Search results

General Data Protection Regulation (GDPR) of the European Union (EU) was passed to protect data privacy. Though the GDPR intended to address issues related to data privacy in the EU, it created an extra-territorial effect through Articles 3, 45 and 46. Extra-territorial effect refers to the application or the effect of local laws and regulations in another country. Lawmakers around the globe passed or intensified their efforts to pass laws to have personal data privacy covered so that they meet the adequacy requirement under Articles 45–46 of GDPR while providing comprehensive legislation locally. This study aims to analyze the Malaysian and Saudi Arabian legislation on health data privacy and their adequacy in meeting GDPR data privacy protection requirements.

The research used a systematic literature review, legal content analysis and comparative analysis to critically analyze the health data protection in Malaysia and Saudi Arabia in comparison with GDPR and to see the adequacy of health data protection that could meet the requirement of EU data transfer requirement.

The finding suggested that the private sector is better regulated in Malaysia than the public sector. Saudi Arabia has some general laws to cover health data privacy in both public and private sector organizations until the newly passed data protection law is implemented in 2024. The finding also suggested that the Personal Data Protection Act 2010 of Malaysia and the Personal Data Protection Law 2022 of Saudi Arabia could be considered “adequate” under GDPR.

The research would be able to identify the key principles that could identify the adequacy of the laws about health data in Malaysia and Saudi Arabia as there is a dearth of literature in this area. This will help to propose suggestions to improve the laws concerning health data protection so that various stakeholders can benefit from it.

The paper addresses the privacy–personalisation paradox in the post-GDPR-2018 era. As the regulation came in a bid to regulate the collection and use of personal data, its implications remain underexplored. The research question is: How do consumers perceive the matter of personal data collection for the use of highly targeted and personalised ads post-GDPR-2018? The invasion of privacy vs the benefits of highly personalised digital marketing.

To address the research question, this qualitative study conducts semi-structured interviews with 14 individuals, consisting of average users and digital experts.

This paper reports on increasing consumer vulnerability post-GDPR-2018 due to increased awareness of personal data collection yet incessant lack of control, particularly regarding the repercussions of the digital footprint. The privacy paradox remains an issue except among experts, and personalisation remains necessary, yet critical challenges arise (e.g. filter bubbles and intrusion).

Policy implications include education, regulating consent platforms and encouraging consensual sharing of personal data.

While the privacy–personalisation paradox has been widely studied, the impact of GDPR-2018 has rarely been addressed in the literature. GDPR-2018 has seemingly had little impact on instilling a sense of security for consumers; if anything, this paper highlights greater concerns for privacy as users sign away their rights on consent forms to access websites, thus contributing novel insights to this area of research.

This study aims to evaluate blockchain as an e-government governance model. It assesses its alignment with legal frameworks, emphasizing robustness against disruptions and adherence to existing laws.

The paper explores blockchain’s potential in e-government, focusing on legal, ethical and governance aspects. It conducts an in-depth analysis of blockchain’s integration into data governance, emphasizing legal compliance and resilient security protocols.

The study comprehensively evaluates blockchain’s implementation, covering privacy, interoperability, consensus mechanisms, scalability and regulatory alignment. It highlights governance’s critical role in ensuring legal compliance within blockchain paradigms.

Ethical and legal concerns arising from blockchain adoption remain unresolved. The study underscores how blockchain challenges its core principles of anonymity and decentralization in e-government settings.

The framework outlined offers potential for diverse technological environments, albeit raising ethical and legal queries. It emphasizes governance’s pivotal role in achieving legal compliance in blockchain adoption.

Blockchain’s impact on legal and ethical facets necessitates further exploration to align with its core principles while addressing governance in e-government settings.

This study presents a robust framework for assessing blockchain’s viability in e-government, emphasizing legal compliance, despite ethical and legal intricacies that challenge its fundamental principles.

This paper aims to identify the reasons why cases of leakage of patient personal data often occur in the health sector. This paper also analyzes personal data protection regulations in the health sector from a comparative legal perspective between Indonesia, Singapore and the European Union (EU).

This type of research is legal research. The research approach used is the statute approach and conceptual approach. The focus of this study in this research is Indonesia with a comparative study in Singapore and the EU.

Cases of leakage of patient personal data in Indonesia often occur. In 2021, the data for 230,000 COVID-19 patients was leaked and sold on the Rapid Forums dark web forum. A patient’s personal data is a human right that must be protected. Compared to Singapore and the EU, Indonesia is a country that does not yet have a law on the protection of personal data. This condition causes cases of leakage of patients’ personal data to occur frequently.

This study analyzes the regulation and protection of patients’ personal data in Indonesia, Singapore and the EU to construct a regulatory design for the protection of patients’ personal data.

The results of this study are useful for constructing regulations governing the protection of patients’ personal data. The regulation is to protect the patient’s personal data like a patient’s human right.

The ideal regulatory design can prevent data breaches. Based on the results of comparative studies, in Singapore and the EU, cases of personal data leakage are rare because they have a regulatory framework regarding the protection of patients’ personal data.

Legal strategies that can be taken to prevent and overcome patient data breaches include the establishment of an Act on Personal Data Protection; the Personal Data Protection Commission; and management of patients’ personal data.

The purpose of this research is to study how compliance evaluation becomes performed in practice. Compliance evaluation is a common practice among organizations that need to evaluate their posture against a set of criteria (e.g. a standard, legislative framework and “best practices”). The results of these evaluations have significant importance for organizations, especially in the context of information security and continuity. The author argues that how these evaluations become performed is not merely a “social” activity but shaped by the materiality of the evaluation criteria

The authors adopt a sociomaterial practice-based view to study the compliance evaluation through in situ participant observations from compliance evaluation workshops to evaluate organizational compliance against a information security and business continuity criteria. The empirical material was analyzed to construct vignettes that serve to illustrate the practice of compliance evaluation.

The research analysis shows how the information security and business continuity criteria themselves partake in the compliance evaluations by operating through (ventriloqually) the evaluators on three strata: the material, the textual and the structural. The author also provides a conceptualization of a hybrid agency.

This research contributes to lack of studies on the organizational-level compliance. Further, the research is an original contribution to information security and business continuity management by focusing on the practices of compliance evaluation. Further, the research has theoretical novelty by adopting the ventriloqual agency as a hybrid agency to study the sociomateriality of a phenomenon.

This research paper aims to provide information about certified learning apps for biological education and gave an ordered list of all learning apps currently used by Austrian biology teachers in the classroom, which should serve as an overview for all biology teachers. In addition, the (currently little known) certification process of learning apps (seal of quality for educational applications) is described.

Online questionnaire for all biology teachers throughout Austria, on the one hand to find out the apps, and on the other hand to research how Austrian teachers find suitable apps. The data were evaluated using descriptive statistics.

A total of84 different learning apps are currently used by biology teachers in Austria. There are two certified lernapps in Austria, both are used. The most common app in biology lessons is “Anton”. The teachers find the information about apps throughout their own research or through colleagues. There are regional and school-specific differences in regards of usage and knowledge about seal of quality. It needs its own teacher training (TT) via suitable learning apps, because problems (data protection, advertising) are sometimes not taken into account during use.

Limitations of this paper are that some of the teachers indicated the apps from other subjects (mathematics) to use this learning app, although this is not possible for biology lessons. Data protection was stated to the best of the authors’ knowledge by the authors, if the authors were not sure it says “unsure”. The participants are mainly women, but this corresponds to the gender ratio, which is typical of the Austrian teaching profession.

The overview of the apps, compiled by this Austria-wide research, can be taken over into the biology lessons of all teachers. In addition, on the basis of this study, a TT at the University of Education 2023 in Linz was created. In addition, the (currently little known) certification process of learning apps is described.

The TT and the overview of the learning apps used serve as guidelines for teachers as to which apps they can use in biology lessons without hesitation. Above all, the aspect of the follow-up of digital media/apps will be emphasized. Data backup, inappropriate advertising must be processed in class or completely omitted. Biology teachers need the right training (TT) and appropriate materials and tools (apps) to reduce problems (cybercrimes).

Currently, there is no prepared list of suitable (certified and uncertified) learning apps for biology lessons. There are isolated recommendations and individual apps, but the selection criteria and backgrounds of the authors are not clear. This list shows which apps (how often) are used by which teachers. In addition, the (currently little known) certification process of learning apps is described.

Consumers increasingly rely on organisations for online services and data storage while these same institutions seek to digitise the information assets they hold to create economic value. Cybersecurity failures arising from malicious or accidental actions can lead to significant reputational and financial loss which organisations must guard against. Despite having some critical weaknesses, qualitative cybersecurity risk analysis is widely used in developing cybersecurity plans. This research explores these weaknesses, considers how quantitative methods might address the constraints and seeks the insights and recommendations of leading cybersecurity practitioners on the use of qualitative and quantitative cyber risk assessment methods.

The study is based upon a literature review and thematic analysis of in-depth qualitative interviews with 16 senior cybersecurity practitioners representing financial services and advisory companies from across the world.

While most organisations continue to rely on qualitative methods for cybersecurity risk assessment, some are also actively using quantitative approaches to enhance their cybersecurity planning efforts. The primary recommendation of this paper is that organisations should adopt both a qualitative and quantitative cyber risk assessment approach.

This work provides the first insight into how senior practitioners are using and combining qualitative and quantitative cybersecurity risk assessment, and highlights the need for in-depth comparisons of these two different approaches.

The authors argue that privacy is integral to the well-being of consumers and an essential component in not only corporate social responsibility (CSR) but what they term uniquely as social media responsibility (SMR). A conceptual framework is proposed that delineates the privacy issues companies should pay attention to in artificial intelligence (AI)-fueled social media environments.

The authors review literature on privacy issues in social media and AI in the academic and practitioner literatures. Based on the review, arguments focus on the need for an SMR framework, proposing responsible use of consumer data that is attentive to consumers' privacy concerns.

Implications from the framework are a path forward for social media companies to treat consumer data more fairly in this new environment. The framework has implications for companies to reduce potential harms to consumers and consider addressing their power and responsibility. With social media and AI transforming consumer behavior so profoundly, there are a variety of short- and long-term social implications.

Since AI tools are becoming integral to social media company activities, this research addresses the changing responsibilities social media companies have in securing consumers' data and enabling consumers the agency to protect their privacy effectively. The authors propose an SMR framework based on CSR research and AI tools employed by social media companies.

This paper aims to explore how critical digital and data literacies are facilitated by testing different methods in the classroom, with the ambition to find a pedagogical framework for prompting sustained critical literacies.

This contribution draws on a 10-year set of critical pedagogy experiments conducted in Denmark, USA and Italy, and engaging more than 1,500 young adults. Multi-method pedagogical design trains students to conduct self-oriented guided autoethnography, situational analysis, allegorical mapping, and critical infrastructure analysis.

The techniques of guided autoethnography for facilitating sustained data literacy rely on inviting multiple iterations of self-analysis through sequential prompts, whereby students move through stages of observation, critical thinking, critical theory-informed critique around the lived experience of hegemonic data and artificial intelligence (AI) infrastructures.

Critical digital/data literacy researchers should continue to test models for building sustained critique that not only facilitate changes in behavior over time but also facilitate citizen social science, whereby participants use these autoethnographic techniques with friends and families to build locally relevant critique of the hegemonic power of data/AI infrastructures.

The proposed literacy model adopts a critical theory stance and shows the value of using multiple modes of intervention at micro and macro levels to prompt self-analysis and meta-level reflexivity for learners. This framework places critical theory at the center of the pedagogy to spark more radical stances, which is contended to be an essential step in moving students from attitudinal change to behavioral change.

Personal data is a powerful tool. The more someone know about us, the more power they got over us. But who will control the most of our personal data? Does the government and the big tech really care about our personal data? This paper aims to look at data practices, data-related policy making as well as its economic consequences in the context of emerging economies.

Using qualitative methods such as literature review and analysis of numerous government documents, this paper inquires into the dynamics in the use of data by the business sectors, explains how data governance can add value to the business sectors while ensuring customers’ data privacy protection based on the data governance mechanism framework and details what it takes.

Using the case of Indonesian recent development on data privacy regulation, this paper describes the problems and threats to personal data protection. The advent of latest computing and mobile technology is shifting power relations between the governments, the big tech, as well as the end users. To conclude, the strategy and policy recommendations for implementing data privacy protection are also presented.

This paper provides a timely synthesis of data practices in the context of developing countries, particularly in relation to policy making and economic consequences. This paper also identifies and shares several promising future research ideas.