This is the slide-deck of the community event held on November 14, 2019 in Brussels, titled "Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019". It includes the presentations given by the speakers.
Presentation 2 of 2 by Ermo Taks, senior consultant in E-governance architectures and interoperability, Estonia, at seminar 2, held on 18 March 2021, which addresses digital government principles and building blocks. This 2nd event takes place in the framework of a series of three webinars organised by the SIGMA Programme, a joint initiative of the OECD and EU, principally financed by the EU, on the role of life events in end-to-end public service delivery.
Presentation by Kuldar Taveter, Senior Consultant in e-Government and Digital Economy, Estonia, at the 3rd and last seminar in the series, held on 1 April 2021, which puts the focus on moving towards seamless public service delivery. This 3rd event takes place in the framework of a series of three webinars organised by the SIGMA Programme, a joint initiative of the OECD and EU, principally financed by the EU, on the role of life events in end-to-end public service delivery.
Governing algorithms – perils and powers of ai in the public sector1(1)PanagiotisKeramidis
This document summarizes a presentation on governing algorithms and AI in the public sector. It discusses:
1. The emerging benefits and risks of using AI in the public sector, such as improving services but also risks of discrimination and lack of transparency.
2. The challenges of governing AI in three ways: governance "of" AI by introducing it properly, "with" AI by ensuring humans remain in control, and "by" AI by addressing risks if humans fully rely on AI decisions.
3. Lessons learned about avoiding potential dystopian outcomes by adopting a public value perspective, handling disruption, and designing new governance models for AI-enabled services.
Presentation by Dietrick Düner, DG GROW, European Commission, at seminar 2, held on 18 March 2021, which addresses digital government principles and building blocks. This 2nd event takes place in the framework of a series of three webinars organised by the SIGMA Programme, a joint initiative of the OECD and EU, principally financed by the EU, on the role of life events in end-to-end public service delivery.
eA11: Clive Holdsworth - Regulating digital accessibility and encouraging com...Headstar
Regulating digital accessibility and encouraging compliance: a talk by Clive Holdsworth, Head of Digital, Equality and Human Rights Commission at e-Access '11, 28 June 2011.
The Generations of Digital governance : From Paper to RobotsYannis Charalabidis
Digital or Electronic Governance relates to the utilisation of Information and Communication Technologies for achieving better digital services to citizens, enhance transparency and collaboration, and promote evidence-based decision making in the public sector. Along these directions, the talk presents the methods, the tools and the solutions that structure the main generations of Digital Governance. Starting from the introduction of computers in the public sector and reaching the emerging applications of artificial intelligence and other exponential technologies, the talk covers the benefits and the challenges for decision makers, from a technical and administrative viewpoint.
To Regulate or not to Regulate - Opening the AI Black Box for Parliaments Dr. Fotios Fitsilis
This document discusses the regulation of artificial intelligence (AI) in parliaments. It notes that while AI is being hyped, current systems are narrow and not true artificial general intelligence. Only about 10% of parliaments currently make use of AI. The document examines potential AI use cases for parliamentary processes and outlines several directions for research on AI challenges like ethics, bias, and legal issues. It argues that parliaments need to work cooperatively to determine appropriate regulatory parameters for emerging technologies and develop in-house regulations and transparency to govern advanced algorithms and build trust.
Presentation 2 of 2 by Ermo Taks, senior consultant in E-governance architectures and interoperability, Estonia, at seminar 2, held on 18 March 2021, which addresses digital government principles and building blocks. This 2nd event takes place in the framework of a series of three webinars organised by the SIGMA Programme, a joint initiative of the OECD and EU, principally financed by the EU, on the role of life events in end-to-end public service delivery.
Presentation by Kuldar Taveter, Senior Consultant in e-Government and Digital Economy, Estonia, at the 3rd and last seminar in the series, held on 1 April 2021, which puts the focus on moving towards seamless public service delivery. This 3rd event takes place in the framework of a series of three webinars organised by the SIGMA Programme, a joint initiative of the OECD and EU, principally financed by the EU, on the role of life events in end-to-end public service delivery.
Governing algorithms – perils and powers of ai in the public sector1(1)PanagiotisKeramidis
This document summarizes a presentation on governing algorithms and AI in the public sector. It discusses:
1. The emerging benefits and risks of using AI in the public sector, such as improving services but also risks of discrimination and lack of transparency.
2. The challenges of governing AI in three ways: governance "of" AI by introducing it properly, "with" AI by ensuring humans remain in control, and "by" AI by addressing risks if humans fully rely on AI decisions.
3. Lessons learned about avoiding potential dystopian outcomes by adopting a public value perspective, handling disruption, and designing new governance models for AI-enabled services.
Presentation by Dietrick Düner, DG GROW, European Commission, at seminar 2, held on 18 March 2021, which addresses digital government principles and building blocks. This 2nd event takes place in the framework of a series of three webinars organised by the SIGMA Programme, a joint initiative of the OECD and EU, principally financed by the EU, on the role of life events in end-to-end public service delivery.
eA11: Clive Holdsworth - Regulating digital accessibility and encouraging com...Headstar
Regulating digital accessibility and encouraging compliance: a talk by Clive Holdsworth, Head of Digital, Equality and Human Rights Commission at e-Access '11, 28 June 2011.
The Generations of Digital governance : From Paper to RobotsYannis Charalabidis
Digital or Electronic Governance relates to the utilisation of Information and Communication Technologies for achieving better digital services to citizens, enhance transparency and collaboration, and promote evidence-based decision making in the public sector. Along these directions, the talk presents the methods, the tools and the solutions that structure the main generations of Digital Governance. Starting from the introduction of computers in the public sector and reaching the emerging applications of artificial intelligence and other exponential technologies, the talk covers the benefits and the challenges for decision makers, from a technical and administrative viewpoint.
To Regulate or not to Regulate - Opening the AI Black Box for Parliaments Dr. Fotios Fitsilis
This document discusses the regulation of artificial intelligence (AI) in parliaments. It notes that while AI is being hyped, current systems are narrow and not true artificial general intelligence. Only about 10% of parliaments currently make use of AI. The document examines potential AI use cases for parliamentary processes and outlines several directions for research on AI challenges like ethics, bias, and legal issues. It argues that parliaments need to work cooperatively to determine appropriate regulatory parameters for emerging technologies and develop in-house regulations and transparency to govern advanced algorithms and build trust.
This document summarizes a presentation on responsible use of AI in governance. It discusses the legal impacts of AI, including on legislation, legal professions, and legal subjects. It also examines AI concepts/methods and the debate around AI hype vs. concerns. The EU and member state initiatives on AI ethics and regulations are outlined, as well as international "soft law" approaches. It concludes by questioning whether traditional lawmaking can adequately address AI and the future of normative frameworks.
Samos Summit Digital Europe 2040 [g.misuraca]samossummit
This document summarizes a presentation on shaping digital Europe 2040 given at the 10th Samos Summit on ICT-enabled governance. The presentation discusses envisioning the future of digital government through scenarios, explores how artificial intelligence is impacting governance, and identifies open issues and policy implications. Key topics included mapping AI use in public services in the EU, challenges in moving from data analysis to adoption, and two dimensions to consider in scenarios for digital governance: regulation of the digital landscape and data protection.
This presentation by Christian.REIMSBACH-KOUNATZE, OECD Digital Economy Policy Division, was made during the discussion “Data portability, interoperability and competition” held at the 135th meeting of the OECD Competition Committee on 9 June 2021. More papers and presentations on the topic can be found out at oe.cd/dpic.
Artificial intelligence (ai) multidisciplinary perspectives on emerging chall...PanagiotisKeramidis
This document discusses artificial intelligence (AI) and its emerging challenges and opportunities. It notes that AI is increasing the capability of algorithms and machines to perform human tasks through technologies like autonomous vehicles, chatbots, and medical diagnosis. However, society has yet to fully understand the ethical, economic, and social impacts of AI. The document outlines several challenges of AI, including unintended consequences, economic challenges like cost, data challenges around quality and access, and technological challenges regarding transparency and interpretability. It concludes by discussing how AI could impact the UN's sustainable development goals both positively through improved productivity and healthcare, and negatively through job disruption and increased inequality if not properly managed.
Presentation by Alenka Zuzek, Ministry of Public Administration, Slovenia, at seminar 2, held on 18 March 2021, which addresses digital government principles and building blocks. This 2nd event takes place in the framework of a series of three webinars organised by the SIGMA Programme, a joint initiative of the OECD and EU, principally financed by the EU, on the role of life events in end-to-end public service delivery.
MANYLAWS : EU-Wide Legal Text Mining Using Big Data InfrastructuresYannis Charalabidis
ManyLaws is a web platform that uses text mining and semantic extraction to provide services related to EU, Austrian and Greek laws. It delivers innovative legal search and visualization tools to citizens, businesses, and governments. The ManyLaws project utilizes big data infrastructures to process vast amounts of legal information across multiple jurisdictions. It provides the first fully automatic legal analysis and interrelation system and supports seamless navigation of legal texts in different languages.
Gov4All :An open data and open services repository for supporting citizen-dr...Yannis Charalabidis
Open data portals have been a primary source for publishing datasets from various sectors of administration, all over the world. However, making open data available does not necessarily lead to better utilisation from citizens and businesses. Our paper presents a new framework and a prototype system for supporting open application development by citizen communities, through gathering and making available open data and open web services sources from governmental actors, combined with an application development environment, training material and application examples.
This is a presentation of Gov4All platform, a web site for managing citizen-driven development in Greece.
Yannis Charalabidis gave a presentation on AI in governance. He discussed how AI is being used in various areas of public administration like service provision, back office processes, and policy design. He believes AI will have an enormous learning potential and impact areas like developing digital twins of cities, simulations to help with policy design and democracy, and developing truly smart city applications and agents. However, he notes that universal algorithms for complex societal simulations do not yet exist and more basic research is needed in areas like developing generic public sector agents and understanding systems.
This presentation by Peter Swire, Professor of Law and Ethics, Georgia Tech Scheller College of Business and Associate Director for Policy of the Georgia Tech Institute for Information Security and Privacy, was made during the discussion “Data portability, interoperability and competition” held at the 135th meeting of the OECD Competition Committee on 9 June 2021. More papers and presentations on the topic can be found out at oe.cd/dpic.
This document discusses data and protocol interoperability and their effects on competition. It defines data portability as the ability for users to transfer personal data between service providers. Data portability can increase competition by sharing learning effects between firms and reducing switching costs. However, it may also increase costs for smaller firms and pose privacy risks. Interoperability allows direct data exchange or the ability to invoke actions between platforms. This can boost network effects and facilitate switching. But interoperability risks tacit collusion and less product differentiation. The document recommends further reading on making data portability more effective and regulating digital markets.
As global evangelist, thought leader and ICT futurist I was asked to present my views on how ICT-enablement of the future Social Security systems in the Gulf Cooperation Council area could look like - and what recommendations I would make to enable the states to leapfrog on their Social Service Delivery. This presentation together with the detailed insight on my blog post (http://digitizesociety.blogspot.com/2014/04/ict-and-social-services-presentation-to.html) explain my view on current trends and directions as well as challenges that many Social Security / Social Welfare agencies face as they try to increase efficiency and effectiveness utilizing digitalization.
The Secure Identity Alliance is committed to helping governments deliver e-government services through secure identity technologies. It was founded in 2013 by leading document and service companies. The Alliance aims to accelerate e-government services by sharing best practices, promoting standardization, and providing guidance on security, identity, and privacy challenges. It has workgroups focused on digital identity and e-document security to define best practices and a security awareness model. The model will assess security solutions and provide recommendations to help members improve.
As Global expert in Public Secor and Social Welfare Digitilization, I was asked to address how EU Member States and the EU commission can use ICT to combat poverty by creating effective and efficient Social Policies for Minimum Income Support. I have elaborated on the slides in a blog post on my blog: http://digitizesociety.blogspot.com/2014/04/ict-enablement-of-minimum-income-support.html
Accelerating the creation and deployment of e-Government services by ensuring...Secure Identity Alliance
The document discusses establishing trust in digital identity and e-government services. It notes that passwords are broken, privacy is a challenge, and identities are difficult to verify online currently. Governments can play a role by acting as a root identity provider and promoting standards. Digital identity represents the sum of all available digital data on an individual and creates economic value. However, trust must be established through agreed standards and initiatives like the National Strategy for Trusted Identities in Cyberspace. The Secure Identity Alliance aims to accelerate e-government services by ensuring privacy, security, convenience and trust through partnerships between industry and governments.
e-SIDES presentation at Leiden University 21/09/2017e-SIDES.eu
On September 21st the eLaw team member of e-SIDES, Magdalena Jozwiak, made a presentation of the e-SIDES project at a lunch event at the Leiden University’s Law Faculty. The event, organized within the Interaction Between Legal Systems research theme, attracted an interdisciplinary audience and was followed by a discussion on e-SIDES, its goals and approaches.
Samos 2020 Summit - Digital Governance Overviewsamossummit
This document provides an overview of digital governance and the types of information systems used in government. It discusses traditional electronic government systems that automate internal operations and citizen transactions, as well as emerging systems that use new technologies to transform policymaking and decision making. The document outlines the evolution of e-government into three generations - from automating transactions to facilitating citizen participation to using analytics and AI to support policy formulation. The goal is to give context to different information system examples that will be presented and how they fit within the broader domain of digital governance.
This document discusses integrating the LEOS legislation drafting software with the ManyLaws legal informatics platform. LEOS allows for online collaboration on legislation, while ManyLaws relates laws within and across countries and translates them. Integrating the tools would allow users to access relevant laws from other jurisdictions, compare legal elements, and create metadata during drafting to make new legislation retrievable in ManyLaws. This would provide a powerful solution for legislation drafting within the EU. The document outlines ManyLaws' process for handling legal data and how LEOS could integrate to directly input new data and access ManyLaws' services.
The document discusses the potential value of harnessing the Internet of Everything (IoE) for public sector organizations over the next decade. It finds that IoE could generate $4.6 trillion in value, including through increased employee productivity, connected defense systems, reduced costs, improved citizen experiences, and increased revenue. The value will come from connecting people, processes, data and physical things to improve outcomes in areas like transportation, healthcare, education, and more. Top opportunities include employee mobility and collaboration tools, smart infrastructure systems, and integrated defense networks. Public leaders are encouraged to identify high-value IoE uses cases and develop strategies to capture this value.
Architecting a country: how Estonia built its e-government successAndres Kütt
This document discusses architecting a country's e-government systems and presents Estonia's approach. It introduces fundamental concepts for technical architectures and provides background on Estonia. The document proposes a meta-architecture framework with layers for electronic identity, delivery channels, integration, and infrastructure. Questions are posed for each layer to guide technical decisions. The framework is then applied to describe Estonia's technical architecture, focusing on its distributed but interconnected layers built around electronic IDs, web and mobile delivery, a service bus for integration, and consolidated but dispersed infrastructure.
Good Practices and Recommendations on the Security and Resilience of Big Data...Eftychia Chalvatzi
This document summarizes a report by the European Union Agency for Network and Information Security (ENISA) regarding security challenges and recommendations related to big data systems. The report identifies key security challenges such as access control and authentication, secure data management, and source validation and filtering. It provides recommendations for various stakeholders, including that policy makers provide guidance for secure big data use, standardization bodies adapt standards to include big data security, and companies invest in big data security skills and compliance with standards.
This document summarizes a presentation on responsible use of AI in governance. It discusses the legal impacts of AI, including on legislation, legal professions, and legal subjects. It also examines AI concepts/methods and the debate around AI hype vs. concerns. The EU and member state initiatives on AI ethics and regulations are outlined, as well as international "soft law" approaches. It concludes by questioning whether traditional lawmaking can adequately address AI and the future of normative frameworks.
Samos Summit Digital Europe 2040 [g.misuraca]samossummit
This document summarizes a presentation on shaping digital Europe 2040 given at the 10th Samos Summit on ICT-enabled governance. The presentation discusses envisioning the future of digital government through scenarios, explores how artificial intelligence is impacting governance, and identifies open issues and policy implications. Key topics included mapping AI use in public services in the EU, challenges in moving from data analysis to adoption, and two dimensions to consider in scenarios for digital governance: regulation of the digital landscape and data protection.
This presentation by Christian.REIMSBACH-KOUNATZE, OECD Digital Economy Policy Division, was made during the discussion “Data portability, interoperability and competition” held at the 135th meeting of the OECD Competition Committee on 9 June 2021. More papers and presentations on the topic can be found out at oe.cd/dpic.
Artificial intelligence (ai) multidisciplinary perspectives on emerging chall...PanagiotisKeramidis
This document discusses artificial intelligence (AI) and its emerging challenges and opportunities. It notes that AI is increasing the capability of algorithms and machines to perform human tasks through technologies like autonomous vehicles, chatbots, and medical diagnosis. However, society has yet to fully understand the ethical, economic, and social impacts of AI. The document outlines several challenges of AI, including unintended consequences, economic challenges like cost, data challenges around quality and access, and technological challenges regarding transparency and interpretability. It concludes by discussing how AI could impact the UN's sustainable development goals both positively through improved productivity and healthcare, and negatively through job disruption and increased inequality if not properly managed.
Presentation by Alenka Zuzek, Ministry of Public Administration, Slovenia, at seminar 2, held on 18 March 2021, which addresses digital government principles and building blocks. This 2nd event takes place in the framework of a series of three webinars organised by the SIGMA Programme, a joint initiative of the OECD and EU, principally financed by the EU, on the role of life events in end-to-end public service delivery.
MANYLAWS : EU-Wide Legal Text Mining Using Big Data InfrastructuresYannis Charalabidis
ManyLaws is a web platform that uses text mining and semantic extraction to provide services related to EU, Austrian and Greek laws. It delivers innovative legal search and visualization tools to citizens, businesses, and governments. The ManyLaws project utilizes big data infrastructures to process vast amounts of legal information across multiple jurisdictions. It provides the first fully automatic legal analysis and interrelation system and supports seamless navigation of legal texts in different languages.
Gov4All :An open data and open services repository for supporting citizen-dr...Yannis Charalabidis
Open data portals have been a primary source for publishing datasets from various sectors of administration, all over the world. However, making open data available does not necessarily lead to better utilisation from citizens and businesses. Our paper presents a new framework and a prototype system for supporting open application development by citizen communities, through gathering and making available open data and open web services sources from governmental actors, combined with an application development environment, training material and application examples.
This is a presentation of Gov4All platform, a web site for managing citizen-driven development in Greece.
Yannis Charalabidis gave a presentation on AI in governance. He discussed how AI is being used in various areas of public administration like service provision, back office processes, and policy design. He believes AI will have an enormous learning potential and impact areas like developing digital twins of cities, simulations to help with policy design and democracy, and developing truly smart city applications and agents. However, he notes that universal algorithms for complex societal simulations do not yet exist and more basic research is needed in areas like developing generic public sector agents and understanding systems.
This presentation by Peter Swire, Professor of Law and Ethics, Georgia Tech Scheller College of Business and Associate Director for Policy of the Georgia Tech Institute for Information Security and Privacy, was made during the discussion “Data portability, interoperability and competition” held at the 135th meeting of the OECD Competition Committee on 9 June 2021. More papers and presentations on the topic can be found out at oe.cd/dpic.
This document discusses data and protocol interoperability and their effects on competition. It defines data portability as the ability for users to transfer personal data between service providers. Data portability can increase competition by sharing learning effects between firms and reducing switching costs. However, it may also increase costs for smaller firms and pose privacy risks. Interoperability allows direct data exchange or the ability to invoke actions between platforms. This can boost network effects and facilitate switching. But interoperability risks tacit collusion and less product differentiation. The document recommends further reading on making data portability more effective and regulating digital markets.
As global evangelist, thought leader and ICT futurist I was asked to present my views on how ICT-enablement of the future Social Security systems in the Gulf Cooperation Council area could look like - and what recommendations I would make to enable the states to leapfrog on their Social Service Delivery. This presentation together with the detailed insight on my blog post (http://digitizesociety.blogspot.com/2014/04/ict-and-social-services-presentation-to.html) explain my view on current trends and directions as well as challenges that many Social Security / Social Welfare agencies face as they try to increase efficiency and effectiveness utilizing digitalization.
The Secure Identity Alliance is committed to helping governments deliver e-government services through secure identity technologies. It was founded in 2013 by leading document and service companies. The Alliance aims to accelerate e-government services by sharing best practices, promoting standardization, and providing guidance on security, identity, and privacy challenges. It has workgroups focused on digital identity and e-document security to define best practices and a security awareness model. The model will assess security solutions and provide recommendations to help members improve.
As Global expert in Public Secor and Social Welfare Digitilization, I was asked to address how EU Member States and the EU commission can use ICT to combat poverty by creating effective and efficient Social Policies for Minimum Income Support. I have elaborated on the slides in a blog post on my blog: http://digitizesociety.blogspot.com/2014/04/ict-enablement-of-minimum-income-support.html
Accelerating the creation and deployment of e-Government services by ensuring...Secure Identity Alliance
The document discusses establishing trust in digital identity and e-government services. It notes that passwords are broken, privacy is a challenge, and identities are difficult to verify online currently. Governments can play a role by acting as a root identity provider and promoting standards. Digital identity represents the sum of all available digital data on an individual and creates economic value. However, trust must be established through agreed standards and initiatives like the National Strategy for Trusted Identities in Cyberspace. The Secure Identity Alliance aims to accelerate e-government services by ensuring privacy, security, convenience and trust through partnerships between industry and governments.
e-SIDES presentation at Leiden University 21/09/2017e-SIDES.eu
On September 21st the eLaw team member of e-SIDES, Magdalena Jozwiak, made a presentation of the e-SIDES project at a lunch event at the Leiden University’s Law Faculty. The event, organized within the Interaction Between Legal Systems research theme, attracted an interdisciplinary audience and was followed by a discussion on e-SIDES, its goals and approaches.
Samos 2020 Summit - Digital Governance Overviewsamossummit
This document provides an overview of digital governance and the types of information systems used in government. It discusses traditional electronic government systems that automate internal operations and citizen transactions, as well as emerging systems that use new technologies to transform policymaking and decision making. The document outlines the evolution of e-government into three generations - from automating transactions to facilitating citizen participation to using analytics and AI to support policy formulation. The goal is to give context to different information system examples that will be presented and how they fit within the broader domain of digital governance.
This document discusses integrating the LEOS legislation drafting software with the ManyLaws legal informatics platform. LEOS allows for online collaboration on legislation, while ManyLaws relates laws within and across countries and translates them. Integrating the tools would allow users to access relevant laws from other jurisdictions, compare legal elements, and create metadata during drafting to make new legislation retrievable in ManyLaws. This would provide a powerful solution for legislation drafting within the EU. The document outlines ManyLaws' process for handling legal data and how LEOS could integrate to directly input new data and access ManyLaws' services.
The document discusses the potential value of harnessing the Internet of Everything (IoE) for public sector organizations over the next decade. It finds that IoE could generate $4.6 trillion in value, including through increased employee productivity, connected defense systems, reduced costs, improved citizen experiences, and increased revenue. The value will come from connecting people, processes, data and physical things to improve outcomes in areas like transportation, healthcare, education, and more. Top opportunities include employee mobility and collaboration tools, smart infrastructure systems, and integrated defense networks. Public leaders are encouraged to identify high-value IoE uses cases and develop strategies to capture this value.
Architecting a country: how Estonia built its e-government successAndres Kütt
This document discusses architecting a country's e-government systems and presents Estonia's approach. It introduces fundamental concepts for technical architectures and provides background on Estonia. The document proposes a meta-architecture framework with layers for electronic identity, delivery channels, integration, and infrastructure. Questions are posed for each layer to guide technical decisions. The framework is then applied to describe Estonia's technical architecture, focusing on its distributed but interconnected layers built around electronic IDs, web and mobile delivery, a service bus for integration, and consolidated but dispersed infrastructure.
Good Practices and Recommendations on the Security and Resilience of Big Data...Eftychia Chalvatzi
This document summarizes a report by the European Union Agency for Network and Information Security (ENISA) regarding security challenges and recommendations related to big data systems. The report identifies key security challenges such as access control and authentication, secure data management, and source validation and filtering. It provides recommendations for various stakeholders, including that policy makers provide guidance for secure big data use, standardization bodies adapt standards to include big data security, and companies invest in big data security skills and compliance with standards.
BDE SC2 Workshop 3: Building a European Data EconomyBigData_Europe
The European Commission is taking action to unlock the potential of the EU's data economy by addressing current barriers. A communication outlines possible policy solutions for free flow of data, access to and transfer of data, data portability, and liability issues from technologies like IoT. The Commission plans to launch a public consultation, engage in stakeholder debates, and consider guidance, default contract rules, and access rights to make machine-generated data more available and stimulate innovation across the EU digital economy.
L'economia europea dei dati. Politiche europee e opportunità di finanziamento...Data Driven Innovation
L'economia europea dei dati: soluzioni politiche e giuridiche per realizzare un'economia dei dati a livello di Unione Europea, nell'ambito della strategia per il mercato unico digitale. La consultazione pubblica 'Building the European Data Economy'. Il paternariato pubblico privato (PPP) Big Data Value ed opportunità di finanziamento in Horizon 2020. L'incubatore Data Pitch: opportunità per Start-up e Piccole e Medie Imprese.
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTIONPranav Godse
Data mining involves collecting and analyzing large amounts of customer data. While this can provide commercial benefits, it also raises ethical issues regarding customer privacy. Some key ethical challenges include ambiguity around how social networks label relationships, uncertainty around future uses of customer data by companies, and a lack of transparency around passive collection of mobile location data. To address these challenges, companies should focus on ethical data mining practices like verifying data sources, respecting customer expectations of privacy, developing trust through transparency and control over data access. Regulators also need to continue updating laws and regulations to balance the benefits of data analytics with protecting individual privacy rights.
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Ted Myerson
The document is a letter submitted to NIST proposing that the draft NISTIR report on de-identification of personally identifiable information include discussion of "dynamic data obscurity". The letter argues that dynamic data obscurity technologies can help overcome limitations of static de-identification techniques by allowing intelligent and compliant access to data elements while still enforcing core privacy protections. The letter proposes adding a section on dynamic data obscurity to the report and discusses the history and benefits of this approach.
The Case of Trade Secrets and Database Sui Generis Right in Marketing Operations, and the Ownership of Raw Data in Big Data Analysis
Paper presented at the Max Planck Institute's conference "Personal data in competition, consumer protection and IP law Towards a holistic approach?", held on 21 October 2016
Protecting Data Privacy in Analytics and Machine LearningUlf Mattsson
In this session, we will discuss a range of new emerging technologies for privacy and confidentiality in machine learning and data analytics. We will discuss how to use open source tools to put these technologies to work for databases and other data sources.
When we think about developing AI responsibly, there’s many different activities that we need to think about. In this session, we will discuss technologies that help protect people, preserve privacy, and enable you to do machine learning confidentially.
This session discusses industry standards and emerging privacy-enhanced computation techniques, secure multiparty computation, and trusted execution environments. We will discuss Zero Trust philosophy fundamentally changes the way we approach security since trust is a vulnerability that can be exploited particularly when working remotely and increasingly using cloud models. We will also discuss the “why, what, and how” of techniques for privacy preserving computing.
We will review how different industries are taking opportunity of these privacy preserving techniques. A retail company used secure multi-party computation to be able to respect user privacy and specific regulations and allow the retailer to gain insights while protecting the organization’s IP. Secure data-sharing is used by a healthcare organization to protect the privacy of individuals and they also store and search on encrypted medical data in cloud.
We will also review the benefits of secure data-sharing for financial institutions including a large bank that wanted to broaden access to its data lake without compromising data privacy but preserving the data’s analytical quality for machine learning purposes.
Privacy experience in Plone and other open source CMSInteraktiv
This document discusses privacy experience in open source content management systems (CMS) like Plone. It begins by explaining why privacy matters and providing examples of recent privacy issues. It then discusses different approaches to privacy internationally and how this affects global open source communities. The document proposes universal privacy principles and discusses how privacy can be ensured in open source CMS communities specifically, with suggestions for Plone. It emphasizes a preventative, privacy by design approach.
e-SIDES workshop at BDV Meet-Up, Sofia 14/05/2018e-SIDES.eu
The following presentation was given at the workshop "Technology solutions for privacy issues: what is the best way forward?" organized by e-SIDES at the BDVe Meet-up in Sofia on May 14, 2018. The workshop, chaired by Gabriella Cattaneo from IDC, involved stakeholders from ICT-18 projects.
"Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for...e-SIDES.eu
This document provides an overview of the AEGIS project, which aims to create a curated repository of public safety and personal security big data. It discusses the project objectives, including identifying and semantically linking diverse data sources and developing improved data handling and analysis tools. Three demonstrators are described that focus on automotive safety, smart homes, and smart insurance. The document outlines the project's commitment to ethics, including an Ethics Advisory Board and strategies to ensure privacy, data protection, and balance of interests. Requirements and frameworks for the technical platform emphasize privacy by design. Assessments of the system and demonstrators found them compliant with ethical and legal standards.
IT law : the middle kingdom between east and WestLilian Edwards
This document discusses balancing privacy, security, business interests, and other values. It notes that recent Western experience shows promoting security over privacy can hurt industry by reducing consumer confidence, and that lack of privacy protection can impact business profits from data usage. The document suggests China could learn lessons from this experience, and that global trends show strengthening, not weakening, privacy is important to maintain trust and enable digital innovation.
This document discusses privacy issues related to smart meters and the smart grid. It outlines legal problems like smart meters revealing private lifestyle information. It then discusses design responses like privacy by design and data protection by design and default. Technical options are proposed to address privacy like personal data storage and consumer control. The document reviews opinions from the Article 29 Working Party and EU recommendations. It concludes by posing questions about balancing privacy, innovation and law enforcement access to energy use data from smart meters.
In the third part of the workshop series Smart Policies for Data, we will focus on two central building blocks – interoperability and balanced data sharing.
The presentations of the event:
- Szymon Lewandowski, DG CONNECT, European Commission
- Marko Turpeinen, CEO, 1001 Lakes
- Lars Nagel, CEO, International Data Spaces Association
Data 4 AI: For European Economic Competitiveness and Societal ProgressEdward Curry
1) Data is a key resource for developing artificial intelligence systems, but difficulties accessing data can reduce innovation and competition.
2) Data platforms and data sharing spaces will fuel the development of AI-driven decision-making by facilitating access to and portability of data.
3) The Big Data Value Association advocates for policies and technologies that create trusted frameworks for sharing data across sectors and borders to advance AI for European economic competitiveness and societal progress.
Data Scientists are going to need to pay attention to the EU General Data Protection Regulation (GDPR), set to be published early 2016. Fines for violation are massive.
This document discusses how life insurance companies can leverage big data analytics across their value chain. It begins by explaining how data sources have expanded dramatically in recent years due to factors like the growth of digital devices and the internet of things. It then outlines how big data can be used in various parts of the insurance lifecycle from product development to claims processing. The document presents a four stage framework for life insurers to adopt big data analytics and provides examples of how some companies have realized benefits. It concludes by noting that while insurers recognize big data's potential, many challenges remain in analyzing diverse and voluminous unstructured data.
The document provides an overview of ethics, legislation, and privacy issues related to big data. It discusses the necessity of regulating big data and the differences between privacy and data protection. It also provides details on the General Data Protection Regulation (GDPR), including its goals, requirements for companies, and individual rights it aims to protect.
Similar to Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019 Slide deck (20)
Webinar: Big Data and Artificial Intelligence: Driving Growth and Innovation ...IDC4EU
This is the slide deck of the webinar held for the European Data Market study.
Artificial intelligence is widely recognised as an area of strategic importance and a key driver of economic development. However, to build reliable and high-performing artificial intelligence-based systems, access ti high quality data is an essential factor. Against this backdrop, the European Commission's aim is to stimulate data sharing and open more data for re-use to enable the conditions for a digital renaissance of new data-driven businesses and a broader take-up of artificial intelligence and other digital technologies throughout Europe.
Key speakers:
Giorgio Micheletti, Consulting Director at IDC4EU and project manager of the European Data Market study
Andrea Minonne, Senior Research Analyst at IDC
Sonja Zillner, Senior Expert Corporate Technology at Siemens
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...alexjohnson7307
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on automated letter generation for Bonterra Impact Management using Google Workspace or Microsoft 365.
Interested in deploying letter generation automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
3. Morning Session Agenda
Towards value-centric Big Data
European Big Data Community Forum, 2019
3
Welcome Keynote - Dr Malte Beyer-Katzenberger, DG
for Communication Networks, Content and Technology
of the European Commission
10.15
10.30
10.45
11.30
Keynote - Prof Dr Christiane Wendehorst, President -
European Law Institute, co-chair of the German Data
Ethics Committee
Panel session - Extracting the value of data: How
the research and industry community can best
move forward to balance privacy and fairness
Marina Da Bormida, Maryant Fernandez Perez,
Diego Naranjo, Moira Patterson
Coffee break
13.00 Networking lunch
11.45
Projects panel
e-SIDES, SODA, SPECIAL WeNet, MyHealthMyData
4. Afternoon Session Agenda
Lessons learned from research and
technology for a human-centered Big Data
European Big Data Community Forum, 2019
4
Afternoon session introduction
Rigo Wenning, SPECIAL
14.00
14.10
16.00
16.30
Break-out sessions
• Technology and Data Protection Law – how can
software engineering support legal compliance?
• Human-centric Big Data governance: responsible
ways to innovate privacy-preserving technologies
Wrap-up
Rigo Wenning, SPECIAL
Closing remarks
Richard Stevens, e-SIDES, IDC
5. Towards a more ethical data economy?
Malte Beyer-Katzenberger, European Commission, DG CONNECT
European Big Data Community Forum, 2019
6. «The EU needs to go further in developing a competitive, secure, inclusive and
ethical digital economy with world-class connectivity. Special emphasis should be
placed on access to, sharing of and use of data, on data security and on
Artificial Intelligence, in an environment of trust.»
(conclusions of 21/22 March 2019 the European Council)
European Big Data Community Forum, 2019 2
The political context
7. European Big Data Community Forum, 2019 3
What does the future hold for the data economy/data4AI?
8. European Big Data Community Forum, 2019 4
Chosing the right course of action
10. ▪ Anonymised: All set (?)
▪ Consent-based: Fatigue – anyone?
▪ Broad consent (and accompanying measures)
▪ Magic PETs (privacy-preserving analytics)
▪ Novel challenges: Group rights?
European Big Data Community Forum, 2019 6
Personal data sharing
11. ▪ Future funding inititiave under the Digital Europe programme (as of 2021);
▪ Announced in the Coordinated Plan on AI ((COM(2018)795, cf. Annex I) as a
measure to improve data access for AI, in particular privately-held data;
▪ To be operated by private consortia or in PPP;
▪ For specific sectors of the economy (e.g. manufacturing, mobility, agriculture,
energy) or thematic domains (health, climate change management);
▪ To allow machine learning on public sector data (cf. High value datasets under
Open Data Directive) and privately-held data pooled on the basis of voluntary
agreement (or legal obligation if one exists);
▪ No single design plan – depends on sector or domain.
European Big Data Community Forum, 2019 7
Common European data spaces
12. European Big Data Community Forum, 2019 8
Ethical elements
▪ Ethics of the use of algorithms
▪ Ethics of the collection and use of data
▪ Ethics of withholding data
13. European Big Data Community Forum, 2019 9
Malte Beyer-Katzenberger
Team leader, data innovation & policy
Malte.beyer-Katzenberger@ec.europa.eu
@beyermalte
European Commission
15. • Established in mid 2018 with the mission to develop, within
one year, an ethical and regulatory framework for data,
ADM and AI
• Co-chaired by Christiane Wendehorst and
Christiane Woopen
• Opinion presented in Berlin
on 23 October 2019
• Includes ethical guidelines and
75 concrete recommendations for action
regarding data and algorithmic systems
Data Ethics Commission
16. 3
Ethics of handling
personal data
Ethics of handling data in general
(including non-personal data)
Ethics of handling data and data-driven technologies
(including algorithmic systems, such as AI)
Ethics of the digital transformation in general
(including issues such as the platform economy or the future of work)
Wider
framework
Data-driven technologies
(such as AI)
Data
What is Data Ethics?
21. Data Governance Principles
• In line with the Principles under Article 5
of the GDPR, but apply to personal as
well as non-personal data
• Stress the potential of data use and data
sharing for the common good
• Recognise that there may, under certain
circumstances, also be an ethical
imperative to use data
Data use and
sharing for
the common
good
Foresighted
responsibility
Respect for
the rights of
the parties
involved
Fit-for-
purpose
data quality
Risk-
adequte
information
security
Interest-oriented
transparency
22. Data rights and corresponding data
obligations
• Rights vis-à-vis a controller of data,
aimed at access, desistance,
rectification or at receiving an
economic share
• Inspired by ALI-ELI Principles
• No plea for “data ownership”
• Data subjects’ rights under the
GDPR as a particularly important
manifestation
23. Illustration: The non-personal data collected by sensors in modern agricultural machinery (relating to soil quality,
weather, etc.) are used by manufacturers as a basis for many of the services they provide (precision farming,
predictive maintenance, etc.). If the manufacturers were to forward these data to potential investors or lessors
of land, however, the latter would be given information that might prove harmful to an agricultural holding if
negotiations over the land were to take place in the future.
Rights to require desistance from data use
24. Ethical imperatives to use data
Illustration: A hospital is experiencing an outbreak of a multi-resistant pathogen. It wants to analyse the health
data of patients who have recently become infected in order to gain a better idea of why certain individuals are
more likely to fall prey to the pathogen, as a basis for pinpointing the inpatients that might benefit most from a
move to another hospital. Under these circumstances, the hospital has a general obligation to provide new
patients with the best possible protection against infection by taking all available and reasonable precautions to
this end. This includes the use of health data belonging to patients who have already been infected with the
pathogen, provided that said use might protect new patients and there is no obligation emanating from the
former group of patients to desist from use of their data.
25. Rights to request access to data
Illustration: A supplier manufactures the engines for the agricultural machinery referred to in the first
Illustration. It would be extremely useful for the supplier to have access to certain tractor data so that it can
verify and constantly improve the quality of its engines. These data are stored in the manufacturer’s cloud,
however, and the latter is unwilling to allow the supplier to access them.
26. Rights to request rectification of data
Illustration: A very high error rate has been detected in the engine data stored by the manufacturer in the
previous Illustration. This is problematic for the company that supplies these engines, not only because it
deprives the company of the possibility to fulfil its quality assurance remit, but also because these engine-related
data are pooled with engine-related data from other engine manufacturers as a basis for evaluations, and poor
performance metrics for the engines from the relevant supplier might reduce the latter’s chances of securing
orders from other manufacturers. The processing of inaccurate data causes harm to the supplier.
27. Standards for the Use of Personal Data
• Recommendations for measures against ethically indefensible uses of data and
against the existing enforcement gap, including by fleshing out and strengthening the
existing legal framework (e.g. concerning profiling and trade in data)
• Recommendations with regard to specific contexts: data as “counter-performance”,
personalised risk assessment, digital inheritance
• Recommendations with regard to specific groups of data subjects: employees,
patients, minors, vulnerable adults
• Better implementation of privacy by design
28. Improving controlled access to personal data
• Better legal certainty for researchers (clarification and harmonisation of the law,
innovative forms of consent, etc.)
• Fostering progress with anonymisation, pseudonymisation and synthetic data
• Innovative data management and data trust schemes as the way forward
• Duty to provide for interoperability/interconnectivity in particular sectors (by way of
asymmetrical regulation)
29. Debates around access to non-personal data
• ASISA-Principle (Awareness – Skills – Infrastructures – Stocks – Access): Investing in
awareness raising, data infrastructures, and practical support
• Cautious adaptations of the current legislative framework (limited third party effects of
data contracts, facilitating data pooling, etc) and possibly further legislative measures
• Fostering open data in the public sector (open government data) while improving
protection of third parties
• Open data in the private sector: incentives for voluntary data sharing, cautious
approach to statutory duties, mainly on a sector-by-sector basis
31. A risk-based regulatory framework
• „Criticality pyramid“: different levels of
potential for harm (risk)
• No need for any regulation with regard to
most algorithmic systems
• Ban on systems involving an untenable
potential for harm
• Plea for a horizontal Regulation at EU level
and sector specific legislation at both EU
and national levels
34. Operationalizing Data Ethics: which barriers, opportunities
and facilitating factors for SMEs?
Marina Da Bormida, R&I Legal Advisor and Ethics Expert
European Big Data Community Forum, 2019
35. European Big Data Community Forum, 2019 2
Data Economy based on EU values for boosting European
competitiveness
Business
Citizens
Government and public
bodies
Science
Pursuing benefits for all involved stakeholders,
“Towards a European Data Sharing Space”
(BDVA PP, April 2019)
From Legal Compliance towards Data
Ethics
36. Barriers and challenges for SMEs / 1
Limited knowledge, information and awareness
• No specialised staff in ethics issues
• Unfamiliar with most topics (fundamental rights impact assessment, trade offs,…)
• GDPR-centric vision
Far from their daily business work and customer base’ demand:
gap
37. Barriers and challenges for SMEs / 2
Lack of perception of the future direct benefits and unnecessary
• Lack of long-term vision
• Cultural resistance
Limited resources
• Time and cost constraints
• Perception of irresponsible use of time and resources
• Disproportion between necessary efforts (hard work and research) and available
resources
38. Opportunities for SMEs
Alignment of
some Data Ethics
requirements
with streamline
tasks (such as
auditing & risk
assessmen)
Ethical practices
as a possible
competitive
factor (thought
not full
awareness)
Familiarity with
ethical data
collection and
processing
Ad-hoc
compliance
supporting
services?
39. The way forward…reflecting on facilitating measures/ 1
Fintech universe
Small scale, live testing
of innovations in a
controlled environment
Main features: possible
special exemption &
regulator’s supervision
More open and active
dialogue between
regulators and
innovators
Revise and shape the
regulatory framework
with agility
Extention of DIHs’
function as
experimentation
facilities? Clear
framework needed
Regulatory Sandboxes
40. The way forward…reflecting on facilitating measures / 2
Incentives and
awareness campaign
Participation to
European Projects
Addressing the value-
chain’s asymmetries of
power
Business ecosystem
services (training,
certification,…), such as
in DIHs
Cross-fertilization and
intersection dynamics
of Technology and
Law/Ethics
41. Thank you!ou!
Marina Da Bormida
R&I Legal Advisor and Ethics Expert
m.dabormida@eurolawyer.it
+393498433690
“Bejond privacy. Learning Data Ethics”, Bruxelles, 14 November 2019
42. Consumer-friendly EU policies on Artificial
Intelligence and the data economy
BEUC – The European Consumer Organisation
European Big Data Community Forum, 2019
Author: Maryant Fernández
43. European Big Data Community Forum, 2019 2
AI: TRUST IS GOOD, CONTROL IS BETTER
https://www.vzbv.de/sites/default/files/2019_vzbv_factsheet_artificial_intelligence.pdf
44. European Big Data Community Forum, 2019
AI RIGHTS FOR CONSUMERS
3
• Right to Transparency, Explanation, and
Objection (clear picture; stay in control; risk-based)
• Right to Accountability and Control (appropriate
technical systems to ensure compliance)
• Right to Fairness (expectations respected; input +
output fair; general welfare aspects)
• Right to Non-Discrimination (incorrect
predictions; adverse effects; proxy discrimination)
• Right to Safety and Security (safety for software;
regulatory oversight; updates)
• Right to Access to Justice (redress & public
enforcement; product liability modernised)
• Right to Reliability and Robustness (technically
robust and reliable by design; data quality)
45. European Big Data Community Forum, 2019 4
Competition
Reducing barriers to
entry
Preventing lock-in
Enabling innovation
Protection and
empowerment
Giving control over
personal data
Respecting consumer
rights
Privacy-enhancing
innovation
Common
interest
Promoting innovation
that benefits
consumers
Protecting freedom of
information
Encourage access to
public data
Oversight
Coherent data
governance
Cooperation between
authorities
Effective enforcement
and redress for
consumers
BEUC’s vision for a European data access and control policy
46. Consumer check-list
European Big Data Community Forum, 2019
5
1. Address market failures.
2. Stimulate innovation, bearing in mind
innovation ≠ progress.
3. Put consumers at the centre in data
sharing, in conformity with the GDPR (data
minimisation, purpose limitation, data
protection by design…)
4. Ensure a high-level of data security.
5. Adopt technical solutions to help
consumers control and manage flows of
personal information.
6. Make redress available to consumers.
7. Reduce the risks of data concentration
and excessive data collection
8. Promote the common interest through
open data initiatives.
47. European Big Data Community Forum, 2019 6
Maryant Fernández
Senior Digital Policy Officer
Digital@beuc.eu
BEUC – The European Consumer Organisation
Thanks for your attention!
48. IEEE SA – ADVANCING
TECHNOLOGY FOR THE BENEFIT OF
HUMANITY
STANDARDIZATION ACTIVITIES FOR AUTONOMOUS AND INTELLIGENT SYSTEMS
49. RAISING THE WORLD’S STANDARDS
Mission
Provide a high-quality, market-relevant standardization
environment that is respected world-wide
2
About IEEE SA
▪ Consensus-building organization within IEEE that
develops and advances global technologies - through
facilitation of standards development and
collaboration
▪ Promotes innovation, enables creation and expansion
of international markets; helps protect health, public
safety
▪ Drives functionality, capabilities and interoperability
of a wide range of products and services that
transform the way people live, work and communicate
50. IEEE ACTIVITIES IN A/IS AND ETHICS
Our Work: Putting principles into practice
3
Community
▪ 3000 members from all
continents
▪ 40% women
▪ Participation &
endorsement by
industry
▪ Recognition by
governments &
international
organizations
Ethically Aligned Design
▪ Provides guidance for
standards,
certification,
regulation, & serves
as a reference for the
work of policymakers,
industry members,
technologists,
& educators
“EAD For” Series
▪ Business
▪ Artists
▪ Health
▪ Parenting
▪ Advertising
Standards
▪ Nearly 30 AI/AS
standards projects in
development of which
15 are ethically
oriented
▪ Included in the
ethically oriented
standards is IEEE
P7000, which
establishes a process
model by which
engineers &
technologists can
address ethical
considerations
Certification
Criteria and process for
Certification / marks
addressing:
▪ Transparency in A/IS
▪ Accountability in A/IS
▪ Algorithmic Bias in A/IS
Education and learning
▪ AI & Ethics in Design
Business Course
▪ EAD University Consortium
▪ Engagement and
collaboration with
governments,
municipalities and
intergovernmental
fora (EU, EC, CoE, OECD,
UN orgs, NYC, Vienna,
Espoo, ….)
51. IEEE SA TECHNICAL STANDARDS
P3652.1™ - GUIDE FOR
ARCHITECTURAL FRAMEWORK
AND APPLICATION OF FEDERATED
MACHINE LEARNING
P2807™, P2807.1™ - KNOWLEDGE
GRAPHS (FRAMEWORK,
EVALUATION)
P1872.2™ - STANDARD FOR
AUTONOMOUS ROBOTICS (AUR)
ONTOLOGY
P2040™ - STANDARD FOR
CONNECTED, AUTOMATED AND
INTELLIGENT VEHICLES: OVERVIEW
AND ARCHITECTURE
P2040.1™- STANDARD FOR
CONNECTED, AUTOMATED AND
INTELLIGENT VEHICLES:
TAXONOMY AND DEFINITIONS
P2660.1™ - RECOMMENDED
PRACTICES ON INDUSTRIAL
AGENTS: INTEGRATION OF
SOFTWARE AGENTS AND LOW
LEVEL AUTOMATION FUNCTIONS
P2418.4™ - STANDARD FOR THE
FRAMEWORK OF DISTRIBUTED
LEDGER TECHNOLOGY (DLT) USE IN
CONNECTED AND AUTONOMOUS
VEHICLES (CAVS)
P2751™ - 3D MAP DATA
REPRESENTATION FOR ROBOTICS
AND AUTOMATION
PC37.249™ - GUIDE FOR
CATEGORIZING SECURITY NEEDS
FOR PROTECTION AND
AUTOMATION RELATED DATA
FILES
P2672™ - GUIDE FOR GENERAL
REQUIREMENTS OF MASS
CUSTOMIZATION
P2812™ - GUIDE FOR MINOR
GUARDIANSHIP SYSTEM FOR
ONLINE MOBILE GAMING
P1589™ - STANDARD FOR AN
AUGMENTED REALITY LEARNING
EXPERIENCE MODEL
P2247.1™, P2247.2™, P2247.3™ -
ADAPTIVE INSTRUCTOINAL
SYSTEMS (CLASSIFICATION,
INTEROPERABILITY, AND
EVALUATION)
P2830™ - STANDARD FOR
TECHNICAL FRAMEWORK AND
REQUIREMENTS OF SHARED
MACHINE LEARNING
P3333.1.3™ - STANDARD FOR THE
DEEP LEARNING-BASED
ASSESSMENT OF VISUAL
EXPERIENCE BASED ON HUMAN
FACTORS
52. IEEE SA IMPACT STANDARDS
IEEE P7000™ – MODEL
PROCESS FOR
ADDRESSING ETHICAL
CONCERNS DURING
SYSTEM DESIGN
IEEE P7001™ –
TRANSPARENCY OF
AUTONOMOUS SYSTEMS
IEEE P7002™ – DATA
PRIVACY PROCESS
IEEE P7003™ –
ALGORITHMIC BIAS
CONSIDERATIONS
IEEE P7004™ –
STANDARD ON CHILD
AND STUDENT DATA
GOVERNANCE
IEEE P7005™ –
STANDARD ON
EMPLOYER DATA
GOVERNANCE
IEEE P7006™ –
STANDARD ON
PERSONAL DATA AI
AGENT
IEEE P7007™ –
ONTOLOGICAL
STANDARD FOR
ETHICALLY DRIVEN
ROBOTICS AND
AUTOMATION SYSTEMS
IEEE P7008™ –
STANDARD FOR
ETHICALLY DRIVEN
NUDGING FOR ROBOTIC,
INTELLIGENT AND
AUTONOMOUS SYSTEMS
IEEE P7009™ –
STANDARD FOR FAIL-
SAFE DESIGN OF
AUTONOMOUS AND SEMI-
AUTONOMOUS SYSTEMS
IEEE P7010™ –
WELLBEING METRICS
STANDARD FOR ETHICAL
ARTIFICIAL
INTELLIGENCE AND
AUTONOMOUS SYSTEMS
IEEE P7011™ –
STANDARD FOR THE
PROCESS OF
IDENTIFYING & RATING
THE TRUST-WORTHINESS
OF NEWS SOURCES
IEEE P7012™ –
STANDARD FOR
MACHINE READABLE
PERSONAL PRIVACY
TERMS
IEEE P7013™ –
INCLUSION AND
APPLICATION
STANDARDS FOR
AUTOMATED FACIAL
ANALYSIS TECHNOLOGY
IEEE P7014™ – STANDARD
FOR EMULATED EMPATHY IN
AUTONOMOUS AND
INTELLIGENT SYSTEMS
5
53. OTHER RELEVANT STANDARDS RELATING TO DATA
Global Initiative to Standardize Fairness in the
Trade of Data
▪ Focus on three principles:
﹣ Data Agency
﹣ Data Ethics
﹣ Data Equity
Digital Inclusion, Identity, Trust, and Agency
(DIITA) Program
▪ Workstreams include work on:
﹣ Privacy by Design
﹣ Dignity in Gaming
IEEE P2089 - Standard for Age Appropriate
Digital Services Framework - Based on
the 5Rights Principles for Children
EAD for Parenting
6
54. WE INVITE YOU TO
CONNECT WITH US.
Moira Patterson
m.patterson@ieee.org
https://www.facebook.com/ieeesa/
https://twitter.com/IEEESA
https://standards.ieee.org/
55. Privacy-preserving technologies
in a data-driven society
Daniel Bachlechner, Fraunhofer
European Big Data Community Forum 2019
14 November 2019
Source:https://www.ethicalsocietymr.org/upcoming-events.html
56. Improve the dialogue
between stakeholders
and increase the
confidence of citizens
in data technologies
and use
e-Sides Ethical and Societal Implications of Data Sciences 2
Objectives and methods
▪ Investigation of related projects
through joint workshops,
interviews and website analyses
▪ Collection of insight from
renowned experts with
different backgrounds through
workshops and interviews
▪ Review of more than 200
articles including academic
papers and study reports
▪ Interaction with a diverse set of
stakeholders by means of a
collaborative platform
Key objectives Main methods
Reach a common vision
for an ethically sound
approach to data use
and facilitate
responsible research
and innovation
57. 1) Identify ethical and
societal issues
2) Identify existing
technologies
3) Assess existing
technologies
4) Conduct a gap analysis
5) Identify design
requirements
6) Assess solutions under
development
7) Identify implementation
barriers
8) Make recommendations
3
Results
Self-
determination
Welfare
Privacy
Lawfulness
Fairness
Accountability
Trustworthiness
Independency
What issues may occur
in the context of data-driven applications?
Resources: D2.2, white paper
Privacy
58. 1) Identify ethical and
societal issues
2) Identify existing
technologies
3) Assess existing
technologies
4) Conduct a gap analysis
5) Identify design
requirements
6) Assess solutions under
development
7) Identify implementation
barriers
8) Make recommendations
4
Results
Anonymisation
Encryption Accountability
Deletion
Policy enforce.
MPC
Sanitisation
Transparency
Access control
User control
Access & portab.
Data provenance
Resources: D3.1, white paper
How can they be addressed using technology?
Anonymisation
User control
59. 1) Identify ethical and
societal issues
2) Identify existing
technologies
3) Assess existing
technologies
4) Conduct a gap analysis
5) Identify design
requirements
6) Assess solutions under
development
7) Identify implementation
barriers
8) Make recommendations
5
Results
Specific assessment General assessment
Comprehensive set
Combination needed
Different aims
Multidimensional measure
needed
Limited integration
Regional differences
Combination with non
technical measures needed
Unclear responsibilitiesTension between objectives
Low demand
Does current technology meet the needs?
Combination needed
Regional differences
Resources: D3.2, white paper, WISP publication
60. 1) Identify ethical and
societal issues
2) Identify existing
technologies
3) Assess existing
technologies
4) Conduct a gap analysis
5) Identify design
requirements
6) Assess solutions under
development
7) Identify implementation
barriers
8) Make recommendations
6
Results
Ethical/legal Societal/economic
Privacy-by-design
Sensitive data
Inferred data
Liability and responsibility
Costs and benefits
Business models
Public attention
Economic value
Cultural fit
Skill level
Resources: D4.1, white paper
Which aspects of data-driven solutions
still need to be improved?
Public attention
61. 1) Identify ethical and
societal issues
2) Identify existing
technologies
3) Assess existing
technologies
4) Conduct a gap analysis
5) Identify design
requirements
6) Assess solutions under
development
7) Identify implementation
barriers
8) Make recommendations
7
Results
Embed security and
privacy features
Connect people, processes
and technology
Take preventive
measures
Comply with laws and
corporate policies
Resources: D4.2
What should be considered when
designing new data-driven solutions?
Connect people, processes
and technology
62. ▪ Strictest data
protection rules
apply
▪ Diverse range of
technologies
used
▪ Business models
increasingly rely
on sensitive data
▪ Established good
practices are
widely adopted
▪ Cooperation of
different stake-
holders needed
▪ Ad networks still
show limited
willingness to act
1) Identify ethical and
societal issues
2) Identify existing
technologies
3) Assess existing
technologies
4) Conduct a gap analysis
5) Identify design
requirements
6) Assess solutions under
development
7) Identify implementation
barriers
8) Make recommendations
8
Results
Are new data-driven solutions being
developed and used responsibly?
Healthcare Transportation Web browsing
Resources: D5.1
63. 1) Identify ethical and
societal issues
2) Identify existing
technologies
3) Assess existing
technologies
4) Conduct a gap analysis
5) Identify design
requirements
6) Assess solutions under
development
7) Identify implementation
barriers
8) Make recommendations
9
Results
Challenges Opportunities
Differences in attitudes
and contexts
Empowerment vs.
cognitive overload
Issues related to legal
compliance and ethics
Difficulties of conducting
assessments
Awareness raising and
transparency
Tools of accountability
Reference points of
accountability
Bodies and mechanisms
of oversight
Resources: D5.3, collaborative platform
How can data-driven solutions be
developed and used in a responsible way?
Empowerment vs.
cognitive overload
64. 1) Identify ethical and
societal issues
2) Identify existing
technologies
3) Assess existing
technologies
4) Conduct a gap analysis
5) Identify design
requirements
6) Assess solutions under
development
7) Identify implementation
barriers
8) Make recommendations
10
Results
Resources: D5.2
Developers and operators
of data-driven solutions
Policy makers dealing
with relevant issues
Developers of privacy-
preserving technologies
Civil society
(organisations)
What should be done to make
responsible data-driven solutions a reality?
66. Enhancing Transparency in
the Big Data and AI
Landscape
Sabrina Kirrane, Vienna University of Economics and Business
Beyond Privacy: Learning Data Ethics
13th of November 2019
68. • Detailed in D2.1 Policy Language V1 & D2.5
Policy Language V2
• Available for download via the SPECIAL website:
https://www.specialprivacy.eu/publications/pu
blic-deliverables
• An unofficial draft specification has been
published online
https://www.specialprivacy.eu/platform/ontolo
gies-and-vocabularies
The SPECIAL Usage policy language
Syntax and expressivity
Fast Compliance Checking in an OWL2 Fragment. Piero A. Bonatti. Proceedings of the 27th International Joint Conference on Artificial Intelligence (IJCAI 2018)
69. The SPECIAL Policy Log Vocabulary
Syntax and expressivity
• Detailed in D2.3 Transparency
Framework V1 delivered in M14
• Available for download via the SPECIAL
website
https://www.specialprivacy.eu/langs/s
plog
• An unofficial draft specification has
been published online
https://www.specialprivacy.eu/platfor
m/ontologies-and-vocabularies
A Scalable Consent, Transparency and Compliance Architecture, Sabrina Kirrane, Javier D. Fernández, Wouter Dullaert, Uros Milosevic, Axel Polleres, Piero Bonatti, Rigo
Wenning, Olha Drozd and Philip Raschke , Proceedings of the Posters and Demos Track of the Extended Semantic Web Conference (ESWC 2018)
70. SPECIAL ODRL Regulatory Compliance Profile
Syntax and expressivity
• Preliminary Analysis Detailed in D2.2 Formal
Representation of the legislation V1 & D2.6
Formal Representation of the legislation V2
• Available for download via the SPECIAL website:
https://www.specialprivacy.eu/publications/pu
blic-deliverables
• An unofficial draft specification has been
published online
https://www.specialprivacy.eu/platform/ontolo
gies-and-vocabularies
ODRL policy modelling and compliance checking, Marina De Vos, Sabrina Kirrane, Julian Padget and Ken Satoh, Proceedings of the 3rd International Joint Conference
on Rules and Reasoning (RuleML+RR 2019)
71. Transparency and compliance checking
Subsumption Algorithm
• The development of a compliance checking
algorithm for the SPECIAL policy language
devised in T2.1
• A company’s policy can be checked for
compliance with data subjects’ consent and with
part of the GDPR by means of subsumption
queries
• We provide a complete and tractable structural
subsumption algorithm for compliance checking
• Detailed in D2.4 & D2.8 Transparency and
Compliance Algorithms
Piero A. Bonatti. Fast Compliance Checking in an OWL2 Fragment. Proceedings of the 27th International Joint Conference on Artificial Intelligence (IJCAI 2018)
72. Transparency and compliance checking
Stream processing platform
7
• Data processing and sharing event logs are stored
in the Kafka distributed streaming platform,
which in turn relies on Zookeeper for
configuration, naming, synchronization, and
providing group services.
• We assume that consent updates are infrequent
and as such usage policies and the respective
vocabularies are represented in a Virtuoso triple
store.
• The compliance checker, which includes an
embedded
• A HermiT reasoner uses the consent saved in
Virtuoso together with the application logs
provided by Kafka to check that data processing
and sharing complies with the relevant usage
control policies.
• As logs can be serialized using JSON-LD, it is
possible to benefit from the faceting browsing
capabilities of Elasticsearch and the out of the
box visualization capabilities provided by Kibana.
A Scalable Consent, Transparency and Compliance Architecture, Sabrina Kirrane, Javier D. Fernández, Wouter Dullaert, Uros Milosevic, Axel Polleres, Piero Bonatti, Rigo
Wenning, Olha Drozd and Philip Raschke , Proceedings of the Posters and Demos Track of the Extended Semantic Web Conference (ESWC 2018)
74. • Standardisation of vocabularies (data, processing, purpose, storage,
sharing) is difficult
• There are cognitive limitations in terms of understanding consent and
transparency
• GDPR Compliance is only the tip of the iceberg, from a usage control
perspective we also need to consider other regulations, licenses,
social norms, cultural differences
• We need to embrace distributed and decentralised systems, which
complicates things further
• Ensuring such systems are well behaved is a crucial to success (i.e., all
usage constraints are adhered to and the system as a whole works as
expected)
Open Challenges & Opportunities
76. Contact Details
Technical/Scientific contact
Sabrina Kirrane
Vienna University of Economics and Business
sabrina.kirrane@wu.ac.at
The project SPECIAL (Scalable Policy-awarE linked data arChitecture for prIvacy, trAnsparency
and compLiance) has received funding from the European Union’s Horizon 2020 research and
innovation programme under grant agreement No 731601 as part of the ICT-18-2016 topic
Big data PPP: privacy-preserving big data technologies.
77. The project SODA has received funding from the European Union's
Horizon 2020 research
and innovation programme under grant agreement No 731583.
Paul Koster (Philips Research)
Progressing Practical Privacy-
Preserving Big Data Analytics
November 14, 2019, Brussel
78. 2
Opportunity & problem: joint data analytics
Unlock value of joint data analytics by addressing the privacy – utility trade-off
SODA
80. 4 SODA (confidential)
MPC – Secure Multi-Party Computation
jointly compute a function while keeping the (input) data private
animation source: Claudio Orlandi, Aarhus University
81. 5
SODA
Enable practical privacy-preserving analytics on big data with MPC
• Advance technology & readiness level
• Provide insights into end-user barriers
and opportunities of MPC
• Position MPC in data protection and
privacy laws (GDPR)
• Enable MPC-based machine learning
• Demonstrate feasibility of MPC in healthcare
82. 6
MPC in the Data Science Methodology
Focus MPC for now on modelling, inferences, some data preparation, etc
Pragmatically deal with (leaky) data analysis for exploration
83. 7
MPC enabled machine learning and data analytics
• logistic regression
• neural networks
• CNN, MLP, federated
• ridge regression - 11M records!
• ID3 decision tree
• random forest / regression trees
• Burrows-Wheeler Transform
• inexact DNA string search
• logrank test
84. 8
Predictive analytics – logistic regression
Train logistic regression model for chronic heart failure survival risk
18-11-2019
Multi-Party Computation
Trained
model
12 attributes
3000+ patients
mtcars
3 attr /
32 rows
size
days
heart failure
11 attr /
2476 rows
breast
cancer
9 attr /
588 rows
https://github.com/philips-software/fresco-logistic-regression-2
85. 9
Descriptive analytics - Kaplan-Meier
Enable medical researchers to (privacy preserving) gain insight from data
Kaplan-Meier Survival Analysis – compare two classes, e.g. treatments
• Logrank test (chi2, p-value)
• KM curve
18-11-2019data of individual parties (remains private) combined data (never disclosed) aggregated data (privacy preserving)
86. 10
Yes, MPC is practical for big data analytics in healthcare, but…
Selected use cases are feasible today
➔ use for high value with no alternative
Broad adoption requires
• ML library like R or Scikit Learn
• Mature frameworks
• Easier to use / program
• (More performance)
88. Diversity and Privacy: Opportunities and Challenges
The project WeNet – The Internet of Us
Author: Laura Schelenz, International Center for Ethics in the Sciences and Humanities, Tübingen, Germany
96. THANK YOU!
WeNet project is funded by the EU’s Horizon2020
programme under Grant Agreement number 823783.
Email
info@internetofus.eu
Website
www.internetofus.eu
Twitter
@WeNetProject
GET IN TOUCH
97. A GDPR-compliant blockchain-based system with advanced
privacy-preserving solutions
Edwin Morley-Fletcher, Lynkeus
European Big Data Community Forum, 2019
98. European Big Data Community Forum, 2019 2
Big Data + Artificial Intelligence + Blockchain
= Game-Changer
Blockchain:
▪ Private permissioned blockchain based on Hyperledger Fabric
▪ Controlled access based on blockchain storage of permitted
transactions
▪ Off-chain storage of health data by multiple hospital repositories and
by individuals
▪ Metadata Catalogue allowing to safely inspect what health-data
are available on MHMD
▪ Dynamically and automatically managing consent by Smart Contracts
▪ An overall Privacy-by-Design and GDPR Compliance Assessment
completed by October 2019.
99. European Big Data Community Forum, 2019 3
Artificial Intelligence (1)
“Visiting mode”: bringing the algorithms to the data
Secure computation, which permits running AI without disclosing neither data
nor algorithms, is performed through three tools:
▪ Homomorphic Encryption
Developed by TUB (with an obfuscation layer and the MORE encryption
scheme) and awarded the Innovation Radar Prize 2019 in the category
Industrial & Enabling Tech, with this statement:
“This solution implements a software framework for developing
personalized medicine solutions based on homomorphically encrypted
data and artificial intelligence (AI). The framework ensures that the data
remains private, and the performance of the AI models is not affected by
the encryption”.
▪
100. European Big Data Community Forum, 2019 4
Artificial Intelligence (2)
▪ Secure Multiparty Computation
▪ Developed by Athena RC. SMPC allows a set of distrustful parties to
perform the computation in a distributed manner, while each of them
individually remains oblivious to the input data and the intermediate
results.
▪ Federated Deep Learning with an untrusted Black Box
▪ Jointly developed by Siemens Healthineers and Athena RC, using SMPC
and Differential Privacy.
▪ A secure Machine Learning request containing a model training pipeline is
distributed to the data providers along with a set of parameters, and is run
locally on an isolated environment.
▪ Local computation results are then securely aggregated using the MHMD
SMPC. This cycle is repeated to obtain many training iterations and/or
model validation.
101. European Big Data Community Forum, 2019 5
Big Data (1)
▪ Health data remain silos-based
▪ Big Data and AI are difficult to apply in medicine, especially in rare diseases (30
million people affected in Europe), where data driven solutions are most needed.
▪ Effective data sharing is still the exception in healthcare.
▪ MHMD has investigated what contribution can come from recurring to Sharing
Synthetic Data
▪ Synthetic data are fully artificial data, automatically generated by making use of
machine learning algorithms, based on recursive conditional parameter
aggregation, operating within global statistical models.
▪ They typify the case of “personal data [which are] rendered anonymous in such a
manner that the data subject is not or no longer identifiable” (Recital 26 GDPR).
102. European Big Data Community Forum, 2019 6
Big Data (2)
▪ Generating differentially-private synthetic data
▪ Differential privacy provides an until-now lacking mathematical foundation
to privacy definition:
▪ “Differentially Private Synthetic Data Generation is a mathematical theory,
and set of computational techniques, that provide a method of de-
identifying data sets—under the restriction of a quantifiable level of privacy
loss. It is a rapidly growing field in computer science”
(National Institute of Standards and Technology Differential Privacy Synthetic
Data Challenge 2019: Propose an algorithm to develop differentially private
synthetic datasets to enable the protection of personally identifiable
information while maintaining a dataset's utility for analysis)
104. Afternoon Session Agenda
Lessons learned from research and
technology for a human-centered Big Data
European Big Data Community Forum, 2019
2
Afternoon session introduction
Rigo Wenning, SPECIAL & Mosaicrown
14.00
14.10
16.00
16.30
Break-out sessions
• Technology and Data Protection Law – how can
software engineering support legal compliance?
• Human-centric Big Data governance: responsible
ways to innovate privacy-preserving technologies
Wrap-up
Rigo Wenning, SPECIAL & Mosaicrown
Closing remarks
Richard Stevens, e-SIDES, IDC
105. In the break-out session you will have the possibility to answer questions provided
by the speakers and ask your own questions
HOW?
▪ Grab your phone
▪ Visit the URL provided by speaker (no need to register)
▪ Insert the code provided by the speaker
▪ Cast your vote & ask questions
European Big Data Community Forum, 2019 3
We want your input!
106. Anonymisation of personal data leads to
inapplicability of the GDPR – Myth or Reality?
dr. jur. Anna Zsófia Horváth LL.M.
European Big Data Community Forum, 2019
Research Assistant
SODA Project – University of Göttingen
107. 2European Big Data Community Forum, 2019
Binary concept of data
under the current regulatory regime
Personal Data
GDPR
protection of privacy and
respect of the right to
informational self-
determination
facilitate the free flow of
personal data in the EU as part
of the Digital Single Market
Strategy
Non-Personal Data
Reg. 2018/1807
on a framework
for the free flow of
non-personal data
facilitate the free flow of
information as part of the
Digital Single Market Strategy
108. 3European Big Data Community Forum, 2019
Anonymisation through the data lifecycle
data life span
acquisition analysis application
109. • GDPR does not define anonymisation / anonymous data
• Personal Data – Art. 4 Nr. 1
• any information relating to an identified or identifiable natural person
• data without personal reference falls out of the GDPR‘s scope
• Question of identifiability
• Absolute concept of identifiability
• No actual anonymity unless completely irreversible
• Relative concept of identifiability
• context-sensitive
• access to additional knowledge is necessary
4European Big Data Community Forum, 2019
Legal concept of anonymity I.
110. ▪ Recital 26
▪ “To determine whether a natural person is identifiable, account should be taken of all the
means reasonably likely to be used, such as singling out, either by the controller or by
another person to identify the natural person directly or indirectly”
▪ costs
▪ time
▪ circumstances of any given processing
▪ Indirect identification, e.g. by ”singling out".
▪ Objective discretionary question
▪ threshold of re-identification risk
▪ no one-size fits all
European Big Data Community Forum, 2019 5
Legal concept of anonymity II.
111. ➢ Dual concept of anonymisation
1. Anonymisation as “processing of the data”
▪ falls under the GDPR
▪ all the obligations relating to processing of personal data apply
– principles and lawfulness of processing
– obligations of controller and processor
– data security provisions
2. Anonymity as ”state of the data”
▪ falls outside the scope of the GDPR
▪ with the reservations that there are no means reasonably likely to be used available
European Big Data Community Forum, 2019 6
Solution Approach – conceptual level
112. European Big Data Community Forum, 2019 7
Solution Approach – practical level
relative anonymity, removal of personal reference
Context-specific risk assessment
Application of appropriate methods of anonymisation and
technical and organisational measures
Regular review, continuous evaluation, comprehensible documentation
113. Questions to the audience
European Big Data Community Forum, 2019
8
Do you agree with the statement that Big Data
and Privacy are not mutually exclusive?
1.
2.
3.
4.
Do you think that a holistic approach allowing a
”grey zone” between personal and non-personal
data would be practical?
Do you think that a “total and complete
anonymisation” is still possible to achieve?
Do you think data subjects should be informed
about what their anonymised – once personal –
data is going to be used for?
114. European Big Data Community Forum, 2019
Milestones and results of SODA
▪ Milestones
▪ Deliverable on general legal aspects of
privacy-preserving data analytics
▪ Deliverable on specifically chosen use cases
▪ Consultations interdisciplinary and with
DPA’s
▪ events
▪ Main findings
▪ Duality of anonymisation
▪ Legally compliant data processing can be
achieved through the structured
implementation of technical and
organisational measures.
▪ Big Data and Privacy are not mutually
exclusive.
ANONYMISATION OF PERSONAL DATA LEADS TO THE INAPPLICABILITY
OF THE GDPR – MYTH OR REALITY?
2017
2018
2019
SODA TIME LINE
Interdisciplinary consultations
Deliverable on general legal
aspects
Presenting the SODA pilot
cases at Medical
Informatics Europe
GDPR Commentary
Deliverable on legal evaluation
of pilot cases
Interdisciplinary consultations
and dissemination event
2020
9
115. European Big Data Community Forum, 2019 10
dr. jur. Anna Zsófia Horváth LL.M.
Research Assistant
University of Göttingen
Dipl. Jur. Lukas Dalby
Research Assistant
University of Göttingen
Paul Koster
Project Manager
Philips
Thank you for your attention!
www.soda-project.eu/contact
116. Data Privacy Vocabularies to fulfil GDPR
Transparency & Compliance Checking requirements
European Big Data Community Forum, 2019
Author: Eva Schlehahn, Unabhängiges Landeszentrum für
Datenschutz Schleswig-Holstein, Germany
117. Necessary precondition to enable:
Valid consent (Art 4 (11) GDPR),
Data subject’s rights (e. g. access,
rectification…),
Enforcement of data handling
policies
Demonstration of compliance
Scope: Data, systems, processes
2European Big Data Community Forum, 2019
Necessity of transparency from European data protection law
perspective
118. Necessary precondition to enable:
Valid consent (Art 4 (11) GDPR),
Data subject’s rights (e. g. access,
rectification…),
Enforcement of data handling
policies
Demonstration of compliance
Scope: Data, systems, processes
3European Big Data Community Forum, 2019
Necessity of transparency from European data protection law
perspective
119. GDPR:
Art. 12 (1) GDPR:
The controller may provide information
by electronic means.
Art. 21 (5) GDPR:
When using information society services,
the data subject may exercise the right to
object by automated means using
technical specifications.’
Recital 32 GDPR:
Possibility of using electronic means and
technical settings for information society
services for giving consent.
Revelance of diverse case law, DPA
decisions & upcoming ePrivacy Reg.
Planet 49 CJEU judgment
Current cookie banners + tracking via opt-
out NOT ok => consent needed
Berlin DPA fine against Deutsche
Wohnen (14,5m €, Oct 30th 2019)
GDPR infringement bc IT system did not
foresee deletion concept & erasure function
for data
Current ePrivacy Regulation draft:
Requirements in flux, software settings for
giving consent are now mentioned in Recital
20a -> might still change
4European Big Data Community Forum, 2019
Legal foundation of a technical approach for consent management
and policy enforcement
120. https://www.w3.org/community/dpvcg/
Currently 58 participants:
Stakeholders from industry, research,
government...
Goal: Development of a taxonomy of privacy
terms, esp. with regard to GDPR. Examples
are taxonomies of:
personal data categories,
different data processing purposes,
events of disclosures,
consent status/modalities
types of processing operations.
5European Big Data Community Forum, 2019
Community building and standardisation effort:W3C Data Privacy
Vocabularies and Controls Community Group (DPVCG)
121. https://www.w3.org/community/dpvcg/
Currently 58 participants:
Stakeholders from industry, research,
government...
Goal: Development of a taxonomy of privacy
terms, esp. with regard to GDPR. Examples
are taxonomies of:
personal data categories,
different data processing purposes,
events of disclosures,
consent status/modalities
types of processing operations.
6European Big Data Community Forum, 2019
Community building and standardisation effort:W3C Data Privacy
Vocabularies and Controls Community Group (DPVCG)
122. European Big Data Community Forum, 2019 7
Data protection focus for technical specifications I: Policies
entailing the necessary information
123. Categories of personal data
E. g. master record data, location and movement data, call records, communication metadata, log
file data.
E. g. special categories of personal according to Art. 9 GDPR
racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership,
genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning
health, data concerning a natural person's sex life or sexual orientation
Support documentation of
processing purpose(s) + legal ground
consent (evtl. incl. versioning) and current status, e. g.
given – if yes, specific whether explicit or implicit
pending / withheld
withdrawn
referring to the personal data of a minor
etc...
European Big Data Community Forum, 2019 8
Data protection focus for technical specifications II
124. Support documentation of
Involved controller(s)
Involved processor(s)
Storage location and cross-border data transfers, involved countries
Location of data centre where processing & storage occurs
Location of controller establishment
Relevant could be:
– Data transfer within the European Union
– Data transfer to a third country with basis for compliance acc. to Art. 44 et seq. GDPR (treating them as ‘EULike’, i. e. adequacy
decision, appropriate safeguards, binding corporate rules), where possible with link documenting the latter, e. g. to the
Commission’s adequacy decision or the BCR
– Other third country
Suggestion: Use country codes (e.g. TLD, ISO 3166) - allows for later adaption in case of legal changes
Suggestion: Incorporate also rules that exclude data transfers to some jurisdictions (‘notUS’, ‘notUK’)
European Big Data Community Forum, 2019 9
Data protection focus for technical specifications III
125. Enforce rules how to handle the data, e. g.
User/access activity allowed, like read-only, write, rectify, disclose, deletion
Anonymize / pseudonymize / encrypt
Notify [define notification rules e. g. towards data subject, eventually with
predefined action time]
Time for deletion – ideas could be:
delete-by_ or delete-x-date_month_after <event>
no-retention (no storage beyond using once)
stated purpose (until purpose has been fulfilled)
legal-requirement (storage period defined by a law requiring it)
business practices (requires a deletion concept of controller)
Indefinitely ( e. g. for really anonymized data, public archives...)
European Big Data Community Forum, 2019 10
Data protection focus for technical specifications IV
126. Project website: https://www.specialprivacy.eu/
The project SPECIAL (Scalable Policy-awarE linked data arChitecture for prIvacy,
trAnsparency and compLiance) has received funding from the European Union’s
Horizon 2020 research and innovation programme under grant agreement No
731601 as part of the ICT-18-2016 topic Big data PPP: privacy-preserving big data
technologies.
European Big Data Community Forum, 2019 11
More info and funding notice
127. Thank you / contact details
European Big Data Community Forum, 2019
12
Author of this presentation: Eva Schlehahn
Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein
(ULD, Independent Centre for Privacy Protection Schleswig-
Holstein)
Email: uld67@datenschutzzentrum.de
Twitter: @eschlehahn
SPECIAL project technical/scientific contact: Sabrina Kirrane
Vienna University of Economics and Business
Email: sabrina.kirrane@wu.ac.at
SPECIAL project administrative contact: Jessica Michel
ERCIM / W3C
Email: jessica.michel@ercim.eu
SPECIAL project website: https://www.specialprivacy.eu/
128. Issues discussed
• For showing GDPR compliance, what’s the most important IT system feature
needed?
• Who would benefit the most from a data privacy
vocabulary/ontology/taxonomy?
• What should such a data privacy vocabulary, i.e taxonomy cover?
How SPECIAL addressed these issues + how YOU can use these results:
Deliverables, prototypes, ontologies & vocabularies, code repository, platform
demonstrators, UI demos ALL Open Access: https://www.specialprivacy.eu/
Everyone can engage in the W3C DPCG: https://www.w3.org/community/dpvcg/
European Big Data Community Forum, 2019 13
Data Privacy Vocabularies to fulfil GDPR Transparency & Compliance Checking requirements
RECAP & WRAP UP
129. Why have we preferred to opt for sharing synthetic data and for
computation “bringing the algorithms to the data”
Edwin Morley-Fletcher, Lynkeus
European Big Data Community Forum, 2019
130. European Big Data Community Forum, 2019 2
The “visiting mode”
▪ I already mentioned this morning the three tools
developed by MyHealthMyData for providing secure
computation in ways which permit running AI without
disclosing neither data nor algorithms:
▪ Homomorphic Encryption
▪ Secure Multiparty Computation
▪ Federated Deep Learning with an untrusted Black Box
▪ I will not go back on this, but I will focus on how to
guarantee a secure “publishing mode”.
131. European Big Data Community Forum, 2019 3
The inconvenient truth
As already stated this morning:
1. Health data remain silos-based
2. Big Data and AI are difficult to apply in
medicine, especially in rare diseases (30
million people affected in Europe), where
data driven solutions are most needed.
3. Effective data sharing is still the exception in
healthcare
132. European Big Data Community Forum, 2019 4
How easy and risky is it to share health data?
▪ Where consent applies, MHMD data is made available for download.
▪ What happens after data download is not under control of the MHMD
blockchain.
▪ Of course, the risk of data breaches increases with the number of copies
shared
▪ According to various circumstances of trust, and privacy-preserving needs,
MHMD health data can be published either as pseudonymous or
anonymous data.
▪ A semi-automated tool, AMNESIA, is used in MHMD for providing the
necessary pseudonymisation or anonymisation.
133. European Big Data Community Forum, 2019 5
A new anonymization paradigm
▪ Synthetic data were first conceptualized in 1993 as a way to
replicate the statistical properties of a database without
exposing the identifiable information it contained.
▪ Methods to produce them vary, but the underlying principle
is that values in the original database are algorithmically
substituted with those taken from statistically equivalent
distributions, to create entirely new records.
▪ In medicine they have been successfully used to publish
sensitive data to the general public, to train machine learning
tools and to conduct clinical research.
134. European Big Data Community Forum, 2019 6
Breaking the link between private information
and the data’s information content
▪ Synthetic data are artificially generated data sets which have
the ability to jump-start AI-development in areas were data
are scarce or too expensive to obtain, such as the biomedical
sector.
▪ As artificial replicas of original data sets, synthetic data have
shown the ability to replicate all the statistical features of
original ones and to support research and development
activities in a variety of applications in a compliant fashion.
135. European Big Data Community Forum, 2019 7
Synthetic Data are a “Columbus Egg” in the
GDPR environment
They are a crucial tool in healthcare.
▪ They retain significant information usefulness.
▪ They do not allow any personal re-identification
of original individual datasets.
▪ They do not fall within the scope of the GDPR:
▪ They are freely tradeable.
136. European Big Data Community Forum, 2019 8
ARTICLE 29 DATA PROTECTION WORKING PARTY
Opinion 05/2014 on Anonymisation Techniques
Is synthetic data processing subject to GGPR rules?
▪ “If the data controller wishes to retain … personal data once the
purposes of the original or further processing have been achieved,
anonymisation techniques should be used so as to irreversibly
prevent identification”
▪ “Accordingly, the Working Party considers that anonymisation as an
instance of further processing of personal data can be considered
to be compatible with the original purposes of the processing but
only on condition the anonymisation process is such as to reliably
produce anonymised information”
137. European Big Data Community Forum, 2019 9
Generative Adversarial Networks
▪ Synthetic data can be generated by a range of systems including naive Bayes models,
generative adversarial networks (GAN and infoGAN) or statistical shape analysis, (for
imaging data).
▪ The selection process starts from user/customer requirements and specifies upfront
required data reliability.
▪ The selected model is then configured to generate intended data types.
▪ After the generation, a discriminator assesses original vs. synthetic set similarity,
indicating if the desired reliability score was met.
▪ An interpretation tool allows to pinpoint single sources of discrepancies between
original and synthetic, and to iteratively improve the generator's parametrization.
▪ This direct feedback loop design has shown to drastically improve efficiency of and
control over the generation process.
138. European Big Data Community Forum, 2019 10
Discriminator and data curation
▪ Discriminators commonly used for data quality control assess the overall
statistical resemblance of two sets, but they cannot identify underlying
reasons for discrepancies.
▪ New methods allow to weight each original variable in the generation process,
thus supporting detailed diagnostics and direct, ongoing improvements to the
generative pipeline.
▪ Interpretation systems, by analysing resulting data structures, can identify
gaps, skewed value distributions, or spurious values in the original data,
allowing to address a variety of correction, formatting or normalization issues,
which are wide-spread in clinical data sets, and can substantially limit their
values.
139. European Big Data Community Forum, 2019 11
Synthetic Data enhanced features
▪ Differential privacy provides an until-now lacking mathematical foundation to
privacy definition.
▪ Adding appropriate differential privacy features can assure non-reidentification
even on whole population statistics.
▪ A scalable quality-control system allows to generate synthetic data being even
more informative and robust than the original ones.
▪ Quality control and iterative approaches can lead to statistically equivalent sets,
at a vastly lower cost.
▪ Such methods can also enrich the synthetic set with more statistical features
and, in the case of synthetic images, with automatically placed annotations to
then train diagnostic image recognition systems.
140. European Big Data Community Forum, 2019 12
Differential Privacy
▪ DP is a property of the algorithm/output, not of the
data
▪ If each Mi is ει-DP, then M = (M1,…,Mk) is (Σει)-DP
▪ If A is an ε-DP output, then f(A) is also ε-DP for any
function f()
▪ DP eliminates potential linkage attacks.
141. Questions to the audience
European Big Data Community Forum, 2019
13
What is the “visiting mode” approach?1.
2.
3.
Synthetic data can be made fully anonymous?
What is differential privacy?
142. Human-centric big data governance:
responsible ways to innovate privacy-preserving technologies
Dr. Karolina La Fors
Post-doc researcher
Centre for Law and Digital Technologies (eLaw) Leiden University
E-SIDES project
European Big Data Community Forum, 2019
143. Agenda of break-out session
European Big Data Community Forum, 2019
2
Presentation of e-SIDES
Presentation of WeNet
Presentation of BDVe
(Position paper on Data Protection in the era of
Artificial Intelligence)
144. e-SIDES lessons for the responsible innovation of
privacy-preserving technologies in the era of AI
▪ EU-funded Coordination and Support Action (CSA)
complementing Research and Innovation Actions (RIAs)
projects on privacy-preserving big data technologies
▪ Consortium members: IDC (Italy); Fraunhofer ISI
(Germany); eLaw - Leiden University (Netherlands)
▪ Period: January 2017 – December 2019
European Big Data Community Forum, 2019
145. European Big Data Community Forum, 2019
Challenges for Privacy-preservation in the era of AI
4
▪ Expanding Impact of
Data Breaches
▪ Human Biases
▪ Procedural Biases
▪ Discrepancies in professional
understandings & computational
definability of privacy
▪ Business models reliant on
▪ human behavioural data
“Trustworthy AI has three components[…]:
1. lawful, complying with all applicable laws and regulations;
2. ethical, ensuring adherence to ethical principles and values; and
3. robust, both from a technical and social perspective, since, even
with good intentions, AI systems can cause unintentional harm.”
(High-Level Expert Group on AI)
“Trustworthiness is key enabler of responsible competition”
the role of PPT to shape such trustworthiness is perhaps more vital
than before in the era of AI.
146. 5European Big Data Community Forum, 2019
AI Expands the Privacy Impact of
Data Breaches
“2018 saw more than 6,500 data breaches, exposing
a staggering 5 billion compromised records.”
• The larger the big data stakeholder within the
analytic chain that endures a data breach, the
more citizens’ privacy becomes impacted.
• The role of PPT increasingly becomes a
cybersecurity tool.
https://threatpost.com/ripple-effect-large-enterprise-data-breaches/150041/
147. 6European Big Data Community Forum, 2019
AI Amplifies the Privacy Impact of
Human & Procedural Biases
• Unclear how the absence of bias should look like
& how that should be computed.
• Discrepancies between:
▪ definitions of privacy
▪ understanding legal compliance
▪ business models reliant on
human behavioural data
• The future role of PPT must also be tuned
towards privacy threats from biases by
solving discrepancies.
Apple Face-Recognition Blamed by N.Y.
Teen for False Arrest (29/04/19), Van Voris, B.
https://www.bloomberg.com/news/articles/2019-04-22/apple-face-recognition-
blamed-by-new-york-teen-for-false-arrest
Amazon’s Face Recognition Falsely Matched 28
Members of Congress With Mugshots
(26/07/2019), Snow, J.
https://www.aclu.org/blog/privacy-technology/surveillance-technologies/amazons-
face-recognition-falsely-matched-28
148. European Big Data Community Forum, 2019 7
1) Identify ethical, legal, societal
and economic issues
2) Identify existing technologies
3) Assess existing technologies
4) Conduct gap analysis
5) Identify design requirements
6) Assess solutions under
development
7) Identify implementation
barriers
8) Define Community Positions
& Make recommendations
What is e-SIDES doing…?
WHY?
WHAT? HOW?
▪ Reach a common vision for an ethically sound approach to big data
and facilitate responsible research and innovation in the field
▪ Improve the dialogue between stakeholders and the confidence of
citizens towards big data technologies and data markets
▪ Review of articles (scientific &
professional)
▪ Liaise with researchers, business
leaders, policy makers and civil
society through community
events
▪ Provide an Internet-based
meeting place for discussion,
learning and networking
▪ Provide a collective community
position paper with choice
points
149. European Big Data Community Forum, 2019 8
Classes of Privacy-Preserving Technologies
Anonymisation
Encryption
Deletion
Sanitisation
Multi-party
comput.
Access control
Policy
enforcement
Accountability
Transparency
Data provenance
Access &
portability
User control
150. 9European Big Data Community Forum, 2019
Ethical, Legal, Economic & Social Implementation Barriers to
Privacy-Preserving Big Data Technologies
1) EU-US management models & attitudes towards privacy
differ (e.g.: data utility vs privacy)
2)Budget limitations & cost effectiveness of PPT
3) Bridging cultural differences challenge due to privacy
differing expectations & unpredictable outcomes of
analytics
4) Consumer mentality change and acquisition of new skills
(e.g.: tech. and privacy savviness)
5) PPTs need periodic assessment with respect to use &
impact
Reasons for societal, economic &
technical barriers
Reasons for legal implementation barriers
Based on desk research we distilled 4 reasons:
▪ 1) regional differences
▪ 2) Sensitive data
▪ 3) Liability and responsibility for the effects
of big data-based decisions
151. 10European Big Data Community Forum, 2019
▪ e-SIDES Final Key Outputs
- Community Position Paper (CPP)
- Recommendations
152. 3) Challenges
1) Introduction
2) Stakeholders
4) Opportunities
11
What is the CPP...
A document on responsible data-
driven innovation written by and
for the big data community
Structure
5) Conclusion
153. ▪ Indicates where action is needed
▪ Documents good practices
▪ Provides a basis for decision
making
▪ Drives a lively debate
12
Source:https://www.k12insight.com/trusted/one-teacher-empowers-students-handshake
...and how
does it help?
154. 13
What do we already have...
Challenges Opportunities
3) Issues related to legal
compliance and ethics
1) Differences in attitudes and
contexts
2) Empowerment vs.
cognitive overload
4) Difficulties of conducting
assessments
3) Reference points of
accountability
1) Awareness raising and
transparency
2) Tools of accountability
4) Bodies and mechanisms
of oversight
155. 14
Contribute by end of November!
▪ Editors constantly integrate
suggestions into the paper
▪ The community is informed about
significant changes
▪ Anonymous suggestions
are possible
▪ To be named as contributor,
sign in with a Google Account
157. Data for Diversity-Aware Technology: Ethical Considerations
Insights from the project WeNet – The Internet of Us
Author: Laura Schelenz, International Center for Ethics in the Sciences and Humanities, Tübingen, Germany
169. THANK YOU!
WeNet project is funded by the EU’s Horizon2020
programme under Grant Agreement number 823783.
Email
laura.schelenz@uni-tuebingen.de
Website
www.internetofus.eu
www.izew.uni-tuebingen.de
Twitter
@WeNetProject
@LauraSchelenz
GET IN TOUCH
170. Data Protection in the era of Artificial Intelligence
Charlotte van Oirsouw, TNO, BDVe
European Big Data Community Forum, 2019
1
171. Data Protection in the era of Artificial
Intelligence
https://bit.ly/2QfBsoC
172. BDVA: what is it and
what does it do?
▪ Building Big Data
Ecosystem
▪ Support EC research
programs
▪ 50% industry, 50%
academia
▪ 42 projects, +250 partners
173. Position paper focussed on technical solutions &
trends in Privacy-Preserving Technologies
▪ Why? To give a podium to PPT developments & to highlight
challenges
▪ For which audience? EC, Policymakers, SMEs, the world…
▪ Who is talking? Experts from several h2020 research
projects
▪ Why focus on technological solutions? To break
tech/society dichotomy in data-thinking and to show
alternatives (to big tech from US)
174. How to protect personal data in an
era of big data analysis and AI?
(and is it still about personal data?)
What is the current state of art
when it comes to PPTs
What do projects see as main
challenges and trends in PPTs
How can research into -and uptake
of- PPTs be stimulated?
Research Questions
How can regulators and
policymakers help?
175. Classifying harms and risks
▪ From the perspective of the end-user, data actor, data –
driven object, society at large? Economic, social, scientific
harm, inferred harms, harms from proxy?Harms based on
inferred data – boundary of personal data?
▪ Qualitative vs quantitative ‘proofs’ of risks and harms
▪ Blurring boundary between privacy harms and safety risks
▪ Main challenge for PPTs – scaling and adoption
176. Classifying solutions
▪ Solutions are either data-centred, actor-centred or risk-based
▪ ISO: privacy preserving techniques & privacy-preserving models.
It also mentions synthetic data as a technique for de-
identification (which is debatable)
▪ Hoepmans’ Blue Book: data-related vs process –related
mitigating measures.
▪ e-SIDES classification has been mentioned above
▪ Summarizing: there is no 1 way to classify PPTs
177. Giving data control back to users. See https://decodeproject.eu/
Trend 1: end user back as focus point
178. Sticky policy walkthrough. SPECIAL project. See https://www.specialprivacy.eu/flowchart/157-flowchart-01
Trend 2: Automation of policy for big data
179. MPC visual. TNO. See https://bit.ly/2PEV9X2
Trend 3: secure data analytics
181. Recommendations for policy
1) Create a (continuously updated) overview of privacy
challenges caused by BDA and AI
2) Support R&D into technical solutions - keeping up with
social, ethical and legal developments
3) Supporting uptake of privacy-preserving technologies
4) Develop, offer and support regulatory sandboxes in which
new data services can be tried and tested
184. Technology and Data Protection Law – how can
software engineering support legal compliance?
Recap & Wrap up
European Big Data Community Forum, 2019
185. Questions for the audience:
• For showing GDPR compliance: Most important IT system features?
• Metadata related to details of anonymization
• Algorithmic transparency
• Logs of data accesses and transmissions
• An taxonomy/data privacy vocabulary for the processing operation in place
• Enforceable data handling policies
European Big Data Community Forum, 2019 3
DATA PRIVACY VOCABULARIES TO FULFIL GDPR TRANSPARENCY &
COMPLIANCE CHECKING REQUIREMENTS – 1/2
186. ▪ How SPECIAL addressed these issues + how YOU can use these results:
▪ Deliverables, prototypes, ontologies & vocabularies, code repository, platform
demonstrators, UI demos ALL Open Access: https://www.specialprivacy.eu/
▪ Everyone can engage in the W3C DPCG: https://www.w3.org/community/dpvcg/
▪ W3C Community Group Report published at: https://www.w3.org/ns/dpv
European Big Data Community Forum, 2019 4
DATA PRIVACY VOCABULARIES TO FULFIL GDPR TRANSPARENCY &
COMPLIANCE CHECKING REQUIREMENTS – 2/2
187. Questions for the audience:
• Do you agree with the statement that Big Data and Privacy are not mutually
exclusive? -> Majority said Big Data + Privacy are NOT mutually exclusive!
• Do you think that a holistic approach allowing a ”grey zone” between personal
and non-personal data would be practical?
• Other issues discussed:
• Legal vs. technical understanding + requirements regarding anonymity
• Relative concept of identifiability
• Encrypted data anonymized?
European Big Data Community Forum, 2019 5
ANONYMISATION OF PERSONAL DATA LEADS TO THE INAPPLICABILITY OF
THE GDPR – MYTH OR REALITY? – 1/2
188. ▪ How SODA addressed these issues + how YOU can use these results:
▪ Primary objective: developing a GDPR-compliant, secure MPC system for the
healthcare domain
▪ Deliverables demonstrating that de-identification reduces risks and enhances
privacy https://www.soda-project.eu/deliverables/
▪ Identified legal challenges:
▪ anonymisation and removal of personal reference
▪ determination of purpose and legitimate basis
▪ special provisions for sensitive data
▪ application of technical and organisational measures
European Big Data Community Forum, 2019 6
ANONYMISATION OF PERSONAL DATA LEADS TO THE INAPPLICABILITY OF
THE GDPR – MYTH OR REALITY? – 2/2
189. Questions for the audience:
• What is the „visiting mode“ approach?
• Synthetic data can be made fully anonymous?
• What is differential privacy?
• Other issues discussed:
• Need of personal data for training models, how to get consent for that?
• What of bias in the original data? There can be some mitigation techniques to
remove bias?
• Sharing of data by several hospitals? Obstacles, alignement?
• Group rights on the data? How to handle this?
European Big Data Community Forum, 2019 7
WHY HAVE WE PREFERRED TO OPT FOR SHARING SYNTHETIC DATA AND
FOR COMPUTATION “BRINGING THE ALGORITHMS TO THE DATA” – 1/2
190. ▪ How MyHealthMyData addressed these issues + how YOU can use these
results:
▪ MHMD has some know-how about synthetic data as a possibility to use in the
health sector for data analysis
▪ Also, know-how about anonymization techniques (differential privacy)
European Big Data Community Forum, 2019 8
WHY HAVE WE PREFERRED TO OPT FOR SHARING SYNTHETIC DATA AND
FOR COMPUTATION “BRINGING THE ALGORITHMS TO THE DATA” – 2/2
191. Human-centric big data governance: responsible
ways to innovate privacy-preserving technologies
Recap & Wrap up
European Big Data Community Forum, 2019
192. Points for discussion
➢ GDPR fitness for AI
➢ Oversight bodies
➢ Combination of legislations needed, use the legislation we have, harm-
minding approach
➢ Diversity-aware technology development -> challenges -> diversity in
datasets machine reduces diversity
➢ Diversity-aware earlier approaches: internationalization practices (bridging
Arabic, Chinese and English language differences),
➢ Positive and negative discrimination
193. ➢ Regulatory sandboxes, ePrivacy regulation
➢ Contextual vs generic interventions: how diverse or generic can/should
PPTs be?
➢ Market oriented sanctions
➢ Exclusion from ecosystem if not value-sensitive
➢ Ethics inserted into education
➢ Enforcement
➢ If you want to preserve ethics and rules (formalized ethics) and one
player comes in than your whole rule system is challenged.
European Big Data Community Forum, 2019 11
Points for discussion