P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
Privacy protecting fitness trackers
1. Privacy protecting fitness trackers?
Dr. Kaja J. Fietkiewicz & Maria Henkel
Department of Information Science, Heinrich-Heine-University Düsseldorf
HCI International 2018, Las Vegas
3. !3
1 The status quo of data
privacy in the EU and the US
The development of data
privacy in the EU
2
The state of scientific
research on data privacy and
fitness trackers
8. !6
USA EU
Horizontal
Reach
Example
Vertical
attributes
HIPAA (Health
Insurance
Portability and
Accountability Act)
Data Protection
Directive,
GDPR
Sector-by-sector
regulation, not
defined by data
type but data
custodians
All sectors of
economy, all
„personal data“,
all stakeholders
Limited, mostly
only downstream
protection
Application
throughout the
lifespan of data
9. !7
History of Data Protection in EU…
Data Protection
Directive
1
12/1995 07/2000
2
Safe Harbor
Privacy Principles
2011
3
Schrem’s first
round of complaints
against Facebook
2013
4
Snowden
reveals global
surveillance
programs
5 6 7
2014 2015 2016 2018
CJEU’s ruling
on the right
be forgotten
CJEU’s
ruling on
the Safe
Harbor
EU-US
Privacy
Shield
GDPR
8
11. !9
1
„[i]n most countries, laws that govern the
collection, storage, analysis, processing, reuse,
and sharing of data (…) fail to adequately
address the privacy challenges associated with
human tagging technologies“
(Voas & Kshetri, 2017)
2
HIPPA and use of health-related data in
the USA (Ghazinur et al., 2017)
E-Health Law in Germany, data privacy
in medical sector (Altpeter, 2017)
12. !10
3
“individualized ‘data mining‘ enables delivery of
personalized product recommendations and
offerings“ but also “may disrupt the traditional view
of consumer consent“
“consumer-oriented nutrigenomics currently does
not fit neatly into existing legal categories“
(Rosenbaum at al., 2017).
Bostanci (2015) identifies malware, breach of
privacy, efficient data processing and incompatibility
of analysis tools and systems as ethical and
technological threats and challenges for the future
wearable technologies.
Ghazinour, Shirima, Parne and Bhoomreddy (2017)
criticize the „current binary standard“ for data
collection as it „leaves the user no options on selecting
their privacy preferences on their data and if they do
not agree to the terms, they cannot use the device“
13. !11
2
Torre, Koceva, Sanches and Adorni (2016) thematize
the problem of inference attacks by third parties
which are granted access to health and activity data
by the user.
Solution: “Adaptive Inference Discovery Services“
with personal data management functionalities.
Case study with 49 users to apply this framework,
assistance in deciding which privacy setting are
optimal to reduce the inference risk.
3
User studies giving
insights on opinions,
perceptions, behavior of
the users.
Yoon, Shin and Kim (2015)
Lehto and Lehto (2017)
Lidynia, Brauner and Ziefle (2018)
15. !13
Legal regulations for protecting
health-related information collected
of increasing importance
With GDPR the European
data privacy environment
is changing for better.
It is questionable whether the
„new“ EU-US Privacy Shield
keeps up with this change.
Only slight interest in data
privacy (regulations) and fitness
trackers among scholars.
16. !14
Thank you for your attention!
Questions or suggestions?
kaja.fietkiewicz@hhu.de