Tutela normativa e jurisdicional da privacidade na internet: responsabilidades e medidas protetivas

Tenório, Caio Miachon

12 November 2013

Submitted by Nadir Basilio (nadirsb@uninove.br) on 2016-05-09T18:32:43Z No. of bitstreams: 1 Caio Miachon Tenorio.pdf: 889460 bytes, checksum: e61ef24fc9d93ea5b4160d4ed53483d1 (MD5) / Made available in DSpace on 2016-05-09T18:32:43Z (GMT). No. of bitstreams: 1 Caio Miachon Tenorio.pdf: 889460 bytes, checksum: e61ef24fc9d93ea5b4160d4ed53483d1 (MD5) Previous issue date: 2013-11-12 / After the invention of the internet, new legal situations arising from this revolutionary technological advancement shown to be important for the legal world. The World Wide Web, however, has not only brought a lot of benefits, but also brought harmful effects. Privacy was one of the main victims of this technology. On the other hand, the protection on the web, has its technical peculiarities, limited to the architecture of a decentralized system, which requires specific technical knowledge of the legal system, as a way of getting a effectively protective measure in order to safeguard the privacy of the individual. The lack of internet regulations, combined with the legal practitioners´ lack of knowledge, including herein the Judiciary itself, results in an unfair practical application to the relations between companies and web users, which does not collaborate with social appeasement. The purpose of this project is to present a list of normative and legal guardianship able to protect and preserve privacy in the information society, outlining the responsibilities of the main internet service providers and hoping to contribute to a more balanced and innovative web. / Com o surgimento da internet, novas situações jurídicas advindas deste revolucionário avanço tecnológico revelaram-se importantes para o direito. A rede mundial de computadores, todavia, não trouxe apenas benefícios. A privacidade foi uma das principais vítimas desta tecnologia. A tutela na rede mundial de computadores tem suas peculiaridades técnicas, condicionadas à arquitetura de um sistema descentralizado, que demanda conhecimentos técnicos específicos do sistema jurídico, como forma de obter uma medida protetiva eficiente capaz de salvaguardar a privacidade do indivíduo. A falta de regulamentação da internet, aliada à falta de conhecimento dos profissionais do direito, incluindo-se aí o próprio Poder Judiciário, resultam, por vezes, na aplicação de um direito prático injusto às relações entre empresas e usuários da web, que em nada colaboram à pacificação social. O presente trabalho tem como intuito apresentar um rol de tutelas normativas e jurisdicionais aptas a proteger e preservar a privacidade de maneira eficiente no âmbito cibernético, delimitando as responsabilidades dos principais provedores de serviço de internet, na esperança de contribuir para uma web mais equilibrada e inovadora.

Tutela da privacidade

provedor de internet

responsabilidade civil

marco civil

privacy protection

internet provider

civil liability

marco civil

CIENCIAS SOCIAIS APLICADAS::DIREITO

Ochrana soukromí v cloudu / Privacy protection in cloud

Chernikau, Ivan

January 2019

In the Master’s thesis were described privacy protection problems while using cloud technologies. Some of the problems can be solved with help of homomorphic encryption, data splitting or searchable encryption. These techniques were described and compared by provided security, privacy protection and efficiency. The data splitting technique was chosen and implemented in the C language. Afterwards a performance of the implemented solution was compared to AES encryption/decryption performance. An application for secured data storing in cloud was designed and implemented. This application is using the implemented data splitting technique and third-party application CloudCross. The designed application provides command line interface (CLI) and graphical user interface (GUI). GUI extends the capabilities of CLI with an ability to register cloud and with an autodetection of registered clouds. The process of uploading/downloading the data to/from cloud storage is transparent and it does not overload the user with technical details of used data splitting technique.

Ochrana citlivých informací na mobilních zařízení / Privacy Protection on Mobile Devives

Aron, Lukáš

Unknown Date

Tato práce analyzuje ochranu citlivých dat na mobilních zařízeních a představuje metodu pro ochranu těchto dat před možností úniku informaci ze zařízení. Ochrana se zaměřuje na využívání zařízení, jak pro osobní účely, tak i v pracovním prostředí. Koncept navrženého řešení je implementován ve formě prototypu. Model implementace je verifikován s modelem požadovaného chování. Součástí práce jsou experimenty s prototypem a experimenty zaměřené na verifikaci mezi danými modely.

GeoS: A Service for the Management of Geo-Social Information in a Distributed System

Anderson, Paul

18 May 2010

Applications and services that take advantage of social data usually infer social relationships using information produced only within their own context, using a greatly simplified representation of users' social data. We propose to combine social information from multiple sources into a directed and weighted social multigraph in order to enable novel socially-aware applications and services. We present GeoS, a geo-social data management service which implements a representative set of social inferences and can run on a decentralized system. We demonstrate GeoS' potential for social applications on a collection of social data that combines collocation information and Facebook friendship declarations from 100 students. We demonstrate its performance by testing it both on PlanetLab and a LAN with a realistic workload for a 1000 node graph.

Data Management

Peer-to-Peer Systems

Social Graph

Socially-Aware Applications

Privacy Protection

American Studies

Arts and Humanities

Factors Related to Users’ Awareness of Information Security on Social Network Service : The Case of WeChat

Shen, Han

January 2018

Recent trends in social network services (SNS) have taken the rates of personal information sharing, storage and processing to an unprecedented level, which yield both benefits and undesirable consequences for their users. SNS is being exploited by criminals to fraudulently obtain information from unsuspecting users. User’s awareness of privacy protection has been far left behind by the increasing and popularizing utilization of social network services (SNS), the privacy security problems will become one of the important factors influencing the healthy development of social network service industry. This study was designed to collect data and produce knowledge about the security awareness of WeChat users (i.e., randomly selected from all over China), their preferences and their experience of using WeChat while facing security issues as well as the perspectives of how people perceive a specific security problems, in order to find out what factors influence user's security awareness. In order to carefully conduct the research process and explain the empirical findings, seven principles of interpretive field research and protection motivation theory is adopted as core theoretical foundation. Participants were asked to provide information about and their personal views of questions from their different experience and value. Eight persons interviewed for our research and their responses confirmed our objectives of the study. As a result, six factors are indentified in related to WeChat user’s security awareness. PMT helps to explain and understand that how six indentified concepts influence behaviour intention and security awareness of user.

Social Networking Services

Cybercriminal

Security Awareness

Protection Motivation Theory

Personal Information

Privacy Protection

WeChat

China

Social Sciences

Samhällsvetenskap

Ochrana osobních údajů / Protection of personal data

Nutilová, Helena

January 2014

The primary aim of this dissertation thesis is to present a comprehensive analysis of the issue of personal data protection in the Czech Republic with regard to the regulation in the EU. The secondary goal of this work is to explore the historical genesis and material sources of the issue in question. The core information sources from which the thesis draws represent laws, judicial decisions, official documents and Czech/foreign expert literature. In order to achieve the objectives of the work, the methods that are generally applicable in the field of legal science were used. Therefore the method of description (including classification), analysis and synthesis is mostly applied. The dissertation consists of seven chapters. After a short introduction, it begins with a sociological treatise on the importance of the protection of personal data in the 21st century. Privacy is currently an important topic in the light of the rapid development of information and communication technologies which have been developing since the second half of the 20th century and burgeoned since the turn of the century. Technological innovations allow for the collection of personal data on a large scale. These privacy infringements can prove to be irreversible, hence the importance of this area of law. The personal data...

O Processo penal e a busca pela verdade

Ferreira, Rosana Miranda

29 March 2006

Made available in DSpace on 2016-04-26T20:23:55Z (GMT). No. of bitstreams: 1 Dissertacao Rosana Miranda Ferreira.pdf: 675636 bytes, checksum: 5495752d2e8bd4722a38bc7a635c12b7 (MD5) Previous issue date: 2006-03-29 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / In this paper we present the performance of the criminal proceeding as an instrument of search for the truth. To base our knowledge on the truth we search the philosophical approach, starting in Greece with Socrates, and finishing on native grounds with Miguel Reale, and in synthesis we describe as each one formulates the knowledge of the truth. For this, we present the truth in the process. We detach real truth as unattainable and impossible to reach, as well as to the president of criminal prosecution, rank that the gauging situation and circumstances, such and which had occurred, never will be obtained to reproduce. We appraise the truths: formal, material, procedural, by approximation and the probability pointing out the most modern trend of the search for certainty close to the judicial truth, this last one happened not of evidence but of a judgment being demarcated by justice primarily. We stress, however, the conquest of the truth, improbable for the criminal proceeding; the persistence in the search of the true reconstitution of the facts is a value that legitimizes the proper criminal persecution. From the presented historical synthesis we search to survey the way of the verification of the truth, ever since the most violent ways of the Inquisition until our days, where a civilian has to wait years for the federal reply. To illustrate the idea we present Franz Kafka, portraying in his workmanship somebody "Before the Law . When disserting the basic right of the access to justice we point out the supremacy of the principle of dignity of the human being, who also must be reflected in the process before the duty of the State "administer justice". We describe some notions of proof, the allegations, the responsibilities, and some of the obstacles inside of the proceeding that interpose as barriers for the search of the truth. We discuss the question of the determined judge to be able or have to evaluate all raised found evidences and even other ones he believes important to include. The decision, finally, emanated from free conviction through arguments and transparency in the briefings, represents the longed for and pursued truth, that exercises, likewise, a social function in the sense of accomplishing the right, applying ethics, to reconcile the society, and to look for the common good / Nessa dissertação apresentamos a atuação do processo penal como um instrumento de busca pela verdade. Para alicerçar nosso conhecimento sobre a verdade, buscamos o enfoque filosófico, começando pela Grécia, em Sócrates e finalizando em solo pátrio com Miguel Reale, e em síntese descrevemos como cada um formula o conhecimento da verdade. A partir disso, apresentamos a verdade no processo. Destacamos a verdade real como inatingível e de impossível alcance, outrossim, ao presidente da persecução penal, posto que a aferição de uma situação fática e suas circunstâncias, tal e qual ocorreram, jamais se conseguirão reproduzir. Conceituamos as verdades: formal, material, processual, a aproximativa e a verossimilhança apontando a tendência mais moderna da busca da certeza próxima da verdade judicial, essa última advinda não da prova mas de um juízo, sendo demarcada pela justiça como fundamento. Ressaltamos que apesar da conquista da verdade ser improvável, o empenho na busca da verdadeira reconstituição dos fatos é um valor que legitima a própria persecução penal. Da síntese histórica apresentada buscamos aferir a maneira de apuração da verdade, desde os modos mais violentos da Inquisição até os nossos dias, onde o cidadão, chega a esperar por anos, pela resposta estatal. Para ilustrar a idéia apresentamos Franz Kafka, retratando em sua obra alguém Diante da Lei . Ao discorrer do direito fundamental do acesso à justiça, apontamos a supremacia do princípio da dignidade da pessoa humana, que também deve estar refletido no processo, ante o dever do Estado de dizer o direito . Descrevemos algumas noções de prova, as alegações, os ônus e alguns dos óbices dentro do próprio processo que se interpõem como entraves à busca da verdade. Aventamos do papel do julgador investido do poder- dever de valorar todas as provas levantadas, e até de outras, que no seu entender, ache necessário que se produza. A decisão, por fim, emanada do livre convencimento com aportes argumentativos e transparência nas elucidações, representa a verdade almejada e perseguida, que presta, outrossim, uma função social, no sentido de efetivar o direito, exercitar a ética, apaziguar a sociedade e buscar o bem comum

Verdade processual

Prova

Proteção à privacidade

Princípio da proporcionalidade

Verossimilhança

Processo penal

Verdade

Procedural truth

Proofs

Privacy protection

Proportionality principle

整合資料在雲端環境上的分享與 隱私保護-以電子病歷資料為例 / Sharing and Protection of Integrated Data in the Cloud : Electronic Health Record as an Example

楊竣展, Yang, Jiun Jan

Unknown Date

由於電子化病歷逐漸取代了傳統的紙本病歷，在流通分享上面比傳統的紙本病歷更加來的方便及快速，另外電子病歷的整合性，也是比傳統的紙本來的有效。近年來雲端運算的發展，使得醫療系統在電子病歷上能夠更快速的發展，但是取而代之的是卻是雲端運算所產生隱私權的問題，在快速發展的雲端運算環境中，目前似乎無法完全確保資料的隱私性。即使現有的研究中可以讓資料擁有者表示自己的隱私偏好，卻因為設計時缺乏語意的考量，造成執行上有語意的落差。 本研究將探討電子病歷存放在雲端環境上，設計一套三層整合平台系統並使用語意化技術本體論整合來自多方的資料，達成在資料庫上使用OWL2作為整合的語言，並在此整合平台進行本體論整合，能夠讓使用者可以從多方的醫療中心快速查詢整合的資料，經由整合平台的改寫，到下層的規範擷取到上層平台進行管理與落實動作，最終在資料庫查詢資料，達成整合分享的目標，並同時能夠兼顧資料擁有者的隱私期待，完成在雲端環境上資料分享、整合、隱私保護的目標。 / The Electronic Health Records (EHRs) have replaced the traditional paper Health Records gradually and they are more rapid and more convenient in data sharing. Furthermore, the EHRs are also better than paper health records when health records need to be integrated on the computer. In recent years, the rapid development of cloud computing can help Health Information System to be more dynamic and provide a better service, but the problem of privacy is a critical issue. Although recent research can let data owner expresses his own personal privacy preference in to policy to protect privacy, it is lacked of semantics and that will result in the gap between the real meaning of personal privacy preference and of policy. In our research, we will using semantic technology to express personal privacy preference in to polices and also design the 3-layer integration platform to achieve semantics data integration so that polices can be enforced without loss of real meaning of personal privacy preference and polices will have interoperability with others when we are using semantic data integration.

隱私保護

語意網

資料整合

雲端運算

data integration

privacy protection

cloud computing

semantic web

使用本體論與規則執行企業隱私保護規範 / Using ontologies and rules to enforce enterprise privacy protection policies

郭弘毅, Guo, Hong Yi

Unknown Date

在今日愈來愈普及的電子商務方面，客戶資料的搜集來源更加廣泛，對於個人資料外洩的影響將非常嚴重，可能帶來個人財務上或者公司信譽上的重大損失。本研究期望可以建構一個在企業內部(backbone)架構的環境中，透過語意網(Semantic Web)中的本體論(Ontology)和規則(Rule)的加入，希望實現具有語意的個人隱私保護規範架構，實現在語意層級上的隱私權政策安全控管。找出並且驗證以Ontologies+Rules為規範的表達與管理的架構的優勢，以確保各企業伺服器平台在收集客戶個人資料時能夠遵守最初協商後的承諾。最後本研究可以透過第三方平台的架構來加以落實個人資料的流通、分享、與保護。 / In today's increasingly popular e-commerce, ways to collect personal data of customers are is more extensive, and the impact of data disclosure will be very serious, maybe it will cost heavy losses on personal reputation or the credit of companies. We hope to build a in-house (backbone) structure of the environment through the semantic web in the ontology and rules, hoping for enabling the semantics of personal privacy protection normative framework to achieve the privacy policy on the security control. We will identify and verify Ontologies + Rules to regulate the expression of the advantages of the structure and management to ensure that the enterprise platform servers will obey the usage of personal data after their initial consultation commitment. Finally, we propose a third-party platform to enforce data sharing and protection of personal data.

語意網

企業隱私保護

本體論

規則

Semantic Web

Enterprise Privacy Protection

Ontology

Rule

政府機關提高隱私保護信任機制之研究－以金融監理為例 / A study on improving the trust mechanism of privacy protection in government agencies -a case of the financial supervision system

林占山

Unknown Date

個人資料保護係屬隱私權的範疇之一， 現代化政府不斷面臨內外在施政環境變遷的衝擊與挑戰，其中資訊科技的快速發展與廣泛運用，更直接衝擊著政府施政定位、服務範圍、運作模式及治理原則。現代化國家在思考打破施政的常規和舊制，面對資訊公開與行政效率要求下，走向電子化政府的道路，也就成為勢之所趨。但另一方面，資訊革命所帶來對隱私與個人資料保護的衝擊，亦較以往更為強烈而深刻。從許多文獻可得知為何民眾可能不信任政府的原因是多方面的，這些原因與他們個人資料安全、隱私權保護及完整性維護是息息相關連的。在政府努力發展電子化政府以便民眾享受其便利性的同時，如何建構政府機關及政府企業間之個人資料隱私保護電子治理機制及協同作業，以強化我國公共治理指標之政府效能、回應力及課責能力，確保個資的合理流通，並能兼顧隱私保護，提昇整體政府信任度，實為電子化政府對人民基本權利之保障及實踐「隱私保護」之重要課題。 新版《個人資料保護法》已於民國九十九年四月在立法院三讀通過，在新法實施後，將因擴大適用個資法之主體範圍，規範個人資料蒐集與處理程序，加重持有個資業者的保管責任，並調整資料外洩求償上限至二億元，預計將加重企業蒐集與利用個人資料的成本與相關責任。本研究之目的在於探討政府機關如何透過持續隱私保護IT治理框架及系統，設計有效的「行政程序控制」(administrative procedural control)、課責(Accountability)及透明(Transparency)機制進的定期公開與積極散佈。透過個人控制自己資訊應該如何被處理與使用的資訊自我控制（local control）權利，一方面提高了政府的施政透明度及政府課責，另一方面也增強隱私保護及人民信任度；同時並以金融監理體系為例，如何因應新版個資法的衝擊，有效的調整內部資料蒐集與資安控管流程，試圖以銀行業透過監理機制建構雛型，監督管理金融業之營運，以期能提供客戶最佳之服務，有效避免新個資法為金融機構帶來的營運風險，進而建議政府機關隱私保護之IT架構，冀能提供主動積極安全又便利之服務，以贏取國民對政府之信任與向心力。 / Personal data protection is one of the categories in privacy. Modern governments constantly face impacts and challenges of political environment changes internally and externally, which rapid developments and extensive applications of information technologies affect the government policy positioning, service ranges, operation modes, and governance principles directly. Modern countries are always thinking over to break routines and aged systems of administration. Under requirements of facing the information disclosure and the administration efficiency, it has become a potential of the trend towards the road of e-government. However, on the other hand, compares to impacts of privacy and personal data protection which have been brought about by the revolution of information, currently, it becomes more intense and profound than before. Many literatures reveal why civilians may not trust the government for reasons in multiple aspects which is related closely with their personal data security, privacy protection, and integrity maintenance. In the meantime, in order to strengthen our government performances of public governance indicators, responsiveness, and accountability for ensuring a reasonable flow of private data, taking into account of privacy protection, and enhancing the overall trust into government, government is striving to develop e-government for civilians’ ease to enjoy its convenience, and this is truly the important subject for e-government of how to construct e-governance mechanisms of personal data privacy and collaboration operations between government organizations internally and between government vs. business enterprises externally on the protection of civilians’ basic rights and the practice of "privacy protection”. The new version of “Personal Data Protection Act” has been passed after third reading by Legislative Yuan on April, 2010. After taking effective of this new law, due to the applicable main scope enlargement of Personal Data Protection Act, it regulates personal data collections and processing procedures, expends the custodial responsibility to dealers who own the personal data, and adjusts the limitation of penalty up to NTD$200 millions for data leakage, which expects to enlarge the cost and relative responsibilities to enterprises for collecting and using personal data. The object of this analysis is going to explore how government organizations go through IT government frameworks and systems of the consistent privacy protection to design effective “Administrative Procedural Control”, “Accountability”, and “Transparency” mechanisms for proceeding periodic disclosure and positive broadcast. Not only to increase the transparency of government administration and the government accountability, but also to enhance the privacy protection and the trust to civilians, through the right of information “Local Control”, individual controls over self own information which should be dealt with and used. Meanwhile, for example of governance system in financial industry, how to respond to the impact of the new version in Personal Data Protection Act to adjust internal data collections and information security control processes effectively, and try to build up the prototype through governance mechanisms in banking for supervising and managing operations of financial industry. Furthermore attempt providing clients with the best service to avoid operation risks effectively for financial institutions which are caused by the new version of Personal Data Protection Act, and then suggest the IT infrastructure of privacy protection for government organizations. Hope to be able to provide active, positive, safe, and convenient services for winning upon trust and cohesion from civilians to the government.

隱私保護

信任機制

滿意度

課責

透明

privacy protection

trust mechanism

Effectiveness

Accountability

Transparency