Global ETD Search

411	Compliance with the General Data Protection Regulation: an exploratory case study on business systems’ adaptation / Medgörlighet med Dataskyddsförordningen: en undersökande fallstudie av affärssystems anpassning Knutsson, Mikael January 2017 (has links) Current moves into a heavily digitalized era has led to a phase where our privacy is being eroded as we hand over our personal data to organizations and their systems. At the same time, the applicable laws to give security to the individuals have failed to incorporate these legal developments. However, in April 2016 the European Union proposed a change to a new regulation called the General Data Protection Regulation (GDPR). The GDPR will be implemented and start to apply in May 2018, thus the main purpose of this study was to investigate how organizations can adapt to changing regulations on how personal data should be stored and managed, and what the key tension points are within specifically closed IT-systems. The goal of the GDPR and this study on its feature implementation is to guarantee the EU citizens their right to privacy. Through an exploratory case study involving an in-depth analysis of two closed IT-systems this study develops a broader understanding on how organizations should adapt their daily businesses in order to be fully compliant with the new bylaws. This study identifies four critical issues which are used to discuss how the new bylaws could affect the EU citizens’ privacy. To accomplish this and open up for further investigation within the field of data privacy laws - four different propositions to modifications were suggested. / Den aktuella övergången till en omfattande digitaliserad tid har lett till en fas där vår integritet går förlorad då vi överlämnar vår personliga information till organisationer och deras system. Samtidigt har de tillämpade datalagarna med syfte att skydda individen misslyckats med att införliva denna utveckling. Därför har den Europeiska Unionen i april 2016 föreslagit en förändring till en ny reglering som får namnet Dataskyddsförordningen. Dataskyddsförordningen kommer blir implementerad och börja gälla i maj 2018 och därav var huvudsyftet med den här studien att undersöka hur organisationer bör anpassa sig till de nya riktlinjerna för hur personlig information bör lagras och hanteras samt vilka spänningspunkterna är för slutna IT-system. Målet med Dataskyddsförordningen och vad den här studien beaktade i dess kommande utförande är att garantera EU-medborgare rätten till sin integritet. Genom att utföra en undersökande fallstudie innehållandes en djupgående analys av två slutna IT-system har den här studien bidragit med en bredare förståelse för hur organisationer bör anpassa sina dagliga verksamhet för att vara helt medgörliga med Dataskyddsförordningen. Studien har identifierat fyra kritiska problem som har legat till grund för att diskutera hur den nya förordningen kommer påverka EU-medborgarnas rätt till sin integritet. För att göra det möjligt samt öppna upp för framtida undersökningar inom ramen för dataskyddslagar föreslogs fyra förslag på generella förändringar. Data protection laws GDPR privacy the right to be forgotten IT safety data minimization Media and Communication Technology Medieteknik
412	Electronic Multi-agency Collaboration. A Model for Sharing Children¿s Personal Information Among Organisations. Louws, Margie January 2010 (has links) The sharing of personal information among health and social service organisations is a complex issue and problematic process in present-day England. Organisations which provide services to children face enormous challenges on many fronts. Internal ways of working, evolving best practice, data protection applications, government mandates and new government agencies, rapid changes in technology, and increasing costs are but a few of the challenges with which organisations must contend in order to provide services to children while keeping in step with change. This thesis is an exploration into the process of sharing personal information in the context of public sector reforms. Because there is an increasing emphasis of multi-agency collaboration, this thesis examines the information sharing processes both within and among organisations, particularly those providing services to children. From the broad principles which comprise a socio-technical approach of information sharing, distinct critical factors for successful information sharing and best practices are identified. These critical success factors are then used to evaluate the emerging national database, ContactPoint, highlighting particular areas of concern. In addition, data protection and related issues in the information sharing process are addressed. It is argued that one of the main factors which would support effective information sharing is to add a timeline to the life of a dataset containing personal information, after which the shared information would dissolve. Therefore, this thesis introduces Dynamic Multi-Agency Collaboration (DMAC), a theoretical model of effective information sharing using a limited-life dataset. The limited life of the DMAC dataset gives more control to information providers, encouraging effective information sharing within the parameters of the Data Protection Act 1998. Confidentiality Information sharing Multi-agency working Social services Vulnerable children Personal information Limited-life datasets Data protection
413	Det mörka kakreceptet : Dark Patterns och användarens inställning till cookie-förfrågningar på statliga och kommersiella webbsidor / The Dark Cookie Recipe : Dark Patterns and the user’s attitude towards cookie prompts on Governmental and commercial websites Stavnjak, Niklas, Bröddén, Olivia January 2023 (has links) Sedan införandet av dataskyddsförordningen GDPR den 25 maj 2018 har internetanvändare i alla EU/ESS länder blivit mötta av en förfrågan om godkännande av cookies vid varje besök av en ny hemsida. Frågan ska enligt lag tydligt informera användare om att cookies används, i vilket syfte och hur länge de sparas. Beväpnad med denna information ska användaren sedan ha möjlighet att ta ett välinformerat beslut om hen godkänner webbplatsens användning av cookies och därmed insamlingen av hens personuppgifter. Denna lagstiftning gäller för samtliga webbplatser oavsett offentlig eller privat avsändare och avser att skapa ett skydd för varje individs digitala integritet. Cookies har använts i funktionssyfte sedan internets begynnelse men har under de senare åren använts med stor framgång primärt i marknadsföringssyfte i form av riktad marknadsföring av kommersiella webbplatser. Det finns stor vinning för många företag att användare godkänner dessa cookie-förfrågningar vilket gör att stor vikt läggs vid hur dessa förfrågningar designas. Dark Patterns är ett begrepp på former av konverteringsinriktad design som används för att få användare att utföra handlingar som ej gynnar dem i längden, men som skapar mervärde för aktören bakom. Dessa designval används flitigt över hela internet och har även identifierats i cookie-förfrågningar. Följande studie undersöker hur dessa cookie-förfrågningar är utformade, vilka dark patterns som finns att identifiera i deras gränssnitt samt användares inställning till 15 statliga respektive 15 kommersiella webbplatser. Data för studien har samlats in genom en kvantitativ enkätundersökning med 102 respondenter samt en kvalitativ innehållsanalys av samtliga webbplatser. Empiri från tidigare forskning har använts för att jämföra och styrka studiens slutsats. Användningen av dark patterns har identifierats på både statliga och kommersiella webbplatser men i en högre grad i den sistnämnda. Dessa designval har visats påverka användarens interaktion med förfrågan på ett sätt som är positivt för aktören. Studien har däremot även visat att en lika stor faktor för användarens medvetna beslut är det anseende aktören för webbplatsen har. Avslutningsvis visar studien att dagens internetanvändare generellt är trötta på konstanta förfrågningar med samma eller liknande information, och vad som var avsett att skapa en trygghetskänsla hos användaren har i stället bara blivit ett evigt störningsmoment. / Since the implementation of the General Data Protection Regulation (GDPR) on May 25th, 2018, users in EU/EEC countries have encountered cookie approval requests upon accessing new websites. By legal demand, these cookie prompts must provide information on the use of cookies, their purpose, and the duration of data retention. With this knowledge, users are expected to make informed decisions regarding their consent to the website's cookies and data collection utilization. This legislation applies universally to all websites, regardless of their public or private nature, to protect individuals’ digital privacy. While cookies have served functional purposes since the early days of the Internet, their recent substantial adoption for targeted marketing by commercial websites has provided significant advantages for many companies. Consequently, precise attention is placed on the design of these cookie requests themselves. Dark Patterns represent a form of conversion-oriented design tactics employed to impact users to perform certain actions that may not be beneficial in the long term but generate value for the entity implementing them. These design choices are prevalent across the internet and have also been identified within the context of cookie prompts. This study observes the design elements of such cookie prompts, identifies the presence of dark patterns within their interfaces, and examines user attitudes toward these prompts. The research analyzes 15 government websites and 15 commercial websites through a qualitative content analysis that uncovers hidden information. As a complement, an additional quantitative survey was formed by collecting data from 102 respondents. The study leverages empirical evidence from previous research to strengthen its findings and comparisons. Findings show that the use of dark patterns on both government and commercial websites is evident, with a more noticeable occurrence on commercial ones. These design choices have been observed to influence user interactions with the requests to favor the sender implementing the dark patterns. However, the research also demonstrates that the senders' reputation equally influences users' conscious decision-making process. In conclusion, the study indicates that contemporary internet users generally experience weariness due to persistent requests featuring repetitive or similar information. What was initially intended to instill a sense of user security has instead become an enduring source of disruption. Cookies Dark Patterns Persuasive Design General Data Protection Regulation Websites Cookies Dark Patterns Persuasive Design GDPR Media Engineering Mediateknik
414	Compliance Elliance Journal DeStefano, Michele, Papathanasiou, Konstantina, Schneider, Hendrik 14 May 2024 (has links) No description available. info:eu-repo/classification/ddc/343 ddc:343
415	Privacy and Security of the Windows Registry Amoruso, Edward L 01 January 2024 (has links) (PDF) The Windows registry serves as a valuable resource for both digital forensics experts and security researchers. This information is invaluable for reconstructing a user's activity timeline, aiding forensic investigations, and revealing other sensitive information. Furthermore, this data abundance in the Windows registry can be effortlessly tapped into and compiled to form a comprehensive digital profile of the user. Within this dissertation, we've developed specialized applications to streamline the retrieval and presentation of user activities, culminating in the creation of their digital profile. The first application, named "SeeShells," using the Windows registry shellbags, offers investigators an accessible tool for scrutinizing and generating event timelines based on specific criteria like file access patterns and system navigations. It boasts analytical features that can identify potentially suspicious events through a heat mapping system. In the context of our research, we've also crafted another application designed to collect and deduce a user's extensive activities by solely accessing the Windows registry. This program effectively sidesteps security software by utilizing native Windows application programming interface (API) to interact with the registry, granting unrestricted access to valuable information. This trove of data, often referred to as the user's digital footprint, holds the potential to either investigate or compromise both the user's privacy and security. Finally, we propose a custom-developed application that utilizes both software-based encryption and advanced hooking techniques to protect users' personal data within the registry. Our program is designed to create a more secure and discreet environment for users, effectively fortifying it against privacy and security threats while maintaining accessibility to legitimate users and applications. Digital forensic investigation event timelines Windows registry user digital footprint privacy risk data protection Computer Engineering Information Security OS and Networks
416	Developing Intelligent Chatbots at Scania : Integrating Technological Solutions and Data Protection Considerations Söderberg, Johan January 2024 (has links) his thesis researches the complex intersection of Data Protection and Intelligent Chatbots (IC)at Scania Group. Developing intelligent chatbots in a secure and GDPR compliant way is highlycomplicated and multifaceted task. The purpose of this research is to provide Scania withorganizational knowledge on how this can be achieved. This study utilizes the Action DesignResearch framework to develop an artifact which integrates technological solutions with dataprotection considerations. By conducting a literature review and semi-structured interviews withemployees at Scania, three potential solutions are identified evaluated: ChatGPT Enterprise, theSecured AI Knowledge Repository (SAIKR), and Techtalker. Each solution offers differentcapabilities and compliance strategies: ChatGPT Enterprise, while practical, relies on contractualassurances for GDPR compliance with data stored in the USA. SAIKR, on the other hand, offersmore control with data stored and encrypted in Sweden, allowing for the use of advancedprivacy-preserving techniques. Techtalker, which is hosted directly by Scania, provides enhancedsecurity measures tailored to specific technical use cases. Based on the artifact and conclusionsof this research, generalized design principles for developing intelligent chatbots within acorporate structure are formulated. These four design principles encourages the utilization ofRAG and LLMs, safe and legal data localization, strong contractual safeguards with third-partyproviders, and a comprehensive risk analysis with stringent security measures. Generative AI Data Protection Privacy GDPR Large Language Models RAG Design Principles Communication Systems Kommunikationssystem Computer Systems Datorsystem
417	Informerat samtycke till behandling av personuppgifter på webbplatser : En analys av hur kraven i dataskyddsförordningen kommer att påverka den personliga integriteten i praktiken / Informed consent to processing of personal data on websites : An analysis of how the requirements in the General Data Protection Regulation will affect privacy in practice Nilsson, Eric January 2017 (has links) Frågan om rätten till personlig integritet är aktuell på ett helt annat sätt idag än den var på 1990-talet. Sedan dataskyddsdirektivet trädde i kraft har behandlingen av personuppgifter ökat exponentiellt. Informationsteknik har möjliggjort en omfattande kartläggning av personers beteenden online. Idag använder många webbplatser funktioner för att samla in och på andra sätt behandla sina besökares personuppgifter. Samtidigt har informationen om personuppgiftsbehandlingen som ges till enskilda på webbplatser i många fall blivit omfattande och komplicerad. Ett av syftena med den nya dataskyddsförordningen är att bygga upp konsumenters förtroende för handel på internet. Förordningen syftar även till att stärka skyddet för enskildas personliga integritet. Bestämmelserna kan anses vara svårtydda, vilket kan leda till att skyddet som bäst blir oförändrat. I ett samhälle som blir alltmer digitaliserat tycks det önskvärt att de moderna reglerna håller vad de lovar, annars kan konsekvenserna bli stora. I denna uppsats diskuteras om dataskyddsförordningens krav på informerat samtycke förbättrar förutsättningarna för ett effektivt skydd för den personliga integriteten. De nya bestämmelserna är mer omfattande men har kritiserats för att vara otydliga, närmare principer i direktiv snarare än direkt tillämplig förordningstext. Bestämmelserna behöver också vägas mot andra rättigheter. Därför kan bestämmelserna om samtycke och informationsplikt leda till ett sämre skydd för enskilde om inte tydlig vägledning ges. Det är därför en risk som kommer behöva beaktas vid tillämpningen av förordningen. Om personuppgiftsansvariga saknar vägledning finns en risk att bestämmelserna i praktiken inte ger enskilda den kontroll över sina personuppgifter som var avsedd. informed consent personal data processing data processing websites GDPR general data protection regulation regulation 2016/679 data protection privacy IT law directive 95/46 data protection directive informerat samtycke personuppgifter behandling personuppgiftsbehandling online webbplats dataskyddsförordningen förordning 2016/679 dataskydd integritet IT-rätt privatliv EU personuppgiftslag PuL direktiv 95/46 dataskyddsdirektiv Law and Society Juridik och samhälle
418	A comparative study of technological protection measures in copyright law Conroy, Marlize 30 November 2006 (has links) Digitisation had a profound impact on the creation, reproduction, and dissemination of works protected by copyright. Works in digital format are vulnerable to infringement, and technological protection measures are accordingly applied as protection. Technological protection measures can, however, easily be circumvented, and additional legal protection against circumvention was needed. Article 11 of the WIPO Copyright Treaty (the WCT) obliges Member States to provide adequate legal protection against the circumvention of technological measures applied to works protected by copyright. Contracting parties must refine the provisions of Article 11 and provide for exceptions on the prohibition. Article 11 does not specify whether it pertains to only certain types of technological measures, nor does it prohibit the trafficking in circumvention devices. The United States implemented the provisions of Article 11 of the WCT through the Digital Millennium Copyright Act of 1998 (the DMCA). Section 1201 of the DMCA prohibits the circumvention of technological measures. It is detailed and relates to two categories of technological measures - access control and copy control. It prohibits not only the act of circumvention, but also the trafficking in circumvention devices. Article 6 of the EC Directive on the Harmonisation of Certain Aspects of Copyright and Related Rights in the Information Society of 2001 implements Article 11 of the WCT. Article 6 seeks to protect Aeffective technological measures@. It prohibits both the act of circumvention and circumvention devices. Although Article 11 of the WCT is silent on the issue of access control, it seems as if the international trend is to provide legal protection to access controls, thus indirectly creating a right to control access. South Africa has not yet implemented Article 11 of the WCT. The South African Copyright Act of 1979 does not protect technological protection measures. The Electronic Communications and Transactions Act of 2002 (the ECT Act) provides protection against the circumvention of technological protection measures applied to digital data. The definition of Adata@ is such that it could include protected works. If applied to protected works, the anti-circumvention provisions of the ECT Act would be detrimental to user privileges. As developing country, it seems to be in South Africa's best interest to the implement the provisions of Article 11 in such a manner that it still allows users access to and legitimate use of works protected by copyright. / Jurisprudence / LL.D. 346.482 Copyright, International Fair use (Copyright) -- South Africa Fair use (Copyright) -- United States
419	A comparative study of technological protection measures in copyright law Conroy, Marlize 30 November 2006 (has links) Digitisation had a profound impact on the creation, reproduction, and dissemination of works protected by copyright. Works in digital format are vulnerable to infringement, and technological protection measures are accordingly applied as protection. Technological protection measures can, however, easily be circumvented, and additional legal protection against circumvention was needed. Article 11 of the WIPO Copyright Treaty (the WCT) obliges Member States to provide adequate legal protection against the circumvention of technological measures applied to works protected by copyright. Contracting parties must refine the provisions of Article 11 and provide for exceptions on the prohibition. Article 11 does not specify whether it pertains to only certain types of technological measures, nor does it prohibit the trafficking in circumvention devices. The United States implemented the provisions of Article 11 of the WCT through the Digital Millennium Copyright Act of 1998 (the DMCA). Section 1201 of the DMCA prohibits the circumvention of technological measures. It is detailed and relates to two categories of technological measures - access control and copy control. It prohibits not only the act of circumvention, but also the trafficking in circumvention devices. Article 6 of the EC Directive on the Harmonisation of Certain Aspects of Copyright and Related Rights in the Information Society of 2001 implements Article 11 of the WCT. Article 6 seeks to protect Aeffective technological measures@. It prohibits both the act of circumvention and circumvention devices. Although Article 11 of the WCT is silent on the issue of access control, it seems as if the international trend is to provide legal protection to access controls, thus indirectly creating a right to control access. South Africa has not yet implemented Article 11 of the WCT. The South African Copyright Act of 1979 does not protect technological protection measures. The Electronic Communications and Transactions Act of 2002 (the ECT Act) provides protection against the circumvention of technological protection measures applied to digital data. The definition of Adata@ is such that it could include protected works. If applied to protected works, the anti-circumvention provisions of the ECT Act would be detrimental to user privileges. As developing country, it seems to be in South Africa's best interest to the implement the provisions of Article 11 in such a manner that it still allows users access to and legitimate use of works protected by copyright. / Jurisprudence / LL.D. 346.482 Copyright, International Fair use (Copyright) -- South Africa Fair use (Copyright) -- United States
420	Rethinking relations and regimes of power in online social networking sites : tales of control, strife, and negotiations in Facebook and YouTube Vranaki, Asma A. I. January 2014 (has links) This thesis investigates the potentially complex power effects generated in Online Social Networking Sites (‘OSNS’), such as YouTube and Facebook, when legal values, such as copyright and personal data, are protected and/or violated. In order to develop this analysis, in Chapter Two, I critically analyse key academic writings on internet regulation and argue that I need to move away from the dominant ‘regulatory’ lens to my Actor-Network Theory-Foucauldian Power Lens (‘ANT-Foucauldian Power Lens’) in order to be able to capture the potentially complex web of power effects generated in YouTube and Facebook when copyright and personal data are protected and/or violated. In Chapter Three, I develop my ANT-Foucauldian Power Lens and explore how key ANT ideas such as translation can be used in conjunction with Foucauldian ideas such as governmentality. I utilise my ANT-Foucauldian Power Lens in Chapters Four to Seven to analyse how YouTube and Facebook are constructed as heterogeneous, contingent and precarious ‘actor-networks’ and I map in detail the complex power effects generated from specific local connections. I argue five key points. Firstly, I suggest that complex, multiple, and contingent power effects are generated when key social, legal, and technological actants are locally, contingently, and precariously ‘fitted together’ in YouTube and Facebook when copyright and personal data are protected and/or violated. Secondly, I argue that ‘materialities’ play key roles in maintaining the power effects generated by specific local connections. Thirdly, I argue that there are close links between power and ‘spatialities’ through my analysis of the Privacy Settings and Tagging in Facebook. Fourthly, I argue that my relational understandings of YouTube and Facebook generate a more comprehensive view of the power effects of specific legal elements such as how specific territorial laws in YouTube gain their authority by virtue of their durable and heterogeneous connections. Finally, I argue that we can extrapolate from my empirical findings to build a small-scale theory about the power effects generated in OSNS when legal values are protected and/or violated. Here I also consider the contributions made by my research to three distinct fields, namely, internet regulation, socio-legal studies, and actor-network theory. 343.09

Search results