Samuel Wairimu,Leonardo Horn Iwaya,Lothar Fritsch,Stefan Lindskog

DOI: https://doi.org/10.1109/access.2024.3360864

IF: 3.9

2024-02-10

IEEE Access

Abstract:Assessing privacy risks and incorporating privacy measures from the onset requires a comprehensive understanding of potential impacts on data subjects. Privacy Impact Assessments (PIAs) offer a systematic methodology for such purposes, which are closely related to Data Protection Impact Assessments (DPIAs), particularly outlined in Article 35 of the General Data Protection Regulation (GDPR). The core of a PIA is a Privacy Risk Assessment (PRA). PRAs can be integrated as part of full-fledged PIAs or independently developed to support PIA processes. Although these methodologies have been identified as essential enablers of privacy by design, their effectiveness has been criticized because of the lack of evidence of their rigorous and systematic evaluation. Hence, we conducted a Systematic Literature Review (SLR) to identify published PIA and PRA methodologies and assess how and to what extent they have been scientifically validated or evaluated. We found that these methodologies are rarely evaluated for their performance in practice, and most of them have only been validated in limited studies. Most validation evidence is found with PRA methodologies. Of the evaluated methodologies, PIAs were the most evaluated, where case studies were the predominant evaluation method. These evaluated methodologies can be easily transferred to an industrial setting or used by practitioners, as they provide evidence of their use in practice. In addition, the findings in this study can be used to inform researchers of the current state-of-the-art, and practitioners can understand the benefits and current limitations of the methodologies and adopt evidence-based practices.

computer science, information systems,telecommunications,engineering, electrical & electronic

Dariusz Kloza,Niels van Dijk,Raphaël Gellert,István Böröcz,Alessia Tanas,Eugenio Mantovani,Paul Quinn

DOI: https://doi.org/10.31228/osf.io/b68em

2020-10-09

Abstract:This paper provides recommendations for the European Union (EU) to complement the requirement for data protection impact assessment (DPIA), as set forth in the General Data Protection Regulation (GDPR), with a view of achieving a more robust protection of personal data. In April 2016 the EU concluded the core part of the reform of its legal framework for personal data protection. The Union is currently preparing implementing measures and guidelines to give full effect to the new legal provisions before their applicability from May 2018. This reform introduces, among other ‘novelties’, a legal requirement to conduct a DPIA. However, this requirement bears a few weak points. In order to inform this on-going policy-making process, the present policy brief attempts to draft a best practice for a generic type of impact assessment, i.e. recommended for different areas (section II). Section III makes an early evaluation of how this best practice relates to the specific impact assessment requirement set forth in the GDPR, i.e. DPIA. These sections are preceded by succinct background information on impact assessments as such: definition, historical overview, and their merits and drawbacks (section I). Section IV concludes this paper by offering recommendations for complementing the DPIA requirement in the GDPR: (1) to expand the scope of the DPIA requirement in the GDPR; (2) to develop methods for conducting such an assessment; (3) to establish ‘reference centres’ on DPIA at data protection authorities (DPAs). This policy brief is addressed predominantly to policy-makers at the EU- and Member State-level, notwithstanding the potential interest it might gain from their counterparts elsewhere in the world.

Tamas Bisztray,Nils Gruschka

DOI: https://doi.org/10.48550/arXiv.2110.07366

2021-10-14

Cryptography and Security

Abstract:Privacy and data protection have become more and more important in recent years since an increasing number of enterprises and startups are harvesting personal data as a part of their business model. One central requirement of the GDPR is the implementation of a data protection impact assessment for privacy critical systems. However, the law does not dictate or recommend the use of any particular framework. In this paper we compare different data protection impact assessment frameworks. We have developed a comparison and evaluation methodology and applied this to three popular impact assessment frameworks. The result of this comparison shows the weaknesses and strengths, but also clearly indicates that none of the tested frameworks fulfill all desired properties. Thus, the development of a new or improved data protection impact assessment framework is an important open issue for future work, especially for sector specific applications.

Giuseppe D'Acquisto,Josep Domingo-Ferrer,Panayiotis Kikiras,Vicenç Torra,Yves-Alexandre de Montjoye,Athena Bourka

DOI: https://doi.org/10.48550/arXiv.1512.06000

2015-12-18

Cryptography and Security

Abstract:The extensive collection and processing of personal information in big data analytics has given rise to serious privacy concerns, related to wide scale electronic surveillance, profiling, and disclosure of private data. To reap the benefits of analytics without invading the individuals' private sphere, it is essential to draw the limits of big data processing and integrate data protection safeguards in the analytics value chain. ENISA, with the current report, supports this approach and the position that the challenges of technology (for big data) should be addressed by the opportunities of technology (for privacy). We first explain the need to shift from "big data versus privacy" to "big data with privacy". In this respect, the concept of privacy by design is key to identify the privacy requirements early in the big data analytics value chain and in subsequently implementing the necessary technical and organizational measures. After an analysis of the proposed privacy by design strategies in the different phases of the big data value chain, we review privacy enhancing technologies of special interest for the current and future big data landscape. In particular, we discuss anonymization, the "traditional" analytics technique, the emerging area of encrypted search and privacy preserving computations, granular access control mechanisms, policy enforcement and accountability, as well as data provenance issues. Moreover, new transparency and access tools in big data are explored, together with techniques for user empowerment and control. Achieving "big data with privacy" is no easy task and a lot of research and implementation is still needed. Yet, it remains a possible task, as long as all the involved stakeholders take the necessary steps to integrate privacy and data protection safeguards in the heart of big data, by design and by default.

Fatemeh Zarrabi,Isabel Wagner,Eerke Boiten

2023-04-24

Abstract:Based on Article 35 of the EU (European Union) General Data Protection Regulation, a Data Protection Impact Assessment (DPIA) is necessary whenever there is a possibility of a high privacy and data protection risk to individuals caused by a new project under development. A similar process to DPIA had been previously known as Privacy Impact Assessment (PIA). We are investigating here to find out if GDPR and DPIA specifically as its privacy risk assessment tool have resolved the challenges privacy practitioners were previously facing in implementing PIA. To do so, our methodology is based on comparison and thematic analysis on two sets of focus groups we held with privacy professionals back in January 2018 (four months before GDPR came into effect) and then in November 2019 (18 months after GDPR implementation).

Cryptography and Security

Nils Gruschka,Vasileios Mavroeidis,Kamer Vishi,Meiko Jensen

DOI: https://doi.org/10.48550/arXiv.1811.08531

2018-11-21

Abstract:Big data has become a great asset for many organizations, promising improved operations and new business opportunities. However, big data has increased access to sensitive information that when processed can directly jeopardize the privacy of individuals and violate data protection laws. As a consequence, data controllers and data processors may be imposed tough penalties for non-compliance that can result even to bankruptcy. In this paper, we discuss the current state of the legal regulations and analyze different data protection and privacy-preserving techniques in the context of big data analysis. In addition, we present and analyze two real-life research projects as case studies dealing with sensitive data and actions for complying with the data regulation laws. We show which types of information might become a privacy risk, the employed privacy-preserving techniques in accordance with the legal requirements, and the influence of these techniques on the data processing phase and the research results.

Cryptography and Security

Luis Enriquez

2024-11-06

Abstract:What if the main data protection vulnerability is risk management? Data Protection merges three disciplines: data protection law, information security, and risk management. Nonetheless, very little research has been made on the field of data protection risk management, where subjectivity and superficiality are the dominant state of the art. Since the GDPR tells you what to do, but not how to do it, the solution for approaching GDPR compliance is still a gray zone, where the trend is using the rule of thumb. Considering that the most important goal of risk management is to reduce uncertainty in order to take informed decisions, risk management for the protection of the rights and freedoms of the data subjects cannot be disconnected from the impact materialization that data controllers and processors need to assess. This paper proposes a quantitative approach to data protection risk-based compliance from a data controllers perspective, with the aim of proposing a mindset change, where data protection impact assessments can be improved by using data protection analytics, quantitative risk analysis, and calibrating expert opinions.

Risk Management,Machine Learning

Atoosa Kasirzadeh,Damian Clifford

DOI: https://doi.org/10.48550/arXiv.2109.06309

2021-09-13

Computers and Society

Abstract:In this paper, we critically examine the effectiveness of the requirement to conduct a Data Protection Impact Assessment (DPIA) in Article 35 of the General Data Protection Regulation (GDPR) in light of fairness metrics. Through this analysis, we explore the role of the fairness principle as introduced in Article 5(1)(a) and its multifaceted interpretation in the obligation to conduct a DPIA. Our paper argues that although there is a significant theoretical role for the considerations of fairness in the DPIA process, an analysis of the various guidance documents issued by data protection authorities on the obligation to conduct a DPIA reveals that they rarely mention the fairness principle in practice.

Katarzyna Kolasa,W Ken Redekop,Alexander Berler,Vladimir Zah,Carl V Asche

DOI: https://doi.org/10.1007/s40273-020-00927-1

PharmacoEconomics

Abstract:The development of evidence to demonstrate 'value for money' is regarded as an important step in facilitating the search for the optimal allocation of limited resources and has become an essential component in healthcare decision making. Real-world evidence collected from de-identified individuals throughout the continuum of healthcare represents the most valuable source in technology evaluation. However, in the European Union, the value assessment based on real-world data has become challenging as individuals have recently been given the right to have their personal data erased in the case of consent withdrawal or when the data are regarded as being no longer necessary. This act may limit the usefulness of data in the future as it may introduce information bias. Among healthcare stakeholders, this has become an important topic of discussion because it relates to the importance of data on one side and to the need for personal data protection on the other side, especially when it comes to "personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveals information about his or her health status". At the forefront of these discussions are data protection issues as well as the population's trust in digital services. It seems that the new era has begun, where citizens and patients will have the ability to manage their personal or self-generated data. The European Commission has laid the groundwork for this paradigm shift that will steadily emerge in the coming years. To prepare for this change, we believe attention should be given to data security and other rules of data privacy. It has become increasingly important to ensure that individuals are properly introduced into complex environments with multiple sources of Big Data for clinical and behavioral purposes to provide an optimal balance between societal and individual benefits. In this article, a number of issues are considered and discussed, based upon the authors' experience, with the aim of helping the reader better understand the implications of the use of Big Data and the importance of data protection in the coming years.

Concetta Tania Di Iorio,Fabrizio Carinci,Jillian Oderkirk,David Smith,Manuela Siano,Dorotea Alessandra de Marco,Simon de Lusignan,Paivi Hamalainen,Massimo Massi Benedetti

DOI: https://doi.org/10.1136/medethics-2019-105948

2020-03-27

Journal of Medical Ethics

Abstract:Background Data processing of health research databases often requires a Data Protection Impact Assessment to evaluate the severity of the risk and the appropriateness of measures taken to comply with the European Union (EU) General Data Protection Regulation (GDPR). We aimed to define and apply a comprehensive method for the evaluation of privacy, data governance and ethics among research networks involved in the EU Project Bridge Health. Methods Computerised survey among associated partners of main EU Consortia, using a targeted instrument designed by the principal investigator and progressively refined in collaboration with an international advisory panel. Descriptive measures using the percentage of adoption of privacy, data governance and ethical principles as main endpoints were used for the analysis and interpretation of the results. Results A total of 15 centres provided relevant information on the processing of sensitive data from 10 European countries. Major areas of concern were noted for: data linkage (median, range of adoption: 45%, 30%–80%), access and accuracy of personal data (50%, 0%–100%) and anonymisation procedures (56%, 11%–100%). A high variability was noted in the application of privacy principles. Conclusions A comprehensive methodology of Privacy and Ethics Impact and Performance Assessment was successfully applied at international level. The method can help implementing the GDPR and expanding the scope of Data Protection Impact Assessment, so that the public benefit of the secondary use of health data could be well balanced with the respect of personal privacy.

ethics,medical ethics,social issues,social sciences, biomedical

Raphaël Gellert

DOI: https://doi.org/10.1016/j.clsr.2017.12.003

2018-04-01

Abstract:The goal of this contribution is to understand the notion of risk as it is enshrined in the General Data Protection Regulation (GDPR), with a particular on Art. 35 providing for the obligation to carry out data protection impact assessments (DPIAs), the first risk management tool to be enshrined in EU data protection law, and which therefore contains a number of key elements in order to grasp the notion. The adoption of this risk-based approach has not come without a number of debates and controversies, notably on the scope and meaning of the risk-based approach. Yet, what has remained up to date out of the debate is the very notion of risk itself, which underpins the whole risk-based approach. The contribution uses the notions of risk and risk analysis as tools for describing and understanding risk in the GDPR. One of the main findings is that the GDPR risk is about “compliance risk” (i.e., the lower the compliance the higher the consequences upon the data subjects' rights). This stance is in direct contradiction with a number of positions arguing for a strict separation between compliance and risk issues. This contribution sees instead issues of compliance and risk to the data subjects rights and freedoms as deeply interconnected. The conclusion will use these discussions as a basis to address the long-standing debate on the differences between privacy impact assessments (PIAs) and DPIAs. They will also warn against the fact that ultimately the way risk is defined in the GDPR is somewhat irrelevant: what matters most is the methodology used and the type of risk at work therein.

law

Leonardo Horn Iwaya,Ala Sarah Alaqra,Marit Hansen,Simone Fischer-Hübner

2024-06-29

Abstract:Privacy Impact Assessments (PIAs) offer a systematic process for assessing the privacy impacts of a project or system. As a privacy engineering strategy, PIAs are heralded as one of the main approaches to privacy by design, supporting the early identification of threats and controls. However, there is still a shortage of empirical evidence on their uptake and proven effectiveness in practice. To better understand the current state of literature and research, this paper provides a comprehensive Scoping Review (ScR) on the topic of PIAs "in the wild", following the well-established Preferred Reporting Items for Systematic reviews and Meta-Analyses (PRISMA) guidelines. As a result, this ScR includes 45 studies, providing an extensive synthesis of the existing body of knowledge, classifying types of research and publications, appraising the methodological quality of primary research, and summarising the positive and negative aspects of PIAs in practice, as reported by studies. This ScR also identifies significant research gaps (e.g., evidence gaps from contradictory results and methodological gaps from research design deficiencies), future research pathways, and implications for researchers, practitioners, and policymakers developing and evaluating PIA frameworks. As we conclude, there is still a significant need for more primary research on the topic, both qualitative and quantitative. A critical appraisal of qualitative studies (n=28) revealed deficiencies in the methodological quality, and only four quantitative studies were identified, suggesting that current primary research remains incipient. Nonetheless, PIAs can be regarded as a prominent sub-area in the broader field of Empirical Privacy Engineering, warranting further research toward more evidence-based practices.

Cryptography and Security

Sylwia Kosznik-Biernacka

DOI: https://doi.org/10.5604/01.3001.0014.5614

2020-12-04

Security Dimensions

Abstract:Article 32 of the EU General Data Protection Regulation imposes the obligation to implement appropriate safeguards to protect personal data. It states that the application of adequate measures is to be preceded by a risk analysis and evaluation. In the current paper, as the main risk factors, probability and consequences were assumed that take into account the basic attributes of information, i.e. confidentiality, integrity and availability. Next, a risk analysis methodology based on the risk matrix is proposed. The issue discussed in the publication is currently valid and still requires careful analysis in order to develop universal standards aimed at establishing certification mechanisms as well as quality labels and markings in terms of personal data protection.

English Else

Asmita Manna,Anirban Sengupta,Chandan Mazumdar

DOI: https://doi.org/10.1007/978-981-13-8969-6_2

2019-08-29

Abstract:The imminent introduction of the Data Protection Act in India would make it necessary for almost all enterprises, dealing with personal data, to implement privacy-specific controls. These controls would serve to mitigate the risks that breach the privacy properties of user data. Hence, the first step toward implementing such controls is the execution of privacy risk assessment procedures that would help elicit the privacy risks to user data. All user data are processed/managed by one or more business processes. Hence, assessment of privacy risks to user data should consider the vulnerabilities within, and threats to, corresponding business process. It should also consider different perspectives, namely business, legal and contractual needs, and users’ expectations, during the computation of data privacy values. This paper proposes such a comprehensive methodology for identifying data privacy risks and quantifying the same. The risk values are computed at different levels (privacy property level, business process level, etc.) to help both senior management and operational personnel, in assessing and mitigating privacy risks.

Alessandro Mantelero

DOI: https://doi.org/10.1016/j.clsr.2016.01.014

2016-04-01

Abstract:In the big data era, new technologies and powerful analytics make it possible to collect and analyse large amounts of data in order to identify patterns in the behaviour of groups, communities and even entire countries.Existing case law and regulations are inadequate to address the potential risks and issues related to this change of paradigm in social investigation. This is due to the fact that both the right to privacy and the more recent right to data protection are protected as individual rights. The social dimension of these rights has been taken into account by courts and policymakers in various countries. Nevertheless, the rights holder has always been the data subject and the rights related to informational privacy have mainly been exercised by individuals.This atomistic approach shows its limits in the existing context of mass predictive analysis, where the larger scale of data processing and the deeper analysis of information make it necessary to consider another layer, which is different from individual rights. This new layer is represented by the collective dimension of data protection, which protects groups of persons from the potential harms of discriminatory and invasive forms of data processing.On the basis of the distinction between individual, group and collective dimensions of privacy and data protection, the author outlines the main elements that characterise the collective dimension of these rights and the representation of the underlying interests.

law

SANTOSH DANGAL

DOI: https://doi.org/10.55041/ijsrem25590

2023-09-01

INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT

Abstract:The rapid proliferation of big data and data- driven decision-making has brought about unprecedented technological advancements, revolutionizing various industries. Organizations now harness extensive data to extract valuable insights, optimize operations, and enhance customer experiences. However, this data-driven landscape raises concerns about individual privacy and data security. As personal information collection and analysis become more prevalent, robust privacy approaches are imperative. This research paper conducts a comparative analysis of privacy approaches in the context of big data and data-driven decision-making. It examines traditional methods such as cryptography, anonymization, and access controls, alongside emerging techniques like differential privacy, homomorphic encryption, and secure multi-party computation. Qualitative content analysis and thematic coding gather insights from academic literature, reports, and expert interviews. The findings highlight each approach's strengths, limitations, and trade-offs, offering valuable insights for organizations aiming to balance data utility with privacy preservation. This study contributes to understanding ethical concerns, legal compliance, data quality, trust, and technological advancements in the pursuit of responsible data-driven decision-making while safeguarding privacy. Key Words: privacy preservation, big data analytics, data privacy strategies, ethical data use, emerging privacy techniques

Stephen Meisenbacher,Alexandra Klymenko,Patrick Gage Kelley,Sai Teja Peddinti,Kurt Thomas,Florian Matthes

2024-07-02

Abstract:The rise of powerful AI models, more formally $\textit{General-Purpose AI Systems}$ (GPAIS), has led to impressive leaps in performance across a wide range of tasks. At the same time, researchers and practitioners alike have raised a number of privacy concerns, resulting in a wealth of literature covering various privacy risks and vulnerabilities of AI models. Works surveying such risks provide differing focuses, leading to disparate sets of privacy risks with no clear unifying taxonomy. We conduct a systematic review of these survey papers to provide a concise and usable overview of privacy risks in GPAIS, as well as proposed mitigation strategies. The developed privacy framework strives to unify the identified privacy risks and mitigations at a technical level that is accessible to non-experts. This serves as the basis for a practitioner-focused interview study to assess technical stakeholder perceptions of privacy risks and mitigations in GPAIS.

Computers and Society

P. Geetha,Chandrakant Naikodi,Suresh Lakshmi Narasimha Setty

DOI: https://doi.org/10.1007/978-981-15-0372-6_19

2019-12-03

Abstract:Technological advancements in the field of Big Data and IoT have led to unprecedented growth in digital data. Data is collected from multiple distributed sources by business organizations, government agencies, and healthcare sectors. Data collected is mined to uncover valuable data, and the insights they provide are used by these organizations for optimized decision making. Data thus amassed may also contain sensitive personal information of individuals that are at risk of disclosure during analytics. Hence, there is a need for a privacy-aware system that enforces sensitive data protection. But such a system constrains the usefulness of data. Study shows that although significant findings do exist for balancing these contradicting objectives, the efficacy and scalability of these solutions continue to challenge the research community, given the volume of Big Data. Assessing the appropriate blend of these objectives for mutual benefit of organizations and customers requires leveraging the benefit of the modern tools and technologies in the Big Data ecosystem. This research study extensively reviews the previous work in the direction of privacy preserved Big Data analytics, and the review is first of its kind in exploring the challenges that have to be overcome in striking a balance between data value, privacy, scalability, and performance.

Et al. Deepak Hajoary

DOI: https://doi.org/10.17762/ijritcc.v11i9.9363

2023-11-05

International Journal on Recent and Innovation Trends in Computing and Communication

Abstract:This paper presents a comprehensive exploration of the evolving dynamics of data privacy, ethical considerations, and data protection in the rapidly advancing digital era. Recognizing the profound impact of technologies such as big data, IoT, and AI, this study delves into the intricate interplay between technological innovation and the pressing need for robust data-governance frameworks. It addresses the challenges and opportunities presented by the massive surge in data generation, focusing on the implications for personal privacy, the ethical use of data, and the development of legal and regulatory measures. Through a bibliometric analysis spanning from 2015 to 2023, this research systematically examines the literature in this domain, identifying key trends, influential authors, and pivotal publications. This study also investigates collaboration networks among leading data privacy scholars, revealing significant insights into the intellectual landscape of this field. The findings highlight a marked increase in academic interest in data privacy and ethics, particularly post-2020, underscoring the growing societal and scholarly attention to these issues. This study emphasizes the criticality of balancing the benefits of data-driven innovation with ethical and privacy concerns. This underscores the role of education and awareness in fostering a responsible, data-literate society capable of navigating the complexities of a digitalized economy. In conclusion, the study calls for ongoing reforms and a proactive approach to data governance, advocating a future in which technological advancements and ethical data use coexist harmoniously.

Rolly R. Tang, Jae Kyu Lee, Shan Liu

DOI: https://doi.org/10.52783/jes.1612

2024-04-04

Abstract:Will General Data Protection Regulation (GDPR) be adopted globally in business? The GDPR was approved in the European Union (EU) in April 2016 and officially put into effect in May 2018, thus the research in this field has an obvious upward trend. The development of GDPR is aimed at adapting to new trends, conducting scientific econometric analysis in the fields of privacy and GDPR, and analyzing and visualizing emerging trends. First, summarizing the privacy and GDPR studies publicly published between 1995 and 2023 through statistical analysis of terminology categories and high-yield journals. Then, understand the overall research status of privacy rights and GDPR from the perspectives of author, journal, literature co citation analysis, and collaborative networks. Finally, based on keyword analysis and literature co citation cluster analysis, a knowledge graph was constructed that includes knowledge domains, evolutionary trends, and future research directions. As a globally influential regulation, GDPR emphasizes the protection and lawful processing of personal data, which is of great significance for protecting personal data privacy and enhancing data security.