Giuseppe D'Acquisto,Josep Domingo-Ferrer,Panayiotis Kikiras,Vicenç Torra,Yves-Alexandre de Montjoye,Athena Bourka

DOI: https://doi.org/10.48550/arXiv.1512.06000

2015-12-18

Cryptography and Security

Abstract:The extensive collection and processing of personal information in big data analytics has given rise to serious privacy concerns, related to wide scale electronic surveillance, profiling, and disclosure of private data. To reap the benefits of analytics without invading the individuals' private sphere, it is essential to draw the limits of big data processing and integrate data protection safeguards in the analytics value chain. ENISA, with the current report, supports this approach and the position that the challenges of technology (for big data) should be addressed by the opportunities of technology (for privacy). We first explain the need to shift from "big data versus privacy" to "big data with privacy". In this respect, the concept of privacy by design is key to identify the privacy requirements early in the big data analytics value chain and in subsequently implementing the necessary technical and organizational measures. After an analysis of the proposed privacy by design strategies in the different phases of the big data value chain, we review privacy enhancing technologies of special interest for the current and future big data landscape. In particular, we discuss anonymization, the "traditional" analytics technique, the emerging area of encrypted search and privacy preserving computations, granular access control mechanisms, policy enforcement and accountability, as well as data provenance issues. Moreover, new transparency and access tools in big data are explored, together with techniques for user empowerment and control. Achieving "big data with privacy" is no easy task and a lot of research and implementation is still needed. Yet, it remains a possible task, as long as all the involved stakeholders take the necessary steps to integrate privacy and data protection safeguards in the heart of big data, by design and by default.

A. Mehmood,Guang Hua,Iynkaran Natgunanathan,Yong Xiang,Song Guo

DOI: https://doi.org/10.1109/ACCESS.2016.2558446

IF: 3.9

2016-04-27

IEEE Access

Abstract:In recent years, big data have become a hot research topic. The increasing amount of big data also increases the chance of breaching the privacy of individuals. Since big data require high computational power and large storage, distributed systems are used. As multiple parties are involved in these systems, the risk of privacy violation is increased. There have been a number of privacy-preserving mechanisms developed for privacy protection at different stages (e.g., data generation, data storage, and data processing) of a big data life cycle. The goal of this paper is to provide a comprehensive overview of the privacy preservation mechanisms in big data and present the challenges for existing mechanisms. In particular, in this paper, we illustrate the infrastructure of big data and the state-of-the-art privacy-preserving mechanisms in each stage of the big data life cycle. Furthermore, we discuss the challenges and future research directions related to privacy preservation in big data.

Computer Science

Jinfu Yang,Gi-Jin

2014-01-01

법학연구

Abstract:These days, countries faces a brand new global wave of big data; Korea is no exception. It is time to inspect the related laws on privacy of personal data and to adjust, if necessary, themselves into today’s changed environment looking for more adequate answer. This paper attempts to find some solutions in the legal aspects mostly focused in consideration of necessity of making efficient use of big data. Firstly, to avoid intricacy, similar privacy protection provisions in the three relevant laws should be consolidated into Personal Information Protection Act which has enacted in 2009 as a general personal data protection law. Secondly, in the definition of personal data in the relevant Acts, a requirement of ‘(easy) identifiability’ had better be replaced by sensitivity. This identifiability is too broad word which might bring about reluctance of processing useful data. For privacy itself, sensitivity in nature of data can be more effective and practical. Thirdly, although the current relevant laws have established the common stance of requiring data subjects’ consent before data collection, etc. there are still loopholes in the big data processing. Therefore, not only collection but also generation of sensitive personal data from mixing de-identified databases should be informed to the data subject.

Georgios Georgiadis,Geert Poels

DOI: https://doi.org/10.1016/j.clsr.2021.105640

2022-04-01

Abstract:Big Data Analytics enables today's businesses and organisations to process and utilise the raw data that is generated on a daily basis. While Big Data Analytics has improved efficiency and created many opportunities, it has also increased the risk of personal data being compromised or breached. The General Data Protection Regulation (GDPR) mandates Data Protection Impact Assessment (DPIA) as a means of identifying appropriate controls to mitigate risks associated with the protection of personal data. However, little is currently known about how to conduct such a DPIA in a Big Data Analytics context. To this end, we conducted a systematic literature review with the aim of identifying privacy and data protection risks specific to the Big Data Analytics context that could negatively impact individuals' rights and freedoms when they occur. Based on a sample of 159 articles, we applied a thematic analysis to all identified risks which resulted in the definition of nine Privacy Touch Points that summarise the identified risks. The coverage of these Privacy Touch Points was then analysed for ten Privacy Impact Assessment (PIA) methodologies. The insights gained from our analysis will inform the next phase of our research, in which we aim to develop a comprehensive DPIA methodology that will enable data processors and data controllers to identify, analyse and mitigate privacy and data protection risks when storing and processing data involving Big Data Analytics.

law

Kesava Pillai Rajadorai,Vazeerudeen Abdul Hameed,Selvakumar Samuel

DOI: https://doi.org/10.1007/978-981-16-1007-3_11

2021-01-01

Abstract:Usual data will reveal the basic information of the data provider, whereas big data can be used to scrutinize for understandings and to provide tips for enhanced strategic decision making. As a result, implementing data protection and data privacy acts on big data becomes essential to safeguard this complex information from corruption, compromise, or loss. The significance of data protection upsurge as the volume of data increases and stored continues to grow at exceptional rates. In this chapter, the author discusses the governance of big data using data protection and privacy acts and proposes some ideas how these acts can be deployed in the future. In addition, the author also presented the current General Data Protection Regulation (GDPR) which is commonly used to protect and safeguard individual and organizational data. Moreover, the author also presented some latest data security technologies that are being deployed in digital era and how it can be useful for big data analytics.

Moutaz Haddara,A Salazar,Marius Langseth

DOI: https://doi.org/10.1016/j.procs.2023.01.350

2023-01-01

Procedia Computer Science

Abstract:This research explores the impact of data privacy and protection laws on e-commerce companies in the Netherlands. Specifically, this study focuses on the General Data Protection Regulation (GDPR). The purpose of this regulation is to refine privacy laws and emphasize the importance of consumer protection and consent. GDPR might challenge enterprises, especially data-driven organizations. Notably, the e-commerce industry is known for relying heavily on big data analytics, business intelligence, and other data-related technologies. Multiple semi-structured interviews with e-commerce professionals and consumers were conducted to gain a deeper understanding of the impact of GDPR based on the strategies employed by e-commerce companies and the online user experience of customers in the Netherlands. The main findings show that while GDPR compliance incurred additional costs for companies, it also improved data security and increased customer trust. Furthermore, the results also suggest that GDPR affects the e-commerce analytics operations in organizations after its adoption. Thus, many organizations have altered their practices to achieve compliance with the laws. The findings of this research contribute to the ongoing exploration of the effects of GDPR on online retail businesses that utilize (big) data analytics.

Katarzyna Kolasa,W Ken Redekop,Alexander Berler,Vladimir Zah,Carl V Asche

DOI: https://doi.org/10.1007/s40273-020-00927-1

PharmacoEconomics

Abstract:The development of evidence to demonstrate 'value for money' is regarded as an important step in facilitating the search for the optimal allocation of limited resources and has become an essential component in healthcare decision making. Real-world evidence collected from de-identified individuals throughout the continuum of healthcare represents the most valuable source in technology evaluation. However, in the European Union, the value assessment based on real-world data has become challenging as individuals have recently been given the right to have their personal data erased in the case of consent withdrawal or when the data are regarded as being no longer necessary. This act may limit the usefulness of data in the future as it may introduce information bias. Among healthcare stakeholders, this has become an important topic of discussion because it relates to the importance of data on one side and to the need for personal data protection on the other side, especially when it comes to "personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveals information about his or her health status". At the forefront of these discussions are data protection issues as well as the population's trust in digital services. It seems that the new era has begun, where citizens and patients will have the ability to manage their personal or self-generated data. The European Commission has laid the groundwork for this paradigm shift that will steadily emerge in the coming years. To prepare for this change, we believe attention should be given to data security and other rules of data privacy. It has become increasingly important to ensure that individuals are properly introduced into complex environments with multiple sources of Big Data for clinical and behavioral purposes to provide an optimal balance between societal and individual benefits. In this article, a number of issues are considered and discussed, based upon the authors' experience, with the aim of helping the reader better understand the implications of the use of Big Data and the importance of data protection in the coming years.

Andreas Kotsios,Matteo Magnani,Luca Rossi,Irina Shklovski,Davide Vega

DOI: https://doi.org/10.48550/arXiv.1903.03196

2019-10-06

Abstract:This article examines the principles outlined in the General Data Protection Regulation (GDPR) in the context of social network data. We provide both a practical guide to GDPR-compliant social network data processing, covering aspects such as data collection, consent, anonymization and data analysis, and a broader discussion of the problems emerging when the general principles on which the regulation is based are instantiated to this research area.

Social and Information Networks

SANTOSH DANGAL

DOI: https://doi.org/10.55041/ijsrem25590

2023-09-01

INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT

Abstract:The rapid proliferation of big data and data- driven decision-making has brought about unprecedented technological advancements, revolutionizing various industries. Organizations now harness extensive data to extract valuable insights, optimize operations, and enhance customer experiences. However, this data-driven landscape raises concerns about individual privacy and data security. As personal information collection and analysis become more prevalent, robust privacy approaches are imperative. This research paper conducts a comparative analysis of privacy approaches in the context of big data and data-driven decision-making. It examines traditional methods such as cryptography, anonymization, and access controls, alongside emerging techniques like differential privacy, homomorphic encryption, and secure multi-party computation. Qualitative content analysis and thematic coding gather insights from academic literature, reports, and expert interviews. The findings highlight each approach's strengths, limitations, and trade-offs, offering valuable insights for organizations aiming to balance data utility with privacy preservation. This study contributes to understanding ethical concerns, legal compliance, data quality, trust, and technological advancements in the pursuit of responsible data-driven decision-making while safeguarding privacy. Key Words: privacy preservation, big data analytics, data privacy strategies, ethical data use, emerging privacy techniques

DOI: https://doi.org/10.35940/ijitee.f1317.0486s419

2019-07-26

International Journal of Innovative Technology and Exploring Engineering

Abstract:Information, which is not a fear till 2000, was the precept criteria for man or woman regarding safety and protection a brief time later. these days enormous measure of information is being created for always it is a check to deal with it. it is being used by numerous groups to take large options from the beyond facts to interrupt down thefuture. This tremendous diploma of facts is referred to as as huge statistics. in spite of the fact that there are numerous common calculations in presence, for giving safety and safety in large records it's miles attending to be tough because of its traits (quantity, range and Veracity). This paper demonstrates the investigation of common techniques handy, troubles to protection and safety of big records and protection saving processes like anonymization, randomization, differential safety, word and assent and so on.

Chuyun Wang,Feifei Guo,Mengxuan Ji

DOI: https://doi.org/10.1155/2022/1678360

2022-08-30

Journal of Environmental and Public Health

Abstract:In the era of big data, while every citizen enjoys the convenience of the Internet, all kinds of information closely related to their personal and property are in a state of "streaking" for a long time. Personal information is frequently leaked, illegally misappropriated, and used. There are necessary requirements of network security. The risks and challenges faced by personal information in the context of big data increase. In the context of the rapid development of big data, the information is circulated in virtual cyberspace in the form of electronic data, and data sharing has become an important flow form of information circulation. It is an important link to realize the optimal allocation of network resources and realize the value of data. The great progress of the digital economy and artificial intelligence technology has greatly increased the demand for data, the speed of circulation has been further accelerated, and the potential value of data has been fully reflected. At present, the scope of personal information protected by Chinese laws is relatively narrow and is basically limited to the scope of privacy rights, which makes a large amount of information owned by individuals that do not belong to the category of personal privacy rights lack legal protection. Personal information is different from the characteristics of privacy rights. It is decided that the protection of personal information should be different from the protection of traditional personal privacy. To sum up, in view of this, this article attempts to analyze the new challenges faced by personal information protection in the era of big data from the perspective of law, combined with the background of the era of big data, from the legislative model, system design, supervision mechanism, industry self-discipline, and other aspects. Exploration of the legislative framework for the protection of personal information in the era of big data in our country is done in order to find a realistic path that balances the development of big data technology and the protection of personal information.

DOI: https://doi.org/10.34104/ajeit.024.0930103

2024-10-11

Canadian Journal of Business and Information Studies

Abstract:In the era of rapid technological advancements, machine learning (ML) and big data analytics have become pivotal in harnessing vast amounts of data for insights, efficiency, and innovation across various sectors. However, the widespread collection and analysis of data raise significant privacy concerns, highlighting the delicate balance between leveraging technology for societal benefits and safeguarding individual privacy. This article delves into the complexities of data collection and analysis practices, emphasizing the potential for privacy breaches through methods such as location tracking, browsing habits analysis, and the creation of detailed personal profiles. It discusses the implications of ML algorithms capable of de-anonymizing data, despite measures like data anonymization and encryption aimed at protecting privacy. The article also examines the existing legal frameworks, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), designed to enhance privacy protection, alongside the ethical considerations for developers and companies in using ML and big data. Furthermore, it explores future outlooks, including developments in technologies like federated learning and differential privacy, that promise enhanced privacy protection. The conclusion calls for a concerted effort among policymakers, technologists, and the public to engage in ongoing dialogue and develop solutions that ensure the ethical use of ML and big data while upholding privacy rights.

Martí Cuquet,Guillermo Vega-Gorgojo,Hans Lammerant,Rachel Finn,Umair ul Hassan

DOI: https://doi.org/10.48550/arXiv.1704.03361

2017-04-11

Computers and Society

Abstract:This paper presents the risks and opportunities of big data and the potential social benefits it can bring. The research is based on an analysis of the societal impacts observed in a set of six case studies across different European sectors. These impacts are divided into economic, social and ethical, legal and political impacts, and affect areas such as improved efficiency, innovation and decision making, changing business models, dependency on public funding, participation, equality, discrimination and trust, data protection and intellectual property rights, private and public tensions and losing control to actors abroad. A special focus is given to the risks and opportunities coming from the legal framework and how to counter the negative impacts of big data. Recommendations are presented for four specific legal frameworks: copyright and database protection, protection of trade secrets, privacy and data protection and anti-discrimination. In addition, the potential social benefits of big data are exemplified in six domains: improved decision making and event detection; data-driven innovations and new business models; direct social, environmental and other citizen benefits; citizen participation, transparency and public trust; privacy-aware data practices; and big data for identifying discrimination. Several best practices are suggested to capture these benefits.

Xianghua Deng,Meiyuan Yan

DOI: https://doi.org/10.1088/1742-6596/1883/1/012081

2021-04-01

Journal of Physics: Conference Series

Abstract:Abstract With the scale and convenience of information storage and transmission, human society has entered the era of big data. In this era, information has become the most valuable and potentially influential resource, and personal information that is closely related to citizens’ daily lives is no exception, and is used by all stakeholders. Improper collection of personal information, fraudulent use of personal information, and malicious use of personal information have disrupted the peaceful life of citizens, thereby threatening personal and property safety issues are gradually exposed. In the era of big data, personal information protection is facing new challenges of data personality shaping and modern power control. Strengthening the protection of personal information is an urgent need in the era of big data.

M Mostert,B M Koomen,J J M van Delden,A L Bredenoord

DOI: https://doi.org/10.1016/j.ijlp.2018.07.002

Abstract:In Big Data health research, concerns have risen about privacy and data protection. While the ethical and legal discussion about these issues is ongoing, so is research practice. The aim of this qualitative case study is to gain more insight into how these concerns are currently dealt with in practice. For this multiple-case study, the YOUth cohort, a longitudinal cohort focusing on psychosocial development, and Big Data Psychiatry, a pilot study in Big Data analytics on psychiatric health data, were selected. A broad range of relevant documents were collected and semi-structured interviews with stakeholders were conducted. Data were coded, studied and divided into themes during an iterative analytical process. Three themes emerged: abandoning anonymisation, reconfiguring participant control, and the search for guidance and expertise. Overall, the findings show that it takes considerable effort to take privacy and data protection norms into account in a Big Data health research initiative, especially when individual participant level data need to be linked or enriched. By embracing the complexity of the law in an early phase, setbacks could be prevented, the existing flexibility within the law could be utilised, and systems or organisations could be designed and constructed to take relevant rules into account. Our paper illustrates that a close collaboration of experts with different backgrounds within the initiative may be necessary to be able to successfully navigate this process.

Daniar Supriyadi

DOI: https://doi.org/10.53955/jhcls.v3i1.71

2023-02-14

Abstract:Data protection laws provide minimum protections for personal data, as well as facilitate the free flow of such data, by setting out principles and rules for legitimate data processing. In the big data context, personal data may not be as easy to distinguish as in traditional data processing, and that makes policy-makers and businesses turn to the identifiability concept: in other words, what data are personal. This research is based on doctrinal legal researchon the legal theory (concepts, rules, and principles) concerning data protection in the EU and Indonesia. The results of the research show that the understand such paramount terminology in data protection law, relevant factors are presented to assess the direct or indirect identification of a natural person. In the EU data protection law, the test entails, for example, risk-based measures and technological development, whereas Indonesian law on data protection has not yet established such assessments. Data within big data operations traditionally falls under the scope of data protection laws only if it discloses the private life of individuals, such as names or other civil identities, but without further conditions to ascertain whether the data can be indirectly identified with an individual.

Isabel Ebert,Isabelle Wildhaber,Jeremias Adams-Prassl

DOI: https://doi.org/10.1177/20539517211013051

2021-01-01

Abstract:Data-driven technologies have come to pervade almost every aspect of business life, extending to employee monitoring and algorithmic management. How can employee privacy be protected in the age of datafication? This article surveys the potential and shortcomings of a number of legal and technical solutions to show the advantages of human rights-based approaches in addressing corporate responsibility to respect privacy and strengthen human agency. Based on this notion, we develop a process-oriented model of Privacy Due Diligence to complement existing frameworks for safeguarding employee privacy in an era of Big Data surveillance.

social sciences, interdisciplinary

Hervais Simo Fhom

DOI: https://doi.org/10.48550/arXiv.1502.00823

2015-02-03

Cryptography and Security

Abstract:Recent advances in data collection and computational statistics coupled with increases in computer processing power, along with the plunging costs of storage are making technologies to effectively analyze large sets of heterogeneous data ubiquitous. Applying such technologies (often referred to as big data technologies) to an ever growing number and variety of internal and external data sources, businesses and institutions can discover hidden correlations between data items, and extract actionable insights needed for innovation and economic growth. While on one hand big data technologies yield great promises, on the other hand, they raise critical security, privacy, and ethical issues, which if left unaddressed may become significant barriers to the fulfillment of expected opportunities and long-term success of big data. In this paper, we discuss the benefits of big data to individuals and society at large, focusing on seven key use cases: Big data for business optimization and customer analytics, big data and science, big data and health care, big data and finance, big data and the emerging energy distribution systems, big/open data as enablers of openness and efficiency in government, and big data security. In addition to benefits and opportunities, we discuss the security, privacy, and ethical issues at stake.

Youyang Qu,Mohammad Reza Nosouhi,Lei Cui,Shui Yu

DOI: https://doi.org/10.1007/978-981-16-3750-6

2021-01-01

Abstract:This book presents the data privacy protection which has been extensively applied in our current era of big data. However, research into big data privacy is still in its infancy. Given the fact that existing protection methods can result in low data utility and unbalanced trade-offs, personalized privacy protection has become a rapidly expanding research topic. In this book, the authors explore emerging threats and existing privacy protection methods, and discuss in detail both the advantages and disadvantages of personalized privacy protection. Traditional methods, such as differential privacy and cryptography, are discussed using a comparative and intersectional approach, and are contrasted with emerging methods like federated learning and generative adversarial nets. The advances discussed cover various applications, e.g. cyber-physical systems, social networks, and location-based services. Given its scope, the book is of interest to scientists, policy-makers, researchers, and postgraduates alike.

Xianghua Deng,Bo Zhang

DOI: https://doi.org/10.1088/1757-899x/806/1/012032

2020-04-01

IOP Conference Series: Materials Science and Engineering

Abstract:Abstract In the era of big data, the problem of leakage of personal information is becoming more and more serious. With the citizens’ increasing legal awareness, people pay more and more attention to the protection of personal information. In the context of big data, this article is based on the impact of big data on the protection of personal information. By studying the current status of the domestic and international legal protection of personal information, this paper puts forward some proposals for the protection of information, combined with the current status and existing problems of the legal protection of personal information,