Personuppgifter, risker och möjligheter : En utforskande studie av intresset för insyn i och kontroll över personuppgifters spridning

Josborg, Louise

January 2021

Personuppgifter sprids idag relativt fritt via användning av digitala tjänster och plattformar. De används bland annat som handelsvara för företag, som underlag för verksamhetsutveckling av myndigheter och som empiri i forskningsstudier. Fördelarna med att samla stora mängder personuppgifter är många, både för individen och samhället. Samtidigt finns både potentiella och verkliga risker med spridningen och användningen av personuppgifter, som att de möjliggör diskriminering och integritetskränkande profilering. I den här studien undersöks intresset för att ha större insyn i och kontroll över personuppgifter som finns hos myndigheter och företag. Metoden som används är en enkätundersökning och ett antal djupintervjuer. I resultatet av undersökningen presenteras fem teman, som tillsammans beskriver en nutidsbild av intresset för insyn i och kontroll över personuppgifter och kontexten kring intresset. Dessa teman är: Stort intresse för insyn i och kontroll över personuppgifter, Kunskapen om personuppgifter behöver höjas, högre förtroende för myndigheters hantering av personuppgifter än för företags, vilja att få betalt för sina personuppgifter, och splittrad inställning till användning av personuppgifter inom forskning utan medgivande. Analysprocessen består av tre steg. I det första steget fördjupas förståelsen för resultatets teman genom att de relateras till tidigare forskning. I det andra steget relateras varje tema till modellen Technology Acceptance Model (TAM), och i det tredje steget formuleras förutsättningar för designen av en digital tjänst med syfte att ge större insyn i och kontroll över personuppgifter som finns hos olika aktörer.

Personal data

digital design

digital service

Technology Acceptance Model

Personuppgifter

digital design

digital tjänst

Technology Acceptance Model

Information Systems, Social aspects

Anonymizace SPZ vozidel / Car Licence Plate Anonymization

Skřivánková, Barbora

January 2016

While browsing an online map server, continuous photographs of certain places can be browsed as well. When the map service takes pictures of a public space, there are some personal data captured as well (i.e. faces, car licence plates). The goal of this thesis is the design of automated car licence plates anonymization system, optimized for the Panorama service provided by the Seznam.cz a.s. corporation. In this thesis, the process of car licence plate anonymization is divided into two parts: the first one solves a detection of cars and the second solves a car licence plate localization in the selected image. The car detection is based on the deep neural network approach, the car licence plate localization is solved by using a fully connected neural network performing a regression task. The goal of this thesis is to get over the disadvantages of commercial solution used nowadays. These are false posititive results and high computational complexity. Results of this thesis are not as good as expected. The reason could be a dataset provided by Seznam.cz a.s. corporation, which seemed to be robust enough in the beginning, but in the end it showed up to be not suffice enough to train the neural network.

Dohled a ochrana osobních údajů / Surveillance and Personal Data Protection

Kohoutová, Jana

January 2017

This diploma thesis deals with the surveillance and private data protection. The first part brings into the focus the theoretical definition of surveillance and the areas in which it is applied. Important role in this thesis has also it's historical development. For example there will be introduced the historical resolution according to David Lyon to premodern, modern and postmodern surveillance, Michel Foucault's view on the surveillance of the state over it's citizens or society of control of Gilles Deleuze. The second part of this thesis will move to concepts as personal data and their protection. I will define what privacy and personal data means and what is it's value to each of us. This thesis will continue with current legal aspects not only in the Czech Republic but within whole European union. As the next important topic will follow the new regulation of European Union dealing with personal data, so called GDPR that comes into the force next year and it's possible benefits for contemporary situation. The result of this thesis is to provide the insight into the development of surveillance in the society and define it in the areas where it is implied but primarily find out to what extent is this surveillance entitled and where it's limits are. Another aim of this thesis is also to asses the...

Elektronický dohled v oblasti současného marketingu a spotřeby a využívaných strategií / Electronic surveillance of current marketing and consumption and its used strategies

Zamastilová, Lucie

January 2018

In my dissertation I will deal with the issue of surveillance, which is applied in the area of marketing, consumption and in connection with that in advertising. I will concentrate mainly on the current age and therefore on the electronic surveillance, so the history of the surveillance studies will not be dealt with in this thesis in more detail. The first part of the thesis will be theoretical focusing on the main theses and theories of the current surveillance authors, especially the issues of electronic surveillance. The next part of this thesis will focus on surveillance and surveillance techniques in marketing and consumption. In this part I will also build on the theories of contemporary authors discussing the surveillance topic in the commercial sphere, but I will try to complement the theoretical introduction of the issue with the specific functioning of this phenomenon in practice. The main aim of this thesis will mainly be an overview and comprehensive illumination of surveillance and control issues focusing on the field of marketing and consumption and also mapping its operation in practice. In this part, I will focus on the issue of electronic surveillance in terms of marketing strategies focusing on the application of surveillance on the Internet and particulary on social networks. I...

Modelo de referencia para la protección de datos personales en el sector microfinanciero peruano / Reference model for personal data protection in the Peruvian microfinance sector

Alejo Alarcón, Claudio Alfredo Aarón, Navarro Ruíz, Alan Jesús

30 November 2020

La protección de datos personales consiste en resguardar la información de las personas en todo su ciclo de vida dentro de una entidad y emplearla únicamente para los fines por los cuales fueron proporcionados. Todas las empresas se convierten en titulares de bancos de datos personales al poseer información de sus clientes, colaboradores y/o proveedores, ya sea empleando tecnologías de información para su tratamiento, o documentos y almacenes físicos. La aplicación de las medidas de seguridad adecuadas para la protección de datos personales es de gran importancia en las organizaciones, en especial, en uno de los sectores de mayor crecimiento como es el microfinanciero. De lo contrario, pone en riesgo los derechos y libertades de las personas, además de recibir costosas sanciones económicas. En la presente tesis, se propone un modelo de referencia que brinda un conjunto de medidas legales, organizativas y técnicas para proteger los datos personales custodiados por una entidad microfinanciera, garantizando su adecuado tratamiento a lo largo de su ciclo de vida. Estas medidas están basadas en la Ley 29733 y su reglamento, ISO 27001, COBIT 5, NIST 800-53 y CIS CSC. El modelo de referencia fue implementado en una Cooperativa peruana de ahorro y créditos donde se recopiló información relacionada al tratamiento de datos personales, se evaluó el nivel de protección de datos personales y se implementó un plan de mejora. El resultado de la implementación fue un incremento del 57% en el nivel de protección de datos personales, alcanzando así un 74%. / The protection of personal data consists of safeguarding the information of people throughout its life cycle within an entity and using it only for the purposes for which it was provided. All companies become owners of personal data banks by having information on their clients, collaborators and / or suppliers, either by using information technologies for their treatment, or documents and physical warehouses. The application of adequate security measures for the protection of personal data is of great importance in organizations, especially in one of the fastest growing sectors such as microfinance. Otherwise, it puts the rights and freedoms of people at risk, in addition to receiving costly financial penalties. In this thesis, a reference model is proposed that provides a set of legal, organizational and technical measures to protect the personal data kept by a microfinance entity, guaranteeing its adequate treatment throughout its life cycle. These measures are based on Law 29733 and its regulations, ISO 27001, COBIT 5, NIST 800-53 and CIS CSC. The reference model was implemented in a Peruvian savings and loan cooperative where information related to the processing of personal data was collected, the level of protection of personal data was evaluated and an improvement plan was implemented. The result of the implementation was a 57% increase in the level of protection of personal data, thus reaching 74%. / Tesis

Datos personales

Sector microfinanciero

Seguridad de la información

ISO 27001

Personal data

Microfinance

Information security

Porovnání úpravy ochrany osobních údajů dle zákona č.101/2000 Sb. a GDPR / Comparison of the protection of personal data protection pursuant to Act No.101/2000 Coll. and GDPR

Jankrlová, Šárka

January 2019

Comparison of the protection of personal data protection pursuant to Act No. 101/2000 Coll. and GDPR Abstract The diploma thesis deals with two legal regulations that are connected in time. Both these legislation issue of personal data protection. The first piece of legislation is Act No. 101/2000 Coll., On the protection of personal data (hereinafter the Act), which was the implementation of Directive 95/46 / EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals personal data and the free movement of such data. The second piece of legislation discussed is Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC ). The thesis is divided into thirteen chapters. First, it contains a brief historical development of the area of personal data protection worldwide and in the Czech Republic. In chapters 2 - 12, it gradually describes the institutes regulated by the law and the same intitutes regulated by the general regulation and compares in what the current legislation differs from the old regulation, or in what it remains the same. It also analyzes whether the specific changes...

Log In or Sign Up

Gunnarsson, Emil

January 2020

This thesis details the theoretical framework, methods, and results of the design project “Log In or Sign up”. The result of this project is an ebook sharing the same title. It consists of short stories and poems that revolve around digital surveillance and its effects on the self and society. The writings explore how the digital sur- veillance ecosystem affects our behavior and self-image in ways that we might not even realize. The context is our digital lives in a time where we rely more and more on the internet for our daily activities. The writings attempt to portray the emo- tions we go through while using digital platforms that are designed to extract our personal data. The stories and poems are presented in an interactive layout. Along with the aforementioned topics this thesis also addresses the responsibility of design in creating advanced digital surveillance methods created by companies such as Google, Facebook, Amazon, and Microsoft. For example, through the gami- fication of social media, deceptive presentation of data protection rights, and cura- tion of content for emotional effect.

Digital Surveillance

Visual Communication

Surveillance Economy

Capitalism

Economics

Privacy

Advertising

Personal Data

Social Media

Facebook

Google

Web tracking

Dark Patterns

Design

Design

Moderní technologie v medicíně a právo / Modern Technologies in Medicine and Law

Konečná, Klaudie

January 2020

Modern Technologies in Medicine and Law Abstract This thesis deals with the application of modern technologies in medicine from the perspective of law. The primary aim of this work is to analyse the given provisions of the Civil Code, Act on Health Services and Act on Medical Devices, and also to determine whether the current legislation represents a suitable legal framework able to respond to the implementation of modern technology in the healthcare sector. In connection with this analysis, author presents possibilities of legislative changes that would respond to these modern technologies. The work inter alia deals with the question of whether the use of some of these technologies within the provision of healthcare services can be considered compliant with the principle of lege artis. In the first chapter, the reader is introduced to the topic of the thesis. This chapter defines the basic terms and presents an overview of the legislation related to the chosen topic. The second chapter represents a main part of the thesis, where author deals with the topic of artificial intelligence. In this chapter, the reader is acquainted with the term of artificial intelligence and the definition of its legal status. Subsequently, author evaluates whether the current legislation constitutes appropriate legal frameworks...

Sledování zaměstnanců v kontextu Obecného nařízení o ochraně osobních údajů / Monitoring of employees in context of General Data Protection Regulation

Röslerová, Karolína

January 2020

1 Monitoring of employees in context of General Data Protection Regulation Abstract This diploma thesis focuses on the supervision and monitoring of employees from multiple perspectives. Based on the relevant European and national caselaw the thesis specifies whether employees shall have right to the protection of their privacy and integrity at the workplace. Thesis also analyses selected aspects of personal data protection with emphasis on personal data of employees as data subjects processed by employers as controllers. In particular attention is devoted to selected obligations, which arises from General Data Protection Regulation for such personal data processing in the light of relevant statements and guidelines provided by the European Data Protection Board, Article 29 Data Protection Working Party and the Office for Personal Data Protection. Thesis in detail addresses the supervision of employees carried out by § 316 of the Labour code, whereas interprets its provisions as well as conditions for establishing the supervision of employees arising from such interpretation. Classification of the provisions of the § 316 paragraph 1 to 3 and their interdependencies are further outlined. Thesis defines monitoring as one way to carry out supervision under paragraph 2 through the analysis of the term...

Applikation för administration av samfällighet / Application for administration of community association

Johansson, Andreas

January 2014

Dyviks samfällighet ligger i Nynäshamns kommun och består av totalt 86 fastigheter. Samfälligheten sköts av den samfällighetsförening som alla fastighetsägare är medlemmar i. Föreningen arbetar på ideell basis. Föreningens verkställande ledning, styrelsen, arbetar med att admini-strera föreningens medlemmar, fastigheter samt egendomar. Dessa administrativa arbetsuppgifter har utförts på ett manuellt och tidskrävande sätt. Styrelsen har därför efterfrågat ett digitaliserat system som kan utföra många administrativa uppgifter med en mer automatiserad metod och ökad pålitlighet. Projektets syfte har varit att ta fram ett sådant system för att effektivisera styrelsens administrativa arbetsuppgifter. Projektet har inneburit att genom arbetsmodellen CDIO ta fram en passande systemlösning som motsvarar de problemområden och krav som identifierades under projektet. Framtagandet av lösningen har berört alla moment såsom att analysera problemet genom en förstudie, designa och implementera systemet, testa det samt ta fram en plan för hur systemet ska produktionssättas. Varje krav och funktion har implementerats med en inkrementell arbetsprocess. Resultatet blev ett system med den nödvändigaste funktionaliteten implementerad. Systemet låter styrelsemedlemmarna administrera föreningens intressen (sektioner, båtplatser, medlemmar och fastigheter) samt generera rapporter och medlemmarnas fakturor. Projektet har även resulterat i en utvärdering av hur systemet ska behandla personuppgifter i enlighet med de juri-diska aspekter som existerar, exempelvis personuppgiftslagen, samt en grov ekonomisk driftplan. / Dyviks community is located in Nynäshamns municipality and consists of a total of 86 properties. The community is maintained by the community association that all property owners are members. The association works on a volunteer basis. The association’s executive managing instance, the board, works with administrating the association members, properties and estates. These administration tasks have been carried out in a manual and time-consuming manner. The board has therefore requested a digitalized system that can perform many of the administra-tion tasks with a more automated method and increased reliability. The project’s aim has been to develop a system to streamline the board’s administrative duties. The project has meant that with the working model CDIO design a fitting solution that meets the concerns and requirements identified during the project. The development of the solution has touched all aspects such as analyzing the problem through a pilot study, designing and implementing the system, testing it and developing a plan for how the system should be deployed. Each requirement and function has been implemented with an incremental working procedure. The result was a system with the most necessary functionality implemented. The system allows board members to administer the association's interests (sections, berths, members and properties) and generate reports and members' bills. The project has also resulted in an evaluation of how the system will process personal data in accordance with the legal issues that exist, such as the Data Protection Act, and a rough economic operation plan.

Community association

membership list

non-profit association

cloud service

Java

J2EE

Personal Data Act

Samfällighet

medlemsregister

ideell förening

molntjänst

Java

J2EE

personuppgiftslagen

Computer and Information Sciences

Data- och informationsvetenskap