This document discusses challenges to privacy from technological development, market failures, and authorized access. It then discusses approaches to designing for privacy, including data minimization, user consent, and privacy by design. Finally, it examines shaping technologies for the public good through defining privacy as a public good, limiting government surveillance, new privacy regulations like GDPR, and encouraging competition.
Where next for the Regulation of Investigatory Powers Act?blogzilla
Talk at Open Tech 2015 on legal reform of UK interception and surveillance laws, including a comparison of the Intelligence and Security Committee and David Anderson reports.
My presentation at the IGov2 conference at the University of Oslo, 9 Sept 2014. Gave shorter version at Norwegian Board of Technology hearing on 10 Sept 2014. Related journal article at http://ijlit.oxfordjournals.org/content/early/2014/09/01/ijlit.eau007.abstract
Audio at http://www.jus.uio.no/ifp/english/research/projects/nrccl/internet-governance/events/dag-2-del-2-norrm-mp3.mp3
Where next for the Regulation of Investigatory Powers Act?blogzilla
Talk at Open Tech 2015 on legal reform of UK interception and surveillance laws, including a comparison of the Intelligence and Security Committee and David Anderson reports.
My presentation at the IGov2 conference at the University of Oslo, 9 Sept 2014. Gave shorter version at Norwegian Board of Technology hearing on 10 Sept 2014. Related journal article at http://ijlit.oxfordjournals.org/content/early/2014/09/01/ijlit.eau007.abstract
Audio at http://www.jus.uio.no/ifp/english/research/projects/nrccl/internet-governance/events/dag-2-del-2-norrm-mp3.mp3
An Overview of the Battle for the Control of the InternetDibussi Tande
Presentation to a joint/plenary session of the 16th Highway Africa Conference and the 3rd World Conference of the Global Forum for Media Development (GFMD) in Grahamstown, South Africa, September 10, 2012.
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...AJHSSR Journal
ABSTRACT: In the past two decades, third world countries such as South Africa have made steadily developments towards combating hacking as a form of Cybercrime. The developments made by the South African Criminal Justice towards the prevention of hacking have been mildly progressive. The Council of Europe Convention on Cybercrime is the treaty that all South African legislation and policy with regard to hacking is required to be in line with this convention. This treaty has also been the cornerstone to first world countries such as the United States, when preventing cybercrime such as hacking. In order for South Africans to have a safe and secure cyberspace that is free from hackers; there needs to be a co-operative system put in place by the South African Criminal Justice System that involves the government, non-profit organizations and the community. A Criminal Justice system that works closely with the community is able to properly guide its members and correctly prosecute the crime of hacking. Therefore, using qualitative secondary data this paper explores the existing measures put in place by the South African Criminal Justice to combat hacking. The findings of this paper indicate that conceptual understanding of this crime (hacking) can play a pivotal role in addressing the manifestation of this crime in a large extent as the nature and extent can be established, the use of technological means also contribute to hacking, this is also linked to individuals (victims) ignorance. For recommendations, the use of technology and conventional method in awareness can help in responding to the scale and consequence of hacking in South Africa.
Privacy and data protection in the realm of Internet Governance by Santosh Si...Santosh Sigdel
Privacy and Data Protection are important elements to be considered within Internet Governance. This presentation international mechanism as well as Nepali provisions relating to privacy and data protection.
he Contract for the Web was created by representatives from over 80 organizations, representing governments, companies and civil society, and sets out commitments to guide digital policy agendas. To achieve the Contract’s goals, governments, companies, civil society and individuals must commit to sustained policy development, advocacy, and implementation of the Contract text.
All information, data, and material contained, presented, or provided on is for educational purposes only.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
What is an Information Society
Why are Information Policies needed
What is an Information Policy
Elements of Information Policy
Who has Information Policies
E-Inclusion
Life Long Learning
E-Business strategies
Infrasture – physical (broadband/e-fibre)
Infrastructure – political / Legal and regulatory
Copyright, Intellectual Property, Data Protection, Freedom of Information
Regulation of Domain Name Spaces ( .ie)
E-government
Information Policy in Ireland
An Overview of the Battle for the Control of the InternetDibussi Tande
Presentation to a joint/plenary session of the 16th Highway Africa Conference and the 3rd World Conference of the Global Forum for Media Development (GFMD) in Grahamstown, South Africa, September 10, 2012.
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...AJHSSR Journal
ABSTRACT: In the past two decades, third world countries such as South Africa have made steadily developments towards combating hacking as a form of Cybercrime. The developments made by the South African Criminal Justice towards the prevention of hacking have been mildly progressive. The Council of Europe Convention on Cybercrime is the treaty that all South African legislation and policy with regard to hacking is required to be in line with this convention. This treaty has also been the cornerstone to first world countries such as the United States, when preventing cybercrime such as hacking. In order for South Africans to have a safe and secure cyberspace that is free from hackers; there needs to be a co-operative system put in place by the South African Criminal Justice System that involves the government, non-profit organizations and the community. A Criminal Justice system that works closely with the community is able to properly guide its members and correctly prosecute the crime of hacking. Therefore, using qualitative secondary data this paper explores the existing measures put in place by the South African Criminal Justice to combat hacking. The findings of this paper indicate that conceptual understanding of this crime (hacking) can play a pivotal role in addressing the manifestation of this crime in a large extent as the nature and extent can be established, the use of technological means also contribute to hacking, this is also linked to individuals (victims) ignorance. For recommendations, the use of technology and conventional method in awareness can help in responding to the scale and consequence of hacking in South Africa.
Privacy and data protection in the realm of Internet Governance by Santosh Si...Santosh Sigdel
Privacy and Data Protection are important elements to be considered within Internet Governance. This presentation international mechanism as well as Nepali provisions relating to privacy and data protection.
he Contract for the Web was created by representatives from over 80 organizations, representing governments, companies and civil society, and sets out commitments to guide digital policy agendas. To achieve the Contract’s goals, governments, companies, civil society and individuals must commit to sustained policy development, advocacy, and implementation of the Contract text.
All information, data, and material contained, presented, or provided on is for educational purposes only.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
What is an Information Society
Why are Information Policies needed
What is an Information Policy
Elements of Information Policy
Who has Information Policies
E-Inclusion
Life Long Learning
E-Business strategies
Infrasture – physical (broadband/e-fibre)
Infrastructure – political / Legal and regulatory
Copyright, Intellectual Property, Data Protection, Freedom of Information
Regulation of Domain Name Spaces ( .ie)
E-government
Information Policy in Ireland
Increasing contemporary security concerns seems to justify the use of innovative technology tools,
such as Closed Circuit Television (CCTV) cameras. However, these innovative tools are also means
for increasing social control by the state. It is postulated that without proper accountability
mechanisms, the use of privacy invading surveillance technologies will contribute to the creation of a
‘panoptic surveillance state’. For that reason this thesis intends to conduce to a more accountable
deployment and use of CCTV cameras, by focusing on proportionate ‘checks and balances’, which
implies that public authorities are held accountable for their laws, regulations, policies, and actions.
The intended approach of this research is to analyse and assess the governmental accountability
mechanisms, which reflect the deployment and use of CCTV by public authorities in public areas, in
the United Kingdom and in the Netherlands.
Increasing contemporary security concerns seems to justify the use of innovative technology tools, such as Closed Circuit Television (CCTV) cameras. However, these innovative tools are also means for increasing social control by the state. It is postulated that without proper accountability mechanisms, the use of privacy invading surveillance technologies will contribute to the creation of a ‘panoptic surveillance state’. For that reason this research intends to conduce to a more accountable deployment and use of CCTV cameras, by focusing on proportionate ‘checks and balances’, which implies that public authorities are held accountable for their laws, regulations, policies, and actions. The intended approach of this research is to analyse and assess the governmental accountability mechanisms, which reflect the deployment and use of CCTV by public authorities in public areas, in the United Kingdom and in the Netherlands.
In contemporary democratic societies, where technology is pervasive, the right to privacy remains a fundamental human right that pertains to an individual’s ability to keep their personal or identifiable information, activities, and private life free from unwanted intrusion or interference by public authorities except in accordance with law (Caprioli, et al., 2006).
https://digitalguardian.com/blog/social-engineering-attacks-common-techniques-how-prevent-attack
Statement of Michelle Richardson, Director, Privacy & Data
Center for Democracy & Technology
before the
United States Senate Committee on the Judiciary
GDPR & CCPA: Opt-ins, Consumer Control, and the Impact on Competition and Innovation
March 12, 2019
On behalf of the Center for Democracy & Technology (CDT), thank you for the
opportunity to testify about the importance of crafting a federal consumer privacy law that
provides meaningful protections for Americans and clarity for entities of all sizes and sectors.
CDT is a nonpartisan, nonprofit 501(c)(3) charitable organization dedicated to advancing the
rights of the individual in the digital world. CDT is committed to protecting privacy as a
fundamental human and civil right and as a necessity for securing other rights such as access to
justice, equal protection, and freedom of expression. CDT has offices in Washington, D.C., and
Brussels, and has a diverse funding portfolio from foundation grants, corporate donations, and
individual donations.1
The United States should be leading the way in protecting digital civil rights. This hearing
is an opportunity to learn how Congress can improve upon the privacy frameworks offered in
the European Union via the General Data Protection Regulation (GDPR) and the California
Consumer Privacy Act (CCPA) to craft a comprehensive privacy law that works for the U.S. Our
digital future should be one in which technology supports human rights and human dignity. This
future cannot be realized if people are forced to choose between protecting their personal
information and using the technologies and services that enhance our lives. This future depends
on clear and meaningful rules governing data processing; rules that do not simply provide
1 All donations over $1,000 are disclosed in our annual report and are available online at:
https://cdt.org/financials/.
2
people with notices and check boxes but actually protect them from privacy and security
abuses and data-driven discrimination; protections that cannot be signed away.
Congress should resist the narratives that innovative technologies and strong privacy
protections are fundamentally at odds, and that a privacy law would necessarily cement the
market dominance of a few large companies. Clear and focused privacy rules can help
companies of all sizes gain certainty with respect to appropriate and inappropriate uses of data.
Clear rules will also empower engineers and product managers to design for privacy on the
front end, rather than having to wait for a public privacy scandal to force the rollback of a
product or data practice.
We understand that drafting comprehensive privacy legislation is a complex endeavor.
Over the past year we have worked with partners in civil societ.
Should the European Union require the largest social networking services (like Facebook, Instagram and Twitter) to be interoperable with competitors? I explain why and how they should. Originally presented to the European Parliament’s Digital Markets Act working group of MEPs and staff in Brussels, on 24/5/23
Transatlantic data flows following the Schrems II judgmentblogzilla
Brief summary of Ian Brown and Douwe Korff’s study for the European Parliament Civil Liberties Committee, presented at a committee hearing on 9 November 2021
Lessons for interoperability remedies from UK Open Bankingblogzilla
The UK’s Open Banking programme is a world-leading experiment in requiring banks to open up customer accounts (with their explicit consent) to third-party providers. What lessons can be learnt from this case for legislation that would require dominant platforms to provide similar functionality?
Introduction to Cybersecurity for Electionsblogzilla
Slides for a 15-minute introduction to Cybersecurity for Elections: A Commonwealth Guide on Best Practice, by Ian Brown, Chris Marsden, James Lee and Michael Veale, published 5 Mar 2020
A basic cybersecurity introduction for managers, explaining how they and their organisation can guard against common types of attacks, based on the UK National Cyber Security Centre’s Cyber Essentials programme
My presentation at the Tunis Online Freedom Conference, 17 June 2013. Updated for Asia Privacy Scholars Network conference, 9 July 2013, Hong Kong University, and significantly updated for the SCL Policy Forum, 12 Sep 2013, and presentations at Deutsche Bank and Amberhawk (May 2014)
Overview of our GNI report, downloadable from http://globalnetworkinitiative.org/news/new-report-outlines-recommendations-governments-companies-and-others-how-protect-free
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Keeping our secrets? Shaping Internet technologies for the public good
1.
2. Overview
1. Challenges to privacy
1. Technological development
2. Market failure
3. Authorised access
2. Designing for privacy
3. Shaping technologies for the public good
9. Market failures
Information asymmetry – data gathered
ubiquitously and invisibly in a way few
understand
Privacy policies unreadable and difficult to verify/enforce
Most individuals bad at immediate benefit v
deferred, uncertain cost decisions
Privacy risks are highly probabilistic, cumulative, and difficult to
calculate
Information industries highly concentrated
Brown (2014)
10. Insider threats
Information required Price paid to ‘blagger’ Price charged
Occupant search not known £17.50
Telephone reverse trace £40 £75
Friends and Family £60 – £80 not known
Vehicle check at DVLA £70 £150 – £200
Criminal records check not known £500
Locating a named person not known £60
Ex-directory search £40 £65 – £75
Mobile phone account not known £750
Licence check not known £250
“What price privacy?”, Information Commissioner’s Office (2006)
11.
12. Overview
1. Challenges to privacy
2. Designing for privacy
1. Principles
2. Targeted advertising
3. Smart meters
4. Congestion charging
5. Privacy-protective robots
3. Shaping technologies for the public good
13. Designing for privacy
Data minimisation key: is your
personal data really necessary?
Limit & decentralise personal data
collection, storage, access and
usage – enforced using
cryptography
Protects against hackers, corrupt
insiders, and function creep
Users should also be notified and
consent to the processing of data –
easy-to-use interfaces are critical.
What are defaults?
Jedrzejczyk et al. (2010)
14. Location-based services
Can we use features of
mobile phone networks to
supply anonymous,
targeted adverts?
Haddadi, Hui, Henderson and Brown (2011)
18. Overview
1. Challenges to privacy
2. Designing for privacy
3. Shaping technologies for the public good
1. Defining the public good
2. Limits on government surveillance
3. The General Data Protection Regulation
4. Encouraging competition
19. EU data privacy concerns
Source: Eurobarometer
#225 Data Protection in
the EU, Feb. 2008 p.8
20. Constitutional protections
ECHR, 1950
Reaffirming their profound belief in
those fundamental freedoms which
are the foundation of justice and
peace in the world…
§8 Everyone has the right to respect
for his private and family life, his home
and his correspondence
§9 Everyone has the right to freedom
of thought, conscience and religion
§10 Everyone has the right to freedom
of expression
§11 Everyone has the right to freedom
of peaceful assembly and to freedom
of association with others
US Bill of Rights, ratified 1791
…extending the ground of public
confidence in the Government, will
best insure the beneficent ends of its
institution…
I: Congress shall make no law
respecting an establishment of
religion, or prohibiting the free
exercise thereof; or abridging the
freedom of speech, or of the press; or
the right of the people peaceably to
assemble
IV: The right of the people to be
secure in their persons, houses,
papers, and effects, against
unreasonable searches and seizures,
shall not be violated
21. Bulk vs. targeted surveillance
President Obama’s NSA Review Panel :
"Although we might be safer if the government had ready access to a
massive storehouse of information about every detail of our lives, the impact
of such a program on the quality of life and on individual freedom would
simply be too great… We recommend that the US Government should
examine the feasibility of creating software that would allow the National
Security Agency and other intelligence agencies more easily to conduct
targeted information acquisition rather than bulk-data collection.”
Deputy Prime Minister, 4 Mar 2014 :
“[O]ur current framework assumes that the collection of bulk data is
uncontroversial as long as arrangements for accessing it are suitably
stringent. I don‟t accept that... [S]trong access controls are vital to prevent
employees from going on „fishing expeditions‟ once a store of data exists.
But the case for collection itself has to be made, not assumed.”
22. GDPR Art. 23 Data protection by
design and by default
1. …the controller… shall…implement appropriate and proportionate technical
and organisational measures and procedures in such a way that the
processing will meet the requirements of this Regulation and ensure the
protection of the rights of the data subject… data protection by design shall
be a prerequisite for public procurement tenders… [and] procurement by
entities operating in the water, energy, transport and postal services sector
2. The controller shall ensure that, by default, only those personal data are
processed which are necessary for each specific purpose of the processing
and are especially not collected, retained or disseminated beyond the
minimum necessary for those purposes, both in terms of the amount of the
data and the time of their storage. In particular, those mechanisms shall
ensure that by default personal data are not made accessible to an
indefinite number of individuals and that data subjects are able to control
the distribution of their personal data.
See Korff & Brown (2010)
23. Interoperability requirements
Data portability may reduce
switching costs, but network effects
will still act as a barrier to entry
Vertical integration could limit
consumer choice
To minimise network barriers,
competition authorities could
impose ex ante interoperability
requirements:
upon dominant social utilities
between vertically integrated
value chains
24. Conclusion
Technology developments can have a significant social
impact – societies can shape the values technologies
embed if they wish (Brown, Clark & Trossen 2010)
Privacy-protective technologies have been developed
for a range of applications – how do we persuade
companies and governments to use them?
These are questions not just for computer scientists, but
also lawyers, economists, sociologists – and citizens and
their representatives
25. References
J. Balasch, A. Rial, C. Troncoso, C. Geuens, B.
Preneel, and I. Verbauwhede (2010) PrETP:
Privacy-Preserving Electronic Toll Pricing, In
Proceedings of the 19th Usenix Security
Symposium, pp. 63-78
I. Brown (2014) The economics of privacy, data
protection and surveillance. In J.M. Bauer and
M. Latzer (eds.) Research Handbook on the
Economics of the Internet. Cheltenham: Edward
Elgar
I. Brown, D. Clark and D. Trossen (2010) Should
Specific Values Be Embedded In The Internet
Architecture? Re-Architecting the Internet
I. Brown and C. Marsden (2013) Regulating
Code: Good Governance and Better
Regulation in the Information Age. Cambridge,
MA: MIT Press.
I. Brown, C. Buckley and D. Harris (2014) Data
Protection: Redress mechanisms and their use in
the UK. EU Fundamental Rights Agency
L. Jedrzejczyk, B. A. Price, A. K. Bandara and B.
Nuseibeh (2010) On The Impact of Real-Time
Feedback on Users’ Behaviour in Mobile
Location-Sharing Applications, Symposium on
Usable Privacy and Security, Redmond
H. Haddadi, P. Hui and I. Brown (2010) MobiAd:
Private and Scalable Mobile Advertising, ACM
International Workshop on Mobility in the
Evolving Internet Architecture, Chicago)
D. Korff and I. Brown (2010) New Challenges to
Data Protection. European Commission DG
Freedom, Security and Justice.
A. McDonald and L.F. Cranor (2008) The Cost of
Reading Privacy Policies. I/S 4 p.543
Editor's Notes
“Living with Google Glass – not quite useful enough to overcome the dork-factor” http://www.computerweekly.com/opinion/Living-with-Google-Glass-not-quite-useful-enough-to-overcome-the-dork-factor