a worked example, this chapter demonstrates how the capacity of the law to constrain the arbitrary or unwarranted exercise of power through judicial review is not sufficient to level the playing field. The authors recommend ‘levelling up’ in procedural oversight, and adopting independent mechanisms equivalent to those adopted for establishing the operative conceptions of public interest in the context of health research to non-health-related surveillance purposes.

Forest as a vital natural resource in China plays an irreplaceable important role in safeguarding ecological security and human survival and development. Due to the vast territory, huge population and widespread forest landscape of China, forest management is a complex system involving massive data and various management activities. To effectively implement sustainable forest management, the big data technology has been utilized to analyze China’s forestry resources. Thus, the purpose of this paper is to clarify the role of big data technology in China’s forest management.

In this paper, the authors revisited the roles of big data in forest ecosystem monitoring, forestry management system development, and forest policy implementation.

It demonstrates that big data technology has a great potential in forest ecosystem protection and management, as well as the government’s determination for forest ecosystem protection. However, to deepen the application of big data in forest management, several challenges still need to be tackled.

Thus, enhancing modern science and technology to improve big data, cloud computing, and information technologies and their combinations will contribute to tackle the challenges and achieve wisdom of forest management.