SlideShare a Scribd company logo

Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-lingual Contact Centres across the EU

Enrico Denti
Enrico Denti

Talk @ INSCI 2016 - 3rd International Conference on Internet Science - September 12-14, Florence, Italy (http://insci2016.complexworld.net/)

Science
1 of 32
Privacy through Anonymisation in Large-scale Socio-technical Systems Multi-lingual Contact Centres across the EU Claudia Cevenini Enrico Denti Andrea Omicini Italo Cerno {claudia.cevenini, enrico.denti, andrea.omicini, italo.cerno}@unibo.it Dipartimento di Informatica – Scienza e Ingegneria (DISI) Alma Mater Studiorum – Universit`a di Bologna INSCI 2016 Firenze, Italy, 14 September 2016 Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 1 / 32
Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 2 / 32
Scope & Goals Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 3 / 32
Scope & Goals Context & Motivation Context and Focus this research focusses on contact centres (CC) as relevant examples of knowledge-intensive socio-technical systems (STS) we discuss the articulate aspects of anonymisation individual and organisational needs clash call for an accurate balancing between legal and technical aspects system efficiency while preserving the individual right to privacy we explore first, the relevant legal framework then, the general theme of anonymisation in CC we illustrate the general view of the technical process developed in the context of the BISON H2020 project Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 4 / 32
Scope & Goals Context & Motivation Contact Centres as STS Typical technology issues of CC as STS speech data mining technologies with multi-language capabilities business outcome mining from speech CC support systems integrating both speech and business outcome mining in user-friendly way Scaling up to Big Speech Data applying data mining technologies with multi-language capabilities to big speech data implies a corresponding scale up of privacy and data protection issues Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 5 / 32
Scope & Goals Context & Motivation Goal of the Research to assess how complex legal issues at national and international level can be faced while building a complex software infrastructure for CC first, in the development phase then, in the subsequent business phases to investigate how such infrastructures may be developed and marketed in the full respect of the Data Protection legal framework to focus on anonymisation as a fundamental concept and tool to deal with the potential conflict between opposite rights and needs able to provide further value-added, rather than being an obstacle especially in the R&D of a large-scale, knowledge intensive STS Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 6 / 32
Scope & Goals Context & Motivation Law & IT: a Focal Point Privacy vs. efficiency a suitable compromise between law-abidingness and privacy and system / process efficiency is a relevant goal not just for the legal analysis but for the whole engineering process of the CC infrastructure from a potential conflict of interests to composition of interests from “Oh My God, the lawyers!” & “Oh My God, the engineers!” to multiple competence together for a special kind of software product the requirement of legal compliance as a success factor instead of a possible source of delays and overheads an issue going well beyond the CC case study supporting anonymisation as a competitive advantage Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 7 / 32
Legal Framework Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 8 / 32
Legal Framework Data Protection Directive (DPD) The Data Protection Directive (Dir 1999/95/EC) [DPD95] key principles for the fair and lawful processing of personal data technical and organisational security measures to guarantee that all personal data are safe from destruction, loss, alteration, unauthorised disclosure, or access, during the entire data processing period. Highlights data processing requires even more care when it involves large amounts of personal and/or sensitive data people’s data flow across massive, third-party analytical systems need of a transparent view of how people’s data will be used (or sold) attention to data transfer from/to non-EU countries (and cloud) Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 9 / 32
Legal Framework Personal Data What are personal data? any information relating to a natural person, who can be identified, either directly or indirectly, by reference to one or more factors specific to his/her physical, physiological, mental, economic, cultural, or social identity the notion of personal data is strictly related to identification e.g. “John Smith” could/could not be personal data, depending whether it is enough to identify precisely one person conversely, “John the fisher living at the end of the street” could be personal data, if it is enough to identify him if the link between an individual and personal data never occurred or is somehow broken and cannot be rebuilt in any way (such as with anonymised data), the DPD rules no longer apply Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 10 / 32
Legal Framework Roles in Personal Data Processing Data controller vs. Data processor the data controller is in charge of personal data processing and takes any related decision e.g., selection of data to be processed, purposes and means of processing, technical and organisational security, . . . the data processor is a legally separate entity that processes personal data on behalf of a controller, in force of a written agreement and following specific instructions For instance: a company acts as a controller in processing its own customers’ data the CC entrusted with the same processing acts as a data processor on behalf of the company Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 11 / 32
Legal Framework How to Process Personal Data According to the DPD Processing personal data Personal data must be processed fairly and lawfully collected for specified, explicit, and legitimate purposes and not further processed in a way incompatible with those purpose further processing of data for historical, statistical or scientific purposes may not be considered as incompatible, with appropriate safeguards adequate, relevant and not excessive in relation to the purposes accurate and, where necessary, kept up to date; inaccurate or incomplete data should be erased or rectified kept in a form which permits identification of data subjects for no longer than is necessary for the purposes. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 12 / 32
Legal Framework Accountability According to the accountability principle data controllers must implement adequate technical and organisational measures to promote and safeguard data protection in their processing activities controllers are responsible for the compliance of their processing operations with data protection law and should be able to demonstrate compliance with data protection provisions at any time. They should also ensure that such measures are effective in case of larger, more complex, or high-risk data processing, the effectiveness of the measures adopted should be verified regularly, through monitoring, internal and external audits, etc. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 13 / 32
Legal Framework Security Measures Technical and organisational security measures should be adopted to protect personal data during all the processing period against the risks related to the integrity and confidentiality of data The level of data security requested by the law is determined by different elements, such as the nature (sensitive/non-sensitive) of the collected data the concrete availability in the market of adequate security measures at the current state of the art their cost – which should not be “disproportionate” with respect to the necessity Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 14 / 32
Legal Framework Big Speech Data Issues I Speech data Speech recordings involve biometric data (tone, pitch, cadence, and frequency of a person’s voice), suitable to determine someone’s identity. Highlights: from a Data Protection perspective, biometrics is linked to physical, physiological, behavioural, or even psychological characteristics of an individual – some of which may be used to reveal sensitive data biometric data may also enable automated tracking, tracing, or profiling of persons → potential high impact on privacy biometric data are by nature irrevocable requires the informed consent of the data subject + ev. authorisations/notifications from/vs. Data Protection Authorities + strict security measures Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 15 / 32
Legal Framework Big Speech Data Issues II Big Data big data analytics can involve the repurposing of personal data personal data collected for one purpose cannot be reused/re-analysed for another purpose, without prior notification to the data subjects and new explicit consent (includes making data available to others to do so) big data may in themselves contrast with the principle of data minimisation and relevancy the challenge for organisations is to focus clearly on their expectations from big data processing, so as to be able to verify that the processing serve exactly the purposes for which data are collected data are relevant and not excessive in relation to such aims Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 16 / 32
Socio-Legal-Technical Analysis Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 17 / 32
Socio-Legal-Technical Analysis Relevant Principles I the legal framework foresees a set of essential principles some directly derive from the DPD – namely, from the “Principles relating to data quality” other concern the security measures – particularly w.r.t. the “Security of processing” these principles are further strengthened and detailed in the new “General Data Protection Regulation” (GDPR) [GDP16] Categories of principles (a) principles about data processing (b) principles about security measures (c) other relevant principles Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 18 / 32
Socio-Legal-Technical Analysis Relevant Principles II Principles of Data Processing 1 principle of lawfulness and fairness 2 principle of relevance and non-excessive use 3 principle of purpose 4 principle of accuracy 5 principle of data retention Principles of Security Measures 1 principle of privacy by design and by default 2 principle of appropriateness of the security measures Other Relevant Principles 1 principle of least privilege 2 principle of intentionality in performing any critical action Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 19 / 32
Socio-Legal-Technical Analysis Technological Requirements for Anonymisation Resulting requirements personal data may be processed only to the extent they are needed to achieve specific purposes whenever identifying data are not actually necessary, anonymous data should be used the DPD does not apply to data rendered anonymous such that the data subject is no longer identifiable it does not set any prescriptive standard nor does it describe the de-identification process → just its outcome, i.e. a reasonably-impossible re-identification Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 20 / 32
Anonymisation Process Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 21 / 32
Anonymisation Process Anonymise data = ... ? In principle the DPD does not apply to data made anonymous in such a way that the data subject is no longer identifiable yet, irreversibly-preventing identification requires data controllers to consider all the means which may likely reasonably be used for identification, either by the controller or by a third party But in practice. . . it is difficult to create a truly anonymous dataset, while retaining all the data required for a specific (organisational) task likely reasonably is inherently quite subjective → need for some shared, reasonable interpretation Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 22 / 32
Anonymisation Process Article 29 Working Party the Article 29 Working Party – Opinion on Anonymisation Techniques (Art. 29 WP henceforth) [Dir14] is an important reference for compliance in anonymisation issues the criteria on which Art. 29 WP grounds its opinion on robustness focus on the possibility of singling out an individual linking records relating to an individual inferring information concerning an individual. in GDPR, replaced by the European Data Protection Board Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 23 / 32
Anonymisation Process in BISON Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 24 / 32
Anonymisation Process in BISON Anonymisation in BISON Fundamental distinction research phase — [during the project] when software and technologies are developed and tested, but are not yet in actual production business phase — [after the project] when software and technologies will be used in CC, dealing with real customers data anonymisation as a fundamental tool to set the research phase free from the complex DPD requirements to comply with the purpose, relevance, and necessity principles in the perspective, also a value-added component for partners to support other applications — not an overhead in the subsequent business phase, the system will also deal with real user data – in compliance with any applicable law data processing will occur inside each CC, with appropriate consent Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 25 / 32
Anonymisation Process in BISON Technological Requirements strict security requirements fine-tuneable users’ roles, rights, and restrictions case-by-case configurability based on actual needs and national laws on-the-fly anonymisation if some unexpected personal data are heard by the CC agent privacy by default max anonymisation as the default setting fine-grain customisation lowering of privacy settings always explicit lowering of privacy settings requires supervisor priviledges key challenge: make anonymisation future-proof with respect to a continuously-evolving legal scenario with respect to the (even-faster-evolving) technology improvement Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 26 / 32
Anonymisation Process in BISON The Anonymisation Process: General Overview I First stage of the BISON research limited data size, initial lack of automatic tools anonymisation is performed with manual procedures Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 27 / 32
Anonymisation Process in BISON The Anonymisation Process: General Overview II Second stage of the BISON research huge amounts of speech data automatic transcription – for all the supported languages anonymisation now occurs on the original audio file, not on a manually pre-silenced file automatic anonymisation possibly not 100% effective any effort made to reduce errors to the minimum subsequent feature extraction completes the process. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 28 / 32
Conclusions Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 29 / 32
Conclusions Conclusions contemporary software engineering requires non-computational issues – normative, organisational, societal – to be kept into account the law-abidingness of large-scale STS, including both human and software agents, is an intricate issue must be faced in the requirement stage of any reliable software engineering process anonymisation of speech data in CC calls for an accurate balancing between legal and technical aspect to achieve efficiency while preserving the right to privacy the legal framework can actually translate into requirements for the software engineering process the BISON case shows how the anonymisation process can be structured during the research phase to enable the resulting system to properly manage the data in the future business operation phase Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 30 / 32
References References Article 29 Data Protection Working Party – Opinion 05/2014 on anonymisation techniques. http://ec.europa.eu/justice/data-protection/article-29/, 18 April 2014. 0829/14/EN WP216. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities, 38(L 281):31–50, 23 November 1995. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (text with EEA relevance). Official Journal of the European Communities, 59(L 119):1–88, 4 May 2016. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 31 / 32
Privacy through Anonymisation in Large-scale Socio-technical Systems Multi-lingual Contact Centres across the EU Claudia Cevenini Enrico Denti Andrea Omicini Italo Cerno {claudia.cevenini, enrico.denti, andrea.omicini, italo.cerno}@unibo.it Dipartimento di Informatica – Scienza e Ingegneria (DISI) Alma Mater Studiorum – Universit`a di Bologna INSCI 2016 Firenze, Italy, 14 September 2016 Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 32 / 32

Recommended

An ethical approach to data privacy protection
An ethical approach to data privacy protectionAn ethical approach to data privacy protection
An ethical approach to data privacy protectionNicha Tatsaneeyapan
 
TDM of National Libraries in the EU.pptx
TDM of National Libraries in the EU.pptxTDM of National Libraries in the EU.pptx
TDM of National Libraries in the EU.pptxDr. Marinos Papadopoulos
 
Getting the social side of pervasive computing right
Getting the social side of pervasive computing rightGetting the social side of pervasive computing right
Getting the social side of pervasive computing rightblogzilla
 
Key principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRKey principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRDr. Marinos Papadopoulos
 
Final projet
Final projetFinal projet
Final projetserge-parfait Goma
 
Vint big data research privacy technology and the law
Vint big data research privacy technology and the lawVint big data research privacy technology and the law
Vint big data research privacy technology and the lawKarlos Svoboda
 
Identity REvolution multi disciplinary perspectives
Identity REvolution multi disciplinary perspectivesIdentity REvolution multi disciplinary perspectives
Identity REvolution multi disciplinary perspectivesKarlos Svoboda
 
Wsgr eu data protection briefing march 20 2013 - final
Wsgr eu data protection briefing march 20 2013 - finalWsgr eu data protection briefing march 20 2013 - final
Wsgr eu data protection briefing march 20 2013 - finalValentin Korobkov
 

Recommended

An ethical approach to data privacy protection
An ethical approach to data privacy protectionAn ethical approach to data privacy protection
An ethical approach to data privacy protectionNicha Tatsaneeyapan
 
TDM of National Libraries in the EU.pptx
TDM of National Libraries in the EU.pptxTDM of National Libraries in the EU.pptx
TDM of National Libraries in the EU.pptxDr. Marinos Papadopoulos
 
Getting the social side of pervasive computing right
Getting the social side of pervasive computing rightGetting the social side of pervasive computing right
Getting the social side of pervasive computing rightblogzilla
 
Key principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRKey principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRDr. Marinos Papadopoulos
 
Final projet
Final projetFinal projet
Final projetserge-parfait Goma
 
Vint big data research privacy technology and the law
Vint big data research privacy technology and the lawVint big data research privacy technology and the law
Vint big data research privacy technology and the lawKarlos Svoboda
 
Identity REvolution multi disciplinary perspectives
Identity REvolution multi disciplinary perspectivesIdentity REvolution multi disciplinary perspectives
Identity REvolution multi disciplinary perspectivesKarlos Svoboda
 
Wsgr eu data protection briefing march 20 2013 - final
Wsgr eu data protection briefing march 20 2013 - finalWsgr eu data protection briefing march 20 2013 - final
Wsgr eu data protection briefing march 20 2013 - finalValentin Korobkov
 
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...Konstantinos Demertzis
 
Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Karlos Svoboda
 
Overview of Ethical Issues in Digital Watermarking
Overview of Ethical Issues in Digital WatermarkingOverview of Ethical Issues in Digital Watermarking
Overview of Ethical Issues in Digital WatermarkingDr. Michael Agbaje
 
Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...
Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...
Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...Anna Gomez
 
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...Prof. (Dr.) Tabrez Ahmad
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obamaLilian Edwards
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingJes Breslaw
 
PECB Webinar: The Internet of Things
PECB Webinar: The Internet of ThingsPECB Webinar: The Internet of Things
PECB Webinar: The Internet of ThingsPECB
 
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Andrea Omicini
 
Privacy protecting fitness trackers
Privacy protecting fitness trackersPrivacy protecting fitness trackers
Privacy protecting fitness trackersiwhhu
 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard
 
Access to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaAccess to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaOECD Governance
 
Anonos PR Newswire Press Release 07-09-15
Anonos PR Newswire Press Release 07-09-15Anonos PR Newswire Press Release 07-09-15
Anonos PR Newswire Press Release 07-09-15Ted Myerson
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
 
Outline D
Outline DOutline D
Outline Dbutest
 
Technology helps people in implementing privacy in their day today l.pdf
Technology helps people in implementing privacy in their day today l.pdfTechnology helps people in implementing privacy in their day today l.pdf
Technology helps people in implementing privacy in their day today l.pdfaparnaagenciestvm
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...Symantec
 
Governance compliance
Governance complianceGovernance compliance
Governance complianceAndy Petrella
 
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction FIA2010
 
Jan 2017 Submission to AG Re: Metadata use in civil proceedings
Jan 2017 Submission to AG Re: Metadata use in civil proceedingsJan 2017 Submission to AG Re: Metadata use in civil proceedings
Jan 2017 Submission to AG Re: Metadata use in civil proceedingsTimothy Holborn
 
ico-future-tech-report-20221214.pdf
ico-future-tech-report-20221214.pdfico-future-tech-report-20221214.pdf
ico-future-tech-report-20221214.pdfyashapnt
 
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Karlos Svoboda
 

More Related Content

What's hot

A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...Konstantinos Demertzis
 
Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Karlos Svoboda
 
Overview of Ethical Issues in Digital Watermarking
Overview of Ethical Issues in Digital WatermarkingOverview of Ethical Issues in Digital Watermarking
Overview of Ethical Issues in Digital WatermarkingDr. Michael Agbaje
 
Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...
Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...
Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...Anna Gomez
 
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...Prof. (Dr.) Tabrez Ahmad
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obamaLilian Edwards
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingJes Breslaw
 
PECB Webinar: The Internet of Things
PECB Webinar: The Internet of ThingsPECB Webinar: The Internet of Things
PECB Webinar: The Internet of ThingsPECB
 

What's hot (8)

A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
 
Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...Survey of accountability, trust, consent, tracking, security and privacy mech...
Survey of accountability, trust, consent, tracking, security and privacy mech...
 
Overview of Ethical Issues in Digital Watermarking
Overview of Ethical Issues in Digital WatermarkingOverview of Ethical Issues in Digital Watermarking
Overview of Ethical Issues in Digital Watermarking
 
Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...
Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...
Addressing Cybersecurity and Cybercrime via a co-evolutionary approach to red...
 
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obama
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-masking
 
PECB Webinar: The Internet of Things
PECB Webinar: The Internet of ThingsPECB Webinar: The Internet of Things
PECB Webinar: The Internet of Things
 

Similar to Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-lingual Contact Centres across the EU

Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Andrea Omicini
 
Privacy protecting fitness trackers
Privacy protecting fitness trackersPrivacy protecting fitness trackers
Privacy protecting fitness trackersiwhhu
 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard
 
Access to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaAccess to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaOECD Governance
 
Anonos PR Newswire Press Release 07-09-15
Anonos PR Newswire Press Release 07-09-15Anonos PR Newswire Press Release 07-09-15
Anonos PR Newswire Press Release 07-09-15Ted Myerson
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
 
Outline D
Outline DOutline D
Outline Dbutest
 
Technology helps people in implementing privacy in their day today l.pdf
Technology helps people in implementing privacy in their day today l.pdfTechnology helps people in implementing privacy in their day today l.pdf
Technology helps people in implementing privacy in their day today l.pdfaparnaagenciestvm
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...Symantec
 
Governance compliance
Governance complianceGovernance compliance
Governance complianceAndy Petrella
 
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction FIA2010
 
Jan 2017 Submission to AG Re: Metadata use in civil proceedings
Jan 2017 Submission to AG Re: Metadata use in civil proceedingsJan 2017 Submission to AG Re: Metadata use in civil proceedings
Jan 2017 Submission to AG Re: Metadata use in civil proceedingsTimothy Holborn
 
ico-future-tech-report-20221214.pdf
ico-future-tech-report-20221214.pdfico-future-tech-report-20221214.pdf
ico-future-tech-report-20221214.pdfyashapnt
 
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Karlos Svoboda
 
Lesson4-Privacy and Data Protection.pptx
Lesson4-Privacy and Data Protection.pptxLesson4-Privacy and Data Protection.pptx
Lesson4-Privacy and Data Protection.pptxadnis1
 
Article 1 currently, smartphone, web, and social networking techno
Article 1 currently, smartphone, web, and social networking technoArticle 1 currently, smartphone, web, and social networking techno
Article 1 currently, smartphone, web, and social networking technohoney690131
 
Cnil 35th activity report 2014
Cnil 35th activity report 2014Cnil 35th activity report 2014
Cnil 35th activity report 2014Market iT
 
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docx
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docxRunning Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docx
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docxtodd521
 
Privacy impact assessment
Privacy impact assessmentPrivacy impact assessment
Privacy impact assessmentSpringer
 

Similar to Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-lingual Contact Centres across the EU (20)

Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
 
Privacy protecting fitness trackers
Privacy protecting fitness trackersPrivacy protecting fitness trackers
Privacy protecting fitness trackers
 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
 
Access to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaAccess to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela Piana
 
Anonos PR Newswire Press Release 07-09-15
Anonos PR Newswire Press Release 07-09-15Anonos PR Newswire Press Release 07-09-15
Anonos PR Newswire Press Release 07-09-15
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hr
 
Outline D
Outline DOutline D
Outline D
 
Technology helps people in implementing privacy in their day today l.pdf
Technology helps people in implementing privacy in their day today l.pdfTechnology helps people in implementing privacy in their day today l.pdf
Technology helps people in implementing privacy in their day today l.pdf
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
 
Governance compliance
Governance complianceGovernance compliance
Governance compliance
 
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction
 
Jan 2017 Submission to AG Re: Metadata use in civil proceedings
Jan 2017 Submission to AG Re: Metadata use in civil proceedingsJan 2017 Submission to AG Re: Metadata use in civil proceedings
Jan 2017 Submission to AG Re: Metadata use in civil proceedings
 
ico-future-tech-report-20221214.pdf
ico-future-tech-report-20221214.pdfico-future-tech-report-20221214.pdf
ico-future-tech-report-20221214.pdf
 
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
 
Identity Management Policy Seminar
Identity Management Policy SeminarIdentity Management Policy Seminar
Identity Management Policy Seminar
 
Lesson4-Privacy and Data Protection.pptx
Lesson4-Privacy and Data Protection.pptxLesson4-Privacy and Data Protection.pptx
Lesson4-Privacy and Data Protection.pptx
 
Article 1 currently, smartphone, web, and social networking techno
Article 1 currently, smartphone, web, and social networking technoArticle 1 currently, smartphone, web, and social networking techno
Article 1 currently, smartphone, web, and social networking techno
 
Cnil 35th activity report 2014
Cnil 35th activity report 2014Cnil 35th activity report 2014
Cnil 35th activity report 2014
 
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docx
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docxRunning Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docx
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docx
 
Privacy impact assessment
Privacy impact assessmentPrivacy impact assessment
Privacy impact assessment
 

Recently uploaded

Spermiogenesis or Spermateleosis or metamorphosis of spermatid
Spermiogenesis or Spermateleosis or metamorphosis of spermatidSpermiogenesis or Spermateleosis or metamorphosis of spermatid
Spermiogenesis or Spermateleosis or metamorphosis of spermatidSarthak Sekhar Mondal
 
Grafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeGrafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeSatoshi NAKAHIRA
 
Physiochemical properties of nanomaterials and its nanotoxicity.pptx
Physiochemical properties of nanomaterials and its nanotoxicity.pptxPhysiochemical properties of nanomaterials and its nanotoxicity.pptx
Physiochemical properties of nanomaterials and its nanotoxicity.pptxAArockiyaNisha
 
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43b
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43bNightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43b
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43bSérgio Sacani
 
Nanoparticles synthesis and characterization​ ​
Nanoparticles synthesis and characterization​ ​Nanoparticles synthesis and characterization​ ​
Nanoparticles synthesis and characterization​ ​kaibalyasahoo82800
 
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...jana861314
 
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsHubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsSérgio Sacani
 
Cultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptxCultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptxpradhanghanshyam7136
 
zoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistanzoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistanzohaibmir069
 
Scheme-of-Work-Science-Stage-4 cambridge science.docx
Scheme-of-Work-Science-Stage-4 cambridge science.docxScheme-of-Work-Science-Stage-4 cambridge science.docx
Scheme-of-Work-Science-Stage-4 cambridge science.docxyaramohamed343013
 
Analytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdfAnalytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdfSwapnil Therkar
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)PraveenaKalaiselvan1
 
Call Girls in Munirka Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Munirka Delhi 💯Call Us 🔝8264348440🔝Call Girls in Munirka Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Munirka Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCRStunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCRDelhi Call girls
 
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxAnalytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxSwapnil Therkar
 
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Sérgio Sacani
 
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfBehavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfSELF-EXPLANATORY
 
NAVSEA PEO USC - Unmanned & Small Combatants 26Oct23.pdf
NAVSEA PEO USC - Unmanned & Small Combatants 26Oct23.pdfNAVSEA PEO USC - Unmanned & Small Combatants 26Oct23.pdf
NAVSEA PEO USC - Unmanned & Small Combatants 26Oct23.pdfWadeK3
 

Recently uploaded (20)

Spermiogenesis or Spermateleosis or metamorphosis of spermatid
Spermiogenesis or Spermateleosis or metamorphosis of spermatidSpermiogenesis or Spermateleosis or metamorphosis of spermatid
Spermiogenesis or Spermateleosis or metamorphosis of spermatid
 
Grafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeGrafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real time
 
Physiochemical properties of nanomaterials and its nanotoxicity.pptx
Physiochemical properties of nanomaterials and its nanotoxicity.pptxPhysiochemical properties of nanomaterials and its nanotoxicity.pptx
Physiochemical properties of nanomaterials and its nanotoxicity.pptx
 
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43b
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43bNightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43b
Nightside clouds and disequilibrium chemistry on the hot Jupiter WASP-43b
 
Nanoparticles synthesis and characterization​ ​
Nanoparticles synthesis and characterization​ ​Nanoparticles synthesis and characterization​ ​
Nanoparticles synthesis and characterization​ ​
 
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
 
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsHubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
 
Engler and Prantl system of classification in plant taxonomy
Engler and Prantl system of classification in plant taxonomyEngler and Prantl system of classification in plant taxonomy
Engler and Prantl system of classification in plant taxonomy
 
Cultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptxCultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptx
 
zoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistanzoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistan
 
Scheme-of-Work-Science-Stage-4 cambridge science.docx
Scheme-of-Work-Science-Stage-4 cambridge science.docxScheme-of-Work-Science-Stage-4 cambridge science.docx
Scheme-of-Work-Science-Stage-4 cambridge science.docx
 
Analytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdfAnalytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdf
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)
 
Call Girls in Munirka Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Munirka Delhi 💯Call Us 🔝8264348440🔝Call Girls in Munirka Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Munirka Delhi 💯Call Us 🔝8264348440🔝
 
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCRStunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
 
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxAnalytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
 
The Philosophy of Science
The Philosophy of ScienceThe Philosophy of Science
The Philosophy of Science
 
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
 
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfBehavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
 
NAVSEA PEO USC - Unmanned & Small Combatants 26Oct23.pdf
NAVSEA PEO USC - Unmanned & Small Combatants 26Oct23.pdfNAVSEA PEO USC - Unmanned & Small Combatants 26Oct23.pdf
NAVSEA PEO USC - Unmanned & Small Combatants 26Oct23.pdf
 

Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-lingual Contact Centres across the EU

  • 1. Privacy through Anonymisation in Large-scale Socio-technical Systems Multi-lingual Contact Centres across the EU Claudia Cevenini Enrico Denti Andrea Omicini Italo Cerno {claudia.cevenini, enrico.denti, andrea.omicini, italo.cerno}@unibo.it Dipartimento di Informatica – Scienza e Ingegneria (DISI) Alma Mater Studiorum – Universit`a di Bologna INSCI 2016 Firenze, Italy, 14 September 2016 Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 1 / 32
  • 2. Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 2 / 32
  • 3. Scope & Goals Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 3 / 32
  • 4. Scope & Goals Context & Motivation Context and Focus this research focusses on contact centres (CC) as relevant examples of knowledge-intensive socio-technical systems (STS) we discuss the articulate aspects of anonymisation individual and organisational needs clash call for an accurate balancing between legal and technical aspects system efficiency while preserving the individual right to privacy we explore first, the relevant legal framework then, the general theme of anonymisation in CC we illustrate the general view of the technical process developed in the context of the BISON H2020 project Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 4 / 32
  • 5. Scope & Goals Context & Motivation Contact Centres as STS Typical technology issues of CC as STS speech data mining technologies with multi-language capabilities business outcome mining from speech CC support systems integrating both speech and business outcome mining in user-friendly way Scaling up to Big Speech Data applying data mining technologies with multi-language capabilities to big speech data implies a corresponding scale up of privacy and data protection issues Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 5 / 32
  • 6. Scope & Goals Context & Motivation Goal of the Research to assess how complex legal issues at national and international level can be faced while building a complex software infrastructure for CC first, in the development phase then, in the subsequent business phases to investigate how such infrastructures may be developed and marketed in the full respect of the Data Protection legal framework to focus on anonymisation as a fundamental concept and tool to deal with the potential conflict between opposite rights and needs able to provide further value-added, rather than being an obstacle especially in the R&D of a large-scale, knowledge intensive STS Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 6 / 32
  • 7. Scope & Goals Context & Motivation Law & IT: a Focal Point Privacy vs. efficiency a suitable compromise between law-abidingness and privacy and system / process efficiency is a relevant goal not just for the legal analysis but for the whole engineering process of the CC infrastructure from a potential conflict of interests to composition of interests from “Oh My God, the lawyers!” & “Oh My God, the engineers!” to multiple competence together for a special kind of software product the requirement of legal compliance as a success factor instead of a possible source of delays and overheads an issue going well beyond the CC case study supporting anonymisation as a competitive advantage Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 7 / 32
  • 8. Legal Framework Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 8 / 32
  • 9. Legal Framework Data Protection Directive (DPD) The Data Protection Directive (Dir 1999/95/EC) [DPD95] key principles for the fair and lawful processing of personal data technical and organisational security measures to guarantee that all personal data are safe from destruction, loss, alteration, unauthorised disclosure, or access, during the entire data processing period. Highlights data processing requires even more care when it involves large amounts of personal and/or sensitive data people’s data flow across massive, third-party analytical systems need of a transparent view of how people’s data will be used (or sold) attention to data transfer from/to non-EU countries (and cloud) Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 9 / 32
  • 10. Legal Framework Personal Data What are personal data? any information relating to a natural person, who can be identified, either directly or indirectly, by reference to one or more factors specific to his/her physical, physiological, mental, economic, cultural, or social identity the notion of personal data is strictly related to identification e.g. “John Smith” could/could not be personal data, depending whether it is enough to identify precisely one person conversely, “John the fisher living at the end of the street” could be personal data, if it is enough to identify him if the link between an individual and personal data never occurred or is somehow broken and cannot be rebuilt in any way (such as with anonymised data), the DPD rules no longer apply Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 10 / 32
  • 11. Legal Framework Roles in Personal Data Processing Data controller vs. Data processor the data controller is in charge of personal data processing and takes any related decision e.g., selection of data to be processed, purposes and means of processing, technical and organisational security, . . . the data processor is a legally separate entity that processes personal data on behalf of a controller, in force of a written agreement and following specific instructions For instance: a company acts as a controller in processing its own customers’ data the CC entrusted with the same processing acts as a data processor on behalf of the company Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 11 / 32
  • 12. Legal Framework How to Process Personal Data According to the DPD Processing personal data Personal data must be processed fairly and lawfully collected for specified, explicit, and legitimate purposes and not further processed in a way incompatible with those purpose further processing of data for historical, statistical or scientific purposes may not be considered as incompatible, with appropriate safeguards adequate, relevant and not excessive in relation to the purposes accurate and, where necessary, kept up to date; inaccurate or incomplete data should be erased or rectified kept in a form which permits identification of data subjects for no longer than is necessary for the purposes. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 12 / 32
  • 13. Legal Framework Accountability According to the accountability principle data controllers must implement adequate technical and organisational measures to promote and safeguard data protection in their processing activities controllers are responsible for the compliance of their processing operations with data protection law and should be able to demonstrate compliance with data protection provisions at any time. They should also ensure that such measures are effective in case of larger, more complex, or high-risk data processing, the effectiveness of the measures adopted should be verified regularly, through monitoring, internal and external audits, etc. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 13 / 32
  • 14. Legal Framework Security Measures Technical and organisational security measures should be adopted to protect personal data during all the processing period against the risks related to the integrity and confidentiality of data The level of data security requested by the law is determined by different elements, such as the nature (sensitive/non-sensitive) of the collected data the concrete availability in the market of adequate security measures at the current state of the art their cost – which should not be “disproportionate” with respect to the necessity Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 14 / 32
  • 15. Legal Framework Big Speech Data Issues I Speech data Speech recordings involve biometric data (tone, pitch, cadence, and frequency of a person’s voice), suitable to determine someone’s identity. Highlights: from a Data Protection perspective, biometrics is linked to physical, physiological, behavioural, or even psychological characteristics of an individual – some of which may be used to reveal sensitive data biometric data may also enable automated tracking, tracing, or profiling of persons → potential high impact on privacy biometric data are by nature irrevocable requires the informed consent of the data subject + ev. authorisations/notifications from/vs. Data Protection Authorities + strict security measures Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 15 / 32
  • 16. Legal Framework Big Speech Data Issues II Big Data big data analytics can involve the repurposing of personal data personal data collected for one purpose cannot be reused/re-analysed for another purpose, without prior notification to the data subjects and new explicit consent (includes making data available to others to do so) big data may in themselves contrast with the principle of data minimisation and relevancy the challenge for organisations is to focus clearly on their expectations from big data processing, so as to be able to verify that the processing serve exactly the purposes for which data are collected data are relevant and not excessive in relation to such aims Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 16 / 32
  • 17. Socio-Legal-Technical Analysis Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 17 / 32
  • 18. Socio-Legal-Technical Analysis Relevant Principles I the legal framework foresees a set of essential principles some directly derive from the DPD – namely, from the “Principles relating to data quality” other concern the security measures – particularly w.r.t. the “Security of processing” these principles are further strengthened and detailed in the new “General Data Protection Regulation” (GDPR) [GDP16] Categories of principles (a) principles about data processing (b) principles about security measures (c) other relevant principles Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 18 / 32
  • 19. Socio-Legal-Technical Analysis Relevant Principles II Principles of Data Processing 1 principle of lawfulness and fairness 2 principle of relevance and non-excessive use 3 principle of purpose 4 principle of accuracy 5 principle of data retention Principles of Security Measures 1 principle of privacy by design and by default 2 principle of appropriateness of the security measures Other Relevant Principles 1 principle of least privilege 2 principle of intentionality in performing any critical action Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 19 / 32
  • 20. Socio-Legal-Technical Analysis Technological Requirements for Anonymisation Resulting requirements personal data may be processed only to the extent they are needed to achieve specific purposes whenever identifying data are not actually necessary, anonymous data should be used the DPD does not apply to data rendered anonymous such that the data subject is no longer identifiable it does not set any prescriptive standard nor does it describe the de-identification process → just its outcome, i.e. a reasonably-impossible re-identification Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 20 / 32
  • 21. Anonymisation Process Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 21 / 32
  • 22. Anonymisation Process Anonymise data = ... ? In principle the DPD does not apply to data made anonymous in such a way that the data subject is no longer identifiable yet, irreversibly-preventing identification requires data controllers to consider all the means which may likely reasonably be used for identification, either by the controller or by a third party But in practice. . . it is difficult to create a truly anonymous dataset, while retaining all the data required for a specific (organisational) task likely reasonably is inherently quite subjective → need for some shared, reasonable interpretation Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 22 / 32
  • 23. Anonymisation Process Article 29 Working Party the Article 29 Working Party – Opinion on Anonymisation Techniques (Art. 29 WP henceforth) [Dir14] is an important reference for compliance in anonymisation issues the criteria on which Art. 29 WP grounds its opinion on robustness focus on the possibility of singling out an individual linking records relating to an individual inferring information concerning an individual. in GDPR, replaced by the European Data Protection Board Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 23 / 32
  • 24. Anonymisation Process in BISON Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 24 / 32
  • 25. Anonymisation Process in BISON Anonymisation in BISON Fundamental distinction research phase — [during the project] when software and technologies are developed and tested, but are not yet in actual production business phase — [after the project] when software and technologies will be used in CC, dealing with real customers data anonymisation as a fundamental tool to set the research phase free from the complex DPD requirements to comply with the purpose, relevance, and necessity principles in the perspective, also a value-added component for partners to support other applications — not an overhead in the subsequent business phase, the system will also deal with real user data – in compliance with any applicable law data processing will occur inside each CC, with appropriate consent Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 25 / 32
  • 26. Anonymisation Process in BISON Technological Requirements strict security requirements fine-tuneable users’ roles, rights, and restrictions case-by-case configurability based on actual needs and national laws on-the-fly anonymisation if some unexpected personal data are heard by the CC agent privacy by default max anonymisation as the default setting fine-grain customisation lowering of privacy settings always explicit lowering of privacy settings requires supervisor priviledges key challenge: make anonymisation future-proof with respect to a continuously-evolving legal scenario with respect to the (even-faster-evolving) technology improvement Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 26 / 32
  • 27. Anonymisation Process in BISON The Anonymisation Process: General Overview I First stage of the BISON research limited data size, initial lack of automatic tools anonymisation is performed with manual procedures Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 27 / 32
  • 28. Anonymisation Process in BISON The Anonymisation Process: General Overview II Second stage of the BISON research huge amounts of speech data automatic transcription – for all the supported languages anonymisation now occurs on the original audio file, not on a manually pre-silenced file automatic anonymisation possibly not 100% effective any effort made to reduce errors to the minimum subsequent feature extraction completes the process. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 28 / 32
  • 29. Conclusions Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusions Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 29 / 32
  • 30. Conclusions Conclusions contemporary software engineering requires non-computational issues – normative, organisational, societal – to be kept into account the law-abidingness of large-scale STS, including both human and software agents, is an intricate issue must be faced in the requirement stage of any reliable software engineering process anonymisation of speech data in CC calls for an accurate balancing between legal and technical aspect to achieve efficiency while preserving the right to privacy the legal framework can actually translate into requirements for the software engineering process the BISON case shows how the anonymisation process can be structured during the research phase to enable the resulting system to properly manage the data in the future business operation phase Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 30 / 32
  • 31. References References Article 29 Data Protection Working Party – Opinion 05/2014 on anonymisation techniques. http://ec.europa.eu/justice/data-protection/article-29/, 18 April 2014. 0829/14/EN WP216. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities, 38(L 281):31–50, 23 November 1995. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (text with EEA relevance). Official Journal of the European Communities, 59(L 119):1–88, 4 May 2016. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 31 / 32
  • 32. Privacy through Anonymisation in Large-scale Socio-technical Systems Multi-lingual Contact Centres across the EU Claudia Cevenini Enrico Denti Andrea Omicini Italo Cerno {claudia.cevenini, enrico.denti, andrea.omicini, italo.cerno}@unibo.it Dipartimento di Informatica – Scienza e Ingegneria (DISI) Alma Mater Studiorum – Universit`a di Bologna INSCI 2016 Firenze, Italy, 14 September 2016 Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation INSCI 2016, Firenze, Italy 32 / 32