A review of information privacy laws and standards for secure digital ecosystems

Anwar, Memoona J.; Gill, Asif Qumer; Beydoun, Ghassan

doi:10.5130/acis2018.bb

Cited by 7 publications

(4 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In contrast, work specifically addressing digital ecosystems is thus far limited. Anwar et al [2] conducted a review of international laws, regulations, and standards to identify and sort aspects related to (1) the protection of individuals' privacy, (2) guarantees to be made about the processing, (3) measures to be taken for the handling of information, and (4) consequences for technical implementation. Kira et al [13] address the problem that digital ecosystems must comply with both competition policy and privacy law.…”

Section: Related Workmentioning

confidence: 99%

Data Protection Officers’ Perspectives on Privacy Challenges in Digital Ecosystems

Wiefling¹,

Tolsdorf²,

Iacono³

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Digital ecosystems are driving the digital transformation of business models. Meanwhile, the associated processing of personal data within these complex systems poses challenges to the protection of individual privacy. In this paper, we explore these challenges from the perspective of digital ecosystems' platform providers. To this end, we present the results of an interview study with seven data protection officers representing a total of 12 digital ecosystems in Germany. We identified current and future challenges for the implementation of data protection requirements, covering issues on legal obligations and data subject rights. Our results support stakeholders involved in the implementation of privacy protection measures in digital ecosystems, and form the foundation for future privacy-related studies tailored to the specifics of digital ecosystems.

show abstract

Section: Related Workmentioning

confidence: 99%

Data Protection Officers’ Perspectives on Privacy Challenges in Digital Ecosystems

Wiefling¹,

Tolsdorf²,

Iacono³

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…In this scenario, studies, medical images, and electronic health records of the patient must be shared with the corresponding specialist to provide her with the tools for the diagnosis. Moreover, due to health data management laws [154], [155], the studies not only must be ensured by continuity schemes to fulfill NFRs but also must be stored for a large period.…”

Section: E Scenario Iv: Health Iot Data In Edge-fog-cloud Computing mentioning

confidence: 99%

On the Continuous Processing of Health Data in Edge-Fog-Cloud Computing by Using Micro/Nanoservice Composition

et al. 2020

View full text Add to dashboard Cite

The edge, the fog, the cloud, and even the end-user's devices play a key role in the management of the health sensitive content/data lifecycle. However, the creation and management of solutions including multiple applications executed by multiple users in multiple environments (edge, the fog, and the cloud) to process multiple health repositories that, at the same time, fulfilling non-functional requirements (NFRs) represents a complex challenge for health care organizations. This paper presents the design, development, and implementation of an architectural model to create, on-demand, edge-fog-cloud processing structures to continuously handle big health data and, at the same time, to execute services for fulfilling NFRs. In this model, constructive and modular blocks, implemented as microservices and nanoservices, are recursively interconnected to create edge-fog-cloud processing structures as infrastructureagnostic services. Continuity schemes create dataflows through the blocks of edge-fog-cloud structures and enforce, in an implicit manner, the fulfillment of NFRs for data arriving and departing to/from each block of each edge-fog-cloud structure. To show the feasibility of this model, a prototype was built using this model, which was evaluated in a case study based on the processing of health data for supporting critical decision-making procedures in remote patient monitoring. This study considered scenarios where end-users and medical staff received insights discovered when processing electrocardiograms (ECGs) produced by sensors in wireless IoT devices as well as where physicians received patient records (spirometry studies, ECGs and tomography images) and warnings raised when online analyzing and identifying anomalies in the analyzed ECG data. A scenario where organizations manage multiple simultaneous each edge-fog-cloud structure for processing of health data and contents delivered to internal and external staff was also studied. The evaluation of these scenarios showed the feasibility of applying this model to the building of solutions interconnecting multiple services/applications managing big health data through different environments. INDEX TERMS Big health data, edge-fog-cloud, health-IoT processing, Internet of Things, microservice architecture.

show abstract

“…However, they do not discuss which aspects of privacy should be covered by each dimension. Anwar et al (2018) found commonalities between privacy laws and standards, but noted differences in nature and scope which require further investigation. Martín et al (2014) highlighted a lack of technical privacy requirements and criticized disagreement between high-level privacy principles.…”

Section: Introductionmentioning

confidence: 93%

“…This paves the way for far more intrusive personal privacy violations, and its consequences are unforeseeable, endangering the privacy of individuals more than never before (Solove, 2002). Interestingly, more than 100 years after the Warren and Brandeis era and even after the 'cybernetic revolution' of the 1970s (Miller, 1969), the invention of the internet in the 1990s and today's multimedia world, lawyers, scientists and practitioners have still failed to reach an agreement on a blueprint for the principles of data protection (Anwar et al, 2018;Martín et al, 2014;Nissenbaum, 2015). One thing, however, is sure: What we can learn from former generations is to take invasion of privacy seriously (Barbas, 2012;Gavison 1992).…”

Section: The Right To Be Left Alonementioning

confidence: 99%

Data, data and even more data : empowering users to make well-informed decisions about online privacy

Barth¹

View full text Add to dashboard Cite

particular context and focusing on actual use of data and intended outcomes of data gathering might prove successful. To date, the balance between granularity and generalization of contexts remains unresolved (Solove, 2002). However, regulations specifying concrete conditions for processing personal data "are the decisive test for discerning whether [or not] society is aware of this price and willing to pay it. If the signs of experience are correct, this payment can be delayed no further" (Simitis, 1987; p. 746). Beyond access control and authentication:A technical perspective on information privacy "Computers constantly produce data. It's their input and output, but it's also a by-product of everything they do…they sense and record more than you're aware of" (Schneier, 2015, p. 15).The era of big data and unprecedented interconnectivity has allowed companies to amass datasets containing incredible amounts of personal information. By recording, storing, tracking and linking events over time, computers are able to identify patterns and gain insights into the individual preferences, interests or personal characteristics of users. As a result, behavioral tracking-and the profiling it makes possible-stand to become one of the most serious threats to privacy ever known.Techniques such as browser cookies and tracking 'pixels' allow monitoring the behavior of individual users across the internet. Cookies were designed to allow websites to recognize visitors to provide features such as automatic login, shopping carts, language settings, or saving preferences. However, advertising companies are increasingly using this technology on a large scale to record the activity of users across a large number of websites (Castelluccia, 2012;Nikiforakis et al., 2013). They do so by asking website owners to insert a small script (also known as a 'tracking pixel') into their pages in exchange for usage statistics. This allows advertising companies to create surprisingly accurate profiles of individuals based on their online behavior, potentially including information they might not even be aware of themselves (Gutwirth & Hildebrandt, 2008). These profiles are usually used to target ads, but they are also sold and shared, enabling discrimination and manipulation (Lyon, 2003;Zarsky, 2019). This kind of tracking is often invisible to users. Even if cookies are disabled or blocked, 'fingerprinting' allows tracking scripts to identify individuals based on specific configurations that are unique to the browser. This allows tracking users between 24 | Chapter 1 2 The privacy paradox -Investigating discrepancies between expressed privacy concerns and actual online behavior -A systematic literature review Barth, S., & De Jong, M. D. T. (2017). The privacy paradox -Investigating discrepancies between expressed privacy concerns and actual online behavior -A systematic literature review.

show abstract

A review of information privacy laws and standards for secure digital ecosystems

Cited by 7 publications

References 5 publications

Data Protection Officers’ Perspectives on Privacy Challenges in Digital Ecosystems

Data Protection Officers’ Perspectives on Privacy Challenges in Digital Ecosystems

On the Continuous Processing of Health Data in Edge-Fog-Cloud Computing by Using Micro/Nanoservice Composition

Data, data and even more data : empowering users to make well-informed decisions about online privacy

Contact Info

Product

Resources

About