Search results

Privacy is a culturally universal process; however, in the era of Big Data privacy is handled very differently in different parts of the world. This is a challenge when designing tools and approaches for the use of Educational Big Data (EBD) and learning analytics (LA) in a global market. The purpose of this paper is to explore the concept of information privacy in a cross-cultural setting to define a common point of reference for privacy engineering.

The paper follows a conceptual exploration approach. Conceptual work on privacy in EBD and LA in China and the west is contrasted with the general discussion of privacy in a large corpus of literature and recent research. As much of the discourse on privacy has an American or European bias, intimate knowledge of Chinese education is used to test the concept of privacy and to drive the exploration of how information privacy is perceived in different cultural and educational settings.

The findings indicate that there are problems using privacy concepts found in European and North-American theories to inform privacy engineering for a cross-cultural market in the era of Big Data. Theories based on individualism and ideas of control of private information do not capture current global digital practice. The paper discusses how a contextual and culture-aware understanding of privacy could be developed to inform privacy engineering without letting go of universally shared values. The paper concludes with questions that need further research to fully understand information privacy in education.

As far as the authors know, this paper is the first attempt to discuss – from a comparative and cross-cultural perspective – information privacy in an educational context in the era of Big Data. The paper presents initial explorations of a problem that needs urgent attention if good intentions of privacy supportive educational technologies are to be turned into more than political slogans.

The purpose of this study is the analysis of a security and privacy requirements engineering methodology. Such methodologies are considered an important part of systems’ development process when they contain and process a large amount of critical information, and thus need to remain secure and ensure privacy.

These methodologies provide techniques, methods and norms for tackling security and privacy issues in information systems. In this process, the utilisation of effective, clear and understandable modelling languages with sufficient notation is of utmost importance, as the produced models are used not only among IT experts or among security specialists but also for communication among various stakeholders, in business environments or among novices in an academic environment.

The qualitative analysis revealed a partial satisfaction of these principles.

This paper evaluates the effectiveness of a security and privacy requirements engineering methodology, namely, Secure Tropos, on the nine principles of the theory of notation.

The enforcement of the General Data Protection Regulation imposes specific privacy- and -security related requirements that any organisation that processes European Union citizens’ personal data must comply with. The application of privacy- and security-by-design principles are assisting organisation in achieving compliance with the Regulation. The purpose of this study is to assist data controllers in their effort to achieve compliance with the new Regulation, by proposing the adoption of the privacy level agreement (PLA). A PLA is considered as a formal way for the data controllers and the data subjects to mutually agree the privacy settings of a service provisioned. A PLA supports privacy management, by analysing privacy threats, vulnerabilities and information systems’ trust relationships.

However, the concept of PLA has only been proposed on a theoretical level. To this aim, two different domains have been selected acting as real-life case studies, the public administration and the health care, where special categories of personal data are processed.

The results of the evaluation of the adoption of the PLA by the data controllers are positive. Furthermore, they indicate that the adoption of such an agreement facilitates data controllers in demonstrating transparency of their processes. Regarding data subjects, the evaluation process revealed that the use of the PLA increases trust levels on data controllers.

This paper proposes a novel reference architecture to enable PLA management in practice and reports on the application and evaluation of PLA management.

General data protection regulation (GDPR) entered into force in May 2018 for enhancing personal data protection. Even though GDPR leads toward many advantages for the data subjects it turned out to be a significant challenge. Organizations need to implement long and complex changes to become GDPR compliant. Data subjects are empowered with new rights, which, however, they need to become aware of. GDPR compliance is a challenging matter for the relevant stakeholders calls for a software platform that can support their needs. The aim of data governance for supporting GDPR (DEFeND) EU project is to deliver such a platform. The purpose of this paper is to describe the process, within the DEFeND EU project, for eliciting and analyzing requirements for such a complex platform.

The platform needs to satisfy legal and privacy requirements and provide functionalities that data controllers request for supporting GDPR compliance. Further, it needs to satisfy acceptance requirements, for assuring that its users will embrace and use the platform. In this paper, the authors describe the methodology for eliciting and analyzing requirements for such a complex platform, by analyzing data attained by stakeholders from different sectors.

The findings provide the process for the DEFeND platform requirements’ elicitation and an indicative sample of those. The authors also describe the implementation of a secondary process for consolidating the elicited requirements into a consistent set of platform requirements.

The proposed software engineering methodology and data collection tools (i.e. questionnaires) are expected to have a significant impact for software engineers in academia and industry.

It is reported repeatedly that data controllers face difficulties in complying with the GDPR. The study aims to offer mechanisms and tools that can assist organizations to comply with the GDPR, thus, offering a significant boost toward the European personal data protection objectives.

This is the first paper, according to the best of the authors’ knowledge, to provide software requirements for a GDPR compliance platform, including multiple perspectives.

To present a new methodology for incorporating privacy requirements into the system design process called PriS, and describe its applicability in the e‐VOTE system for presenting methodology's way‐of‐working.

PriS is a requirement engineering methodology focused on privacy issues. It provides a set of concepts for modelling privacy requirements (anonymity, pseudonymity, unlinkability and unobservability) in the organisation domain and a systematic way‐of‐working for translating these requirements into system models. The conceptual model used in PriS is based on the Enterprise Knowledge Development (EKD) framework. PriS models privacy requirements as a special type of goal.

Based on the analysis of a number of well‐known privacy‐enhancing technologies as well as of existing security requirement engineering methodologies, this paper pinpoints the gap between system design methodologies and technological solutions. To this end, PriS is suggested, with a view to providing a methodological framework for matching privacy‐related requirements with the proper implementation techniques.

This paper proposes a new methodology for addressing privacy requirements during the design process. It guides developers to choose the most appropriate implementation techniques for realising the identified privacy issues. PriS methodology has a high degree of applicability on Internet systems that wish to provide services that ensure users privacy, such as anonymous browsing, untraceable transactions, etc.

Concerns over data-processing activities that may lead to privacy violations or harms have motivated the development of legal frameworks and standards. Further, software engineers are increasingly expected to develop and maintain privacy-aware systems that both comply with such frameworks and standards and meet reasonable expectations of privacy. This paper aims to facilitate reasoning about privacy compliance, from legal frameworks and standards, with a view to providing necessary technical assurances.

The authors show how the standard extension mechanisms of the UML meta-model might be used to specify and represent data-processing activities in a way that is amenable to privacy compliance checking and assurance.

The authors demonstrate the usefulness and applicability of the extension mechanisms in specifying key aspects of privacy principles as assumptions and requirements, as well as in providing criteria for the evaluation of these aspects to assess whether the model meets these requirements.

First, the authors show how key aspects of abstract privacy principles can be modelled using stereotypes and tagged values as privacy assumptions and requirements. Second, the authors show how compliance with these principles can be assured via constraints that establish rules for the evaluation of these requirements.

Most developed countries have enacted privacy laws to govern the collection and use of personal information (PI) as a response to the increased misuse of PI. Yet, these laws rely heavily on the concept of informational self-determination through the “notice” and “consent” models, which is deeply flawed. This study aims at tackling these flaws achieve the full potential of these privacy laws.

The author critically reviews the concept of informational self-determination through the “notice” and “consent” model identifying its main flaws and how they can be tackled.

Existing approaches present interesting ideas and useful techniques that focus on tackling some specific problems of informational self-determination but fail short in proposing a comprehensive solution that tackles the essence of the overall problem.

This study introduces a model for informed consent, a proposed architecture that aims at empowering individuals (data subjects) to take an active role in the protection of their PI by simplifying the informed consent transaction without reducing its effectiveness, and an ontology that can partially realize the proposed architecture.

In the Web 2.0 era, users massively communicate through social networking services (SNS), often under false expectations that their communications and personal data are private. This paper aims to analyze privacy requirements of personal communications over a public medium.

This paper systematically analyzes SNS services as communication models and considers privacy as an attribute of users’ communication. A privacy threat analysis for each communication model is performed, based on misuse scenarios, to elicit privacy requirements per communication type.

This paper identifies all communication attributes and privacy threats and provides a comprehensive list of privacy requirements concerning all stakeholders: platform providers, users and third parties.

Elicitation of privacy requirements focuses on the protection of both the communication’s message and metadata and takes into account the public–private character of the medium (SNS platform). The paper proposes a model of SNS functionality as communication patterns, along with a method to analyze privacy threats. Moreover, a comprehensive set of privacy requirements for SNS designers, third parties and users involved in SNS is identified, including voluntary sharing of personal data, the role of the SNS platforms and the various types of communications instantiating in SNS.

The purpose of this paper is to advocate for and provide guidance for the development of a code of ethical conduct surrounding online privacy policies, including those concerning data mining. The hope is that this research generates thoughtful discussion on the issue of how to make data mining more effective for the business stakeholder while at the same time making it a process done in an ethical way that remains effective for the consumer. The recognition of the privacy rights of data mining subjects is paramount within this discussion.

The authors derive foundational principles for ethical data mining. First, philosophical literature on moral principles is used as the theoretical foundation. Then, using existing frameworks, including legislation and regulations from a range of jurisdictions, a compilation of foundational principles was derived. This compilation was then evaluated and honed through the integration of stakeholder perspective and the assimilation of moral and philosophical precepts. Evaluating a sample of privacy policies hints that current practice does not meet the proposed principles, indicating a need for changes in the way data mining is performed.

A comprehensive framework for the development a contemporary code of conduct and proposed ethical practices for online data mining was constructed.

This paper provides a configuration upon which a code of ethical conduct for performing data mining, tailored to meet the particular needs of any organization, can be designed.

The implications of data mining, and a code of ethical conduct regulating it, are far-reaching. Implementation of such principles serve to improve consumer and stakeholder confidence, ensure the enduring compliance of data providers and the integrity of its collectors, and foster confidence in the security of data mining.

Existing legal mandates alone are insufficient to properly regulate data mining, therefore supplemental reference to ethical considerations and stakeholder interest is required. The adoption of a functional code of general application is essential to address the increasing proliferation of apprehension regarding online privacy.

The purpose of this paper is to extend PriS (privacy safeguard), a privacy requirements engineering method for eliciting and modelling privacy requirements during system design, with the addition of privacy-aware cloud-based concepts to assist analysts to reason and model about privacy in cloud environments.

An analysis of previous findings on the file of cloud privacy based on previous work has been conducted and a set of privacy-related concepts that need to be considered during privacy analysis for cloud-based systems have been revealed. These concepts were used for extending the conceptual model of PriS.

The main finding of the paper is the design of a new, novel conceptual model that assists analysts and designers in reasoning about privacy in cloud environments. A new template using the JSON (Javascript notation object) format has been introduced for better expressing the privacy requirements along with the related concepts presented through the conceptual model, thus letting the developers to better understand the findings during the design stage and better guide them to the implementation of the respective solution.

The design of a cloud-based process that will guide analysts in detail for eliciting and modelling the identified privacy-related requirements is the limitation and in parallel the next step of the specific work presented here.

The conceptual model has been applied on a real case scenario regarding its efficiency on capturing and mapping all necessary concepts for assisting analysts proceed with the design of the privacy-aware system. The results were positive, all concepts were easy to use and totally understandable from the design team and the stakeholders and the use of the JSON template received very positive comments, especially from the developer’s team.

The paper presents a novel conceptual model for reasoning about privacy requirements in the cloud. The applicability of the proposed model has also been tested on a real case study.