A vision for global privacy bridges: Technical and legal measures for international data markets

Spiekermann-Hoff, Sarah, Novotny, Alexander

January 2015

From the early days of the information economy, personal data has been its most valuable asset. Despite data protection laws and an acknowledged right to privacy, trading personal information has become a business equated with "trading oil". Most of this business is done without the knowledge and active informed consent of the people. But as data breaches and abuses are made public through the media, consumers react. They become irritated about companies' data handling practices, lose trust, exercise political pressure and start to protect their privacy with the help of technical tools. As a result, companies' Internet business models that are based on personal data are unsettled. An open conflict is arising between business demands for data and a desire for privacy. As of 2015 no true answer is in sight of how to resolve this conflict. Technologists, economists and regulators are struggling to develop technical solutions and policies that meet businesses' demand for more data while still maintaining privacy. Yet, most of the proposed solutions fail to account for market complexity and provide no pathway to technological and legal implementation. They lack a bigger vision for data use and privacy. To break this vicious cycle, we propose and test such a vision of a personal information market with privacy. We accumulate technical and legal measures that have been proposed by technical and legal scholars over the past two decades. And out of this existing knowledge, we compose something new: a four-space market model for personal data.

PRIVACY: ARCHITECTURE IN SUPPORT OF PRIVACY REGULATION

WITTE, NATHAN ALLAN

07 July 2003

No description available.

Architecture

privacy regulation

control

architecture

environmental design

student housing

Privacy And Segregation As A Basis For Analyzing And Modelling The Urban Space Compositionof The Libyan Traditional City

El Agouri, Faraj Bubaker

01 December 2004

ABSTRACT PRIVACY AND SEGREGATION AS A BASIS FOR ANALYZING AND MODELLING THE URBAN SPACE COMPOSITION OF THE LIBYAN TRADITIONAL CITY CASE STUDY: THE CITY OF GHADAMES Faraj Abubaker El-Agouri Ph.D., Department of City and Regional Planning Supervisor: Asoc. Dr. Baykan Gunay October, 296 pages The study examines the spatial and visual privacy in different areas within the walled city of Ghadames, where different ethnic communities live in distinct localities. Conceptual and theoretical notions of privacy are tested, whose ultimate value is further refinement of privacy regulation conceptually and operationally. Complexities of privacy as a concept and its regulation are clarified through theory and extracted spatio-cultural information about physical settings created by these communities. The space syntax and isovist field analysis are applied as an integrated methodology. The study demonstrates usefulness and adaptability of this integrated approach, which provides a fairly definitive interpretation (i.e. understanding) of physical settings of the city that residents as well as visitors perceive as regulating privacy, and where privacy fits into the user&rsquo / s perception. The structure of the thesis can be understood as consisting of three parts. Part one includes literature about privacy definition, functions, regulating mechanisms, framework within the context of culture as well as the interface between private and public spaces. Second part introduces theory of space syntax and concept of visibility graph analysis (Isovist field). It also introduces the case study of Ghadames, field survey and observations. It illuminates the inhabitants&rsquo / lifestyle, and show how they label spaces by function, gender and user identity. Part three analyses syntactically and visually the spatial structures for the whole walled city as well as the nine selected ethnic communities as embedded within the city and in isolation. In brief, this study attempts to observe and quantify physical settings as privacy regulation mechanisms that operate within context of culture. Mechanisms are the physical elements that facilitate or impede privacy regulation in the city and/or enable users themselves to regulate privacy through their own locales. The elements are composed of field characteristics and barriers. Field characteristics regulate privacy by perceptually altering the physical context through shape, size, orientation, and environmental conditions. Barriers regulate privacy physically and symbolically through walls, screens, objects, and symbols.

HT Cities, Communities, Races 51-1595

Privatumo ir asmens duomenų apsaugos reguliavimas tarptautiniu mastu / Regulation of privacy and data protection in International level

Kalinauskas, Marius

04 February 2009

Darbe nagrinėjami privatumo bei asmens duomenų apsaugos probleminiai aspektai tarptautiniu mastu. Apibūdinti šia vertybę yra išties nelengva, kadangi joje persipynę daugybė skirtingų, bet tarpusavyje susietų kategorijų. Nepaisant to, privatumas priskirtinas prie svarbiausių žmogaus teisių bei laisvių ir yra gerbtinas bei saugotinas. Šio darbo tikslas – pažvelgti į dabar esantį tarptautinį teisinį reguliavimą privatumo bei asmens duomenų apsaugos srityje, atskleisti bei aptarti grėsmes privatumui XXI a. pradžioje bei atsakyti į klausimą: ar dabartinis privatumo bei asmens duomenų apsaugos reguliavimas atitinka šiandienos technologines, socialines bei ekonomines realijas. Magistriniame darbe keliama hipotezė, jog privatumo bei asmens duomenų apsaugos reguliavimas nėra pakankamas, todėl jį būtina iš naujo peržiūrėti bei papildyti. Autorius išsako nuomonę, jog pasaulis yra per daug skirtingas ir kad vieningo bei efektyvaus teisės akto priėmimas šiomis aplinkybėmis tampa sunkiai įmanomu. Darbe aptariamas tarptautinis bei regioninis privatumo bei asmens duomenų apsaugos reglamentavimas, supažindinama su galimais pažeidimais šioje srityje, keliami probleminiai klausimai dėl atskirų šios teisės apsaugos reguliavimo aspektų bei pateikiami pasiūlymai dėl efektyvesnio iškilusių problemų sprendimo. Iškeltam tikslui bei iš jo sekantiems uždaviniams įgyvendinti naudojami lingvistinis, loginis, lyginamasis, sisteminės analizės bei kiti tyrimo metodai. Darbą sudaro keturi skyriai, kuriuose... [toliau žr. visą tekstą] / The main research issue of this master thesis is problem-oriented approach of privacy and data protection regulation in international level. It’s hard to conceptualize privacy as a value, because it’s very complex ant closely intertwined with other categories of similar topic. Nevertheless, privacy is numbered as one of the fundamental human rights and should be treated with respect and under great protection. The main objective of the final paper is to overlook today’s legal basis of international law norms concerning privacy and data protection. Also, to reveal and discuss main threats to mentioned value at the beginning of XXI century and answer the question: is nowadays regulation of privacy and data protection in international level deals with challenges of technological, social and economical reality. In this final paper author comes with the hypothesis that privacy and data protection regulation is ineffective in international level. Legal acts must be revised and supplemented with new norms which should be up to date considering nowadays reality. It is also noted that differences of various countries are huge and effective new generation privacy and data protection regulation is more like a utopia. Some problematic aspects are discussed in master’s thesis concerning privacy violations, legal norm regulation effectiveness and possible ways of solving these problems. In order to achieve goals of objective, author uses scientific methods for his research. These methods... [to full text]

Law

Privatumas

Asmens duomenų apsauga

Tarptautinis privatumo reguliavimas

Privatumo krizė

Privacy

Data protection

International privacy regulation

Privacy crysis

Compliance issues within Europe's General Data Protection Regulation in the context of information security and privacy governance in Swedish corporations : A mixed methods study of compliance practices towards GDPR readiness

Stauber, Sebastian

January 2018

The European Union has introduced a new General Data Protection Regulation that regulates all aspects of privacy and data protection for the data of European citizens. To transition to the new rules, companies and public institutions were given two years to adapt their systems and controls. Due to the large area of changes the GDPR requires, many companies are facing severe problems to adapt the rules to be ready for enforcement. This marks the purpose of this study which is to look into compliance practices in the implementation of GDPR requirements. This includes a prospect of compliance mechanisms that may remain insufficiently addressed when the regulation comes into force on May 25, 2018. The study is conducted in Sweden and aims to investigate the situation in corporations and not in public institutions. Mixed methods have been applied by surveying and interviewing Swedish GDPR experts and consultants to gain an understanding of their view by using capability maturity scales to assess a variety of security processes and controls. The analysis shows a low implementation in GDPR requirements while having seen improvements over the past two years of transition. It points out that a holistic strategy towards compliance is mostly missing and many companies face obstacles that are difficult to overcome in a short period. This may result in non-compliance in many Swedish corporations after the regulation comes into force on May 25.

GDPR

Privacy

Data Protection

Information Security

Privacy Governance

Information Governance

IS Governance

IT Governance

IT Compliance

GDPR Implementation

Privacy Regulation

Economics and Business

Ekonomi och näringsliv

Valuing Differential Privacy : Assessing the value of personal data anonymization solutions, specifically Differential Privacy-solutions, for companies in the mobility sector / Värdering av Differential Privacy : En värdering av anonymiseringsalgoritmer, specifikt Differential Privacy-lösningar, för bolag inom mobilitetssektorn

Andersson, Axel, Borgernäs, Sebastian

January 2022

This paper aims to determine the value of the product based on the mathematical concept of Differential Privacy, by assessing the value of the business opportunities it enables and the value of the possible GDPR-fines it prevents. To delimit the scope of the research the analysis will focus on what the value of personal data is for companies within the mobility sector. Mobility is a cross-industrial sector consisting of companies within connectivity-technology, transportation, and automotive. The method used to assess the final value of anonymizing personal data, such as consumer data, using a DP-solution (meaning, an implementation of the theory) has consisted of both quantitative and qualitative analysis. The quantitative analysis aims to assess the ‘Cost of Risk’ for mobility companies that are exposed to personal integrity regulation due to data processing. To further conclude the true cost of the financial impact caused by getting fined for infringing on privacy regulation because of unlawful data processing is done through a complementary qualitative assessment. Lastly, the 'Opportunity Cost', or rather the cost of missed financial opportunities, is determined qualitatively for a case study company within Sweden’s mobility ecosystem to conclude the overall value of a DP-solution for a specific company. The final product of this research paper is to provide a framework assessing the total value, for specifically companies in the mobility sector, of implementing differential privacy solutions. / Syftet med denna uppsats är att fastställa värdet av anonymisering baserat på det matematiska konceptet Differential Privacy, genom att bedöma värdet av de affärsmöjligheter det skapar, samt värdet av de möjliga GDPR- böter det förhindrar. För att avgränsa studiens omfattning består analysen endast av att uppskatta dessa värden för företag inom mobilitetssektorn. Mobilitetssektorn är en tvärindustriell sektor som består av företag inom uppkoppling-, transport- och bilindustrin. Metoden som använts för att ta fram det slutliga värdet av att anonymisera persondata genom en differential privacy lösning, består både av en kvantitativ och en kvalitativ analys. Målet med den kvantitativa analysen är att estimera kostnadsrisken för företag inom mobilitetssektorn som exponeras mot GDPR-böter med avseende på dess datahantering. För att vidare ta reda på den totala finansiella inverkan av sådana böter, kompletteras analysen av en kvalitativ studie, som delvis omfattas av de finansiella möjligheterna ett företag går miste om i en sådan situation. Den kvalitativa analysen består också av en fallstudie av ett svenskt företag inom mobilitetssektorn, med målet att estimera värdet av de affärsmöjligheter som uppstår med hjälp av anonymisering av data. Slutligen är målet med denna uppsats att förse läsaren med att ramverk för att estimera det totala värdet av att implementera differential privacy lösningar i företag inom mobilitetssektorn.

differential privacy

hedonic pricing method

logistic regression

GDPR

privacy regulation

valuation

risk assessment

valuing emerging technologies

valuing non-market goods and services

mobility

Computer Sciences

Datavetenskap (datalogi)