Výběr uchazečů o zaměstnání / The selection of job seekers

Rychlíková, Anika

January 2019

The selection of job seekers Anika Rychlíková This diploma thesis deals with the topic of selection of job seekers from the point of view of personnel management as well as from the point of view of the related legislation. From the point of view of the legislation, the thesis focuses not only on the general regulation of relations before the relationships under the labour law, but also on the two most essential legal aspects of selection of job seekers that are the right to equality and non-discrimination and the protection of personal data. The main goal of this thesis is to present complex view on the topic of selection of job seekers in the context of personnel management principles and values and the legislation thereof. Another goal is to point out the shortcomings of current legislation and introduce the proposals for its elimination. The thesis uses the method of description and analysis and elaborates on the application of legal norms in the personnel management praxis. On the basis of such methods the author evaluates effective legislation, points out the most problematic provisions and suggests their alternations de lege ferenda. Formally, the thesis is divided into five main chapters. The aim of the first chapter is to set the process of selection of job seekers into the context of...

DATASKYDDSFÖRORDNINGEN OCH DEN PERSONLIGA INTEGRITETEN : EN KVALITATIV INTERVJUSTUDIE OCH UTVÄRDERING AV DATASKYDDSFÖRORDNINGENS SYFTE.

Ståhl, Albin

January 2020

Dataskyddsförordningen, även kallad GDPR, introducerades år 2016 med spekulationer kring vilka påtagliga förändringar och upplevelser som förordningen skulle komma att ha. Dessa spekulationer är något som ej varit möjliga att konkretisera förrän nu, 2 år efter förordningen trädde i kraft, vilket möjliggör en uppföljning av förordningen för säkerställandet av dess behövlighet. Syftet med studien var således att undersöka GDPR för att se om lagstiftningen upplevs upprätthålla sitt syfte, att förstärka den personliga integriteten. Detta gjordes genom en kvalitativ intervjustudie med anställda inom verksamheter som stöter på GDPR i sin personuppgiftsbehandling. Resultatet visade på att en stor del av de intervjuade menar att lagstiftningen till en viss grad, har insatser som påverkar den personliga integriteten på ett positivt sätt. Förordningen kommer dock inte utan en kostnad. Den kan upplevas som något som resulterat i en högre grad av oklarheter och ytterligare komplexitet och skyldigheter för de anställda inom myndighet- och verksamhetsvärlden. / The General Data Protection Regulation also known as GDPR, was introduced during 2016 with differing predictions on the outcome and aftermath of its implementation. It has been roughly two years since the regulation was first introduced and it is now that the evaluation process of its necessity is feasible. Hence the primary purpose of this study was to evaluate whether GDPR is perceived to fulfill its weighty goal of strengthening the integrity of personal data. This was done through interviewing employees of authorities and agencies that deal with GDPR when processing personal information. What the results of this study has shown is that a large portion of the interviewees say that the regulation has efforts that, to a degree, positively affects the integrity of personal data. This however comes at a cost. A higher degree of perceived obscurity, shallow complexity and additional duties to be carried out by the employees within their respective authority.

Integrity

GDPR

Data

Personal data

Evaluation.

Data

Dataskyddsförordningen

GDPR

Personlig integritet

Personuppgifter.

Political Science

Statsvetenskap

Permission Marketing : A Systematic Literature Review: Future Research Agenda and Policy Recommendations

Schneider, Hannah, Dana, Jetesa

January 2022

Purpose: The purpose of this thesis was to conduct a systematic literature review in the domain of permission marketing to provide a comprehensive future research agenda and policy recommendations. Design/methodology/approach: This research paper worked with a systematic literature review as a method, where articles will be selected, screened, reviewed, and synthesized. In total, the review included 61 studies. This study developed a detailed future research agenda in the form of the TCCM framework that can be followed to further explore the domain. Findings: Consistent throughout the literature has been that certain underlying factors have a crucial influence on the domain of permission marketing. Those factors include trust, transparency, control, and privacy concerns affecting the consent giving which then affects the permission marketing. Ultimately, these aspects led to considering the field from an ethical perspective and thus, guided the development of policy recommendations including ethical considerations where the perspectives of consumers and company were highlighted. Research limitations/implications: The conceptual model developed within this research paper was solely developed based on the gathered synthesized literature due to the time frame limitations. Future researchers are encouraged to validate the findings empirically. Furthermore, the researchers have developed a detailed future research agenda in the form of the TCCM framework that can be followed to further explore the domain. Practical implications: Reviewing the literature has led to the conclusion that policymaking is in need of some additions and improvements. Thus, the paper provides policy-making implications for practitioners from both an organizational standpoint, as well as a governmental one. Originality: The originality of this thesis is that it conducts a systematic summary and analysis of accessible field knowledge in order to provide a comprehensive overview of permission marketing antecedents, which was priorly lacking in the domain. Through the lenses of a systematic literature review, the outcomes of the thesis provide guidance as to the unique value proposition. To the best of the researcher's knowledge, this research is the only one that incorporates the method of systematic literature review within the domain and time frame of 15-01-2022 to 15-04-2022. Keywords: Permission Marketing, Privacy Concerns, Ethical Marketing, Trust, Transparency, Control, Consent, Personal Data Paper type: Systematic Literature review (SLR)

Permission Marketing

Privacy Concerns

Ethical Marketing

Trust

Transparency

Control

Consent

Personal Data

Business Administration

Företagsekonomi

Cookies, cookies everywhere! : A qualitative interview study about how internet users interact with cookie consent notices / Cookies, cookies överallt! : En kvalitativ intervjustudie om hur internetanvändare interagerar med samtyckesrutor

Hofstad, Niklas, Lundqvist, Anton

January 2021

The purpose of this study is to examine what reasons internet users have for accepting, declining, or adjusting cookie settings. The study’s research question is: what reasons do Internet users have for accepting, declining, or adjusting cookie settings? To answer the research question, we constructed three research support questions: 1) how do internet users access the internet?, 2) What are internet users’ perspectives on privacy on the internet?, 3) How do internet users interact with cookie consent notices? The study’s theoretical framework consists of informed consent, contextual integrity, nudging, and political economy. We conducted semi-structured interviews in order to get a deeper understanding of the internet users’ experiences with cookie consent notices. We analyzed the material through thematic coding. Due to the Covid19 pandemic, all interviews were conducted through Zoom. The sample consisted of eight media and communication students at Karlstad University. There were four key findings: 1) The interviewees in our study accessed the internet primarily via applications on their smartphones. 2) There were mixed opinions about who has the greatest responsibility for private citizens’ privacy on the internet. Although many thought that the individual bears most of the responsibility, a majority thought there is a need for more governmental regulation regarding collecting and processing private data. 3) All interviewees thought cookie consent notices are an excellent tool for protecting one’s privacy, but none of them adjusted the cookie settings regularly when prompted by cookie consent notices. 4) The reasons why the interviewees accept cookies without adjusting cookie settings varied. Habits and annoyance were key factors.  The current climate where notice and choice is the de facto privacy measure for internet users is not sustainable. In conclusion, legislators and policymakers should focus on regulating how personal data is processed rather than pushing the responsibility of safeguarding personal data onto the users.

Cookie

Consent

GDPR

Informed

Personal data

Privacy

Media and Communications

Medie- och kommunikationsvetenskap

GDPR - Are We Ready? A Comparative and Explorative Study of the Changes in Personal Data Privacy and Its Impact on ICT Companies

Therése Nielsen, Johannes Wind

January 2018

Personlig data genomsyrar hela vårt samhälle och hanteras digitalt via informationsteknologi. Detta försvårar för individer att ha kontroll över den personliga data som hanteras av företag. Den 25 maj 2018 ersätts den svenska Personuppgiftslagen (PuL) med den nya Dataskyddsförordningen GDPR. Förordningen är utformad för att sätta en enhetlig standard gällande hur vi samlar in, hanterar och delar europeiska medborgares personliga data. Den här forskningen är uppdelad i två steg. I det första steget genomförs en komparativ undersökning av de två lagtexterna för att identifiera de nya lagkraven som Dataskyddsförordningen medför. I det andra steget används resultatet från den komparativa jämförelsen som grund för en explorativ undersökning av hur ICT-företag förbereder sig inför de nya lagkraven. Vårt resultat visar att de deltagande ICT-företagen förbereder sig genom att implementera nya processer och åtgärder för att följa förordningen. Inga av de deltagande företagen är vid tiden av denna undersökning fullständigt kompatibla med de krav den nya förordningen ställer. Vår forskning visar att svårigheterna med att bli fullständigt kompatibel ligger i bristen på resurser och tvetydigheten i tolkningen av förordningen. / Personal data flows through our entire society in the shape of technological processing. This makes it difficult for individuals to have control over their personal data being processed by companies. On the 25th of May 2018 the Swedish Personal Data Act (PuL) is replaced by the General Data Protection Regulation (GDPR). The regulation is designed to set a uniform standard with regards to the way we collect, use and share personal data of European citizens. This research uses a two-step research approach. The first step is to perform a comparative legal research to identify the new requirements that comes with the upcoming Regulation in relation to the current Swedish legislation. The second step is to use the findings of the comparative legal research as a foundation for an explorative survey of how ICT companies are preparing for the new requirements of the GDPR. Our result shows that the participating ICT companies are preparing by implementing new processes and measures in order to comply with the Regulation. Additionally, all of the participating companies are at the time of our research not fully compliant with the Regulation. Our research concludes that the difficulties in achieving full compliance lies in the lack of resources and ambiguities of the interpretation of the Regulation.

GDPR

PuL

Personal Data

Privacy Protection

GDPR-compliance

ICT Companies

Engineering and Technology

Teknik och teknologier

Tekniska krav från GDPR : <em data-stringify-type="italic">Vad som krävs av en applikation som hanterar och samlar in samtycken för att tekniskt uppfylla kraven från GDPR / Technical requirements from GDPR

Amberman, Madelene, Johansson, Andreas

January 2020

Personuppgiftshantering inom EU regleras av General Protection Data Regulation, GDPR, den är till för att skydda en persons integritet samtidigt som det fria flödet av data mellan medlemsländerna ska upprätthållas. Företag och organisationer idag lägger mycket resurser på en manuell hantering av personuppgifter, som skulle kunna läggas på andra värdeskapande aktiviteter om denna process var mer automatiserad. Därför har vi utfört en studie hos Meriworks, där deras system, Imagevault, hanterar bilder och samtycken i ett manuellt flöde. Genom intervjuer av organisationer som använder detta system samt en litteraturstudie på GDPR, sammanställdes krav för vad som ställs av en applikation som hanterar samtycken och personuppgifter, både ur ett tekniskt och användarperspektiv. Utifrån dessa krav tog vi fram ett tekniskt lösningsförslag som skulle kunna ersätta den manuella processen i vår fallstudie. Vår lista över de tekniska krav som GDPR ställer, är generell och kommer kunna användas som riktlinjer för fall även utanför denna studie. / Privacy Policies within EU is regulated by General Protection Data Regulation, GDPR, it exists to protect a person's integrity while maintaining the free flow of data between its members. Companies and organizations today put a lot of resources on manual handling of personal data, that could be used for more value-adding activities if this process had a more automated flow. Hence we are going to do a case study at Meriworks, they have a system, Imagevault, that handles images and consents in a manual process. By interviewing some of the organizations that uses this system and a literature study of GDPR, we compiled the requirements for an application that handles consents and personal data, from both a technical and user perspective. Using these requirements, we created a technical solution proposal, that is meant to replace the current manual process in our case study. Our list of technical requirements from GDPR is generic and can be used as guidelines for cases beyond this paper.

GDPR

Technical requirements

Digitalization

Handling of Personal data

GDPR

Tekniska krav

Digitalisering

Personuppgiftshantering

Computer Sciences

Datavetenskap (datalogi)

Ochrana osobnosti a osobních údajů v pracovněprávních vztazích / Personality and personal data protection in employment law relationships

Zahradníček, Jaroslav

January 2019

Personality and personal data protection in employment law relationships This dissertation deals with the topic of personality and personal data protection in employment law relationships. This is a very topical subject, as the development of information technology has made it easier for employers to infringe on their employees' privacy. Today, the widespread use of information technology and the related process automation in the workplace makes it easy to monitor employee performance, to track when an employee takes a break and how long it lasts, to monitor how the employee cooperates with other employees, and how the employee uses entrusted resources. Apart from that, a new regulation on personal data protection has also recently contributed to the popularity of the topic: the adoption of the General Data Protection Regulation (GDPR). Although this regulation does not bring many new legal rules compared to the previous legislation, it severely and significantly toughens the penalties for violating the rules. This dissertation is divided into 4 parts. The first part deals with the legal framework and legal sources of the analysed topic and further describes the general basis for examining the personality protection, including privacy protection, and the protection of personal data, which is...

Rigorous and Flexible Privacy Protection Framework for Utilizing Personal Spatiotemporal Data / 個人時空間データ利活用のための厳密で柔軟なプライバシ保護フレムワーク

Yang, Cao

23 March 2017

京都大学 / 0048 / 新制・課程博士 / 博士(情報学) / 甲第20508号 / 情博第636号 / 新制||情||110(附属図書館) / 京都大学大学院情報学研究科社会情報学専攻 / (主査)教授 吉川 正俊, 教授 田中 克己, 教授 岡部 寿男 / 学位規則第4条第1項該当 / Doctor of Informatics / Kyoto University / DFAM

Differential Privacy

Privacy Preserving Data Publishing

Spatiotemporal data

Personal Data

007

Ochrana osobních údajů před vznikem a při vzniku pracovního poměru / Personal data protection before and during the establishment of the employment relationship

Adámek, Jan

January 2021

Personal data protection before and during the establishment of the employment relationship The diploma thesis is devoted to personal data protection before and during the establishment of the employment relationship. The objective of this thesis is to outline the personal data protection in the context of the employment relationship establishment, to give a comprehensive overview of its legislation in particular, describe the basic terms and principles relating to this subject matter and specify the most important rights and obligations regarding both stages of the employment relationship establishment. The basis for the thesis is primarily the legislation of the General Data Protection Regulation and Personal Data Processing Act 2019 (No. 110/2019 Coll.). The diploma thesis is divided into four chapters. The historical events with a significant influence on the personal data protection development are described in the first chapter. This chapter also explains the concept of a right to privacy and separation of the right to protection of personal data from it. The second chapter deals with personal data protection legislation on the international level, as well as EU level and national level. The third chapter defines selected fundamental terms relating to personal data protection, particularly...

OODOOLL : Exploring the Potential of Data Physicalisations to Increase Awareness and Control of Personal Data Privacy

Skavron, Sarah

January 2023

Through online activities, we produce a large amount of personal data traces every day. Many people acknowledge the significance of protecting personal data online but they might not act accordingly. This thesis project seeks to make these often hidden traces visible and thus understandable through a data physicalisation. This is to increase awareness and knowledge as well as spark reflection on how and if certain data should be protected. Six design activities with a focus on the active involvement of participants were conducted to create the concept of “OODOOLL”, a reversed voodoo doll that has the purpose of protecting users from any potential harm in relation to online activity and sparking reflection around the topic of data privacy. While some of the potentials of a data physicalisation, such as initiating conversations or increased levels of self-reflection, could be realised, there were several limitations to the concept, i.e. technical limitations or breaking down the complexity of aggregated data use. Especially in terms of the increased use of digital devices and the rise of emerging technologies, it is important for general users but also for interaction designers to be aware and have an understanding of data collection, data use and data protection.

Data Physicalisations

data security

personal data

empowerment

interaction design

Human Computer Interaction