Search results for: data protection
26827 Strengthening Legal Protection of Personal Data through Technical Protection Regulation in Line with Human Rights
Authors: Tomy Prihananto, Damar Apri Sudarmadi
Abstract:
Indonesia recognizes the right to privacy as a human right. Indonesia provides legal protection against data management activities because the protection of personal data is a part of human rights. This paper aims to describe the arrangement of data management and data management in Indonesia. This paper is a descriptive research with qualitative approach and collecting data from literature study. Results of this paper are comprehensive arrangement of data that have been set up as a technical requirement of data protection by encryption methods. Arrangements on encryption and protection of personal data are mutually reinforcing arrangements in the protection of personal data. Indonesia has two important and immediately enacted laws that provide protection for the privacy of information that is part of human rights.Keywords: Indonesia, protection, personal data, privacy, human rights, encryption
Procedia PDF Downloads 18126826 The Role of Data Protection Officer in Managing Individual Data: Issues and Challenges
Authors: Nazura Abdul Manap, Siti Nur Farah Atiqah Salleh
Abstract:
For decades, the misuse of personal data has been a critical issue. Malaysia has accepted responsibility by implementing the Malaysian Personal Data Protection Act 2010 to secure personal data (PDPA 2010). After more than a decade, this legislation is set to be revised by the current PDPA 2023 Amendment Bill to align with the world's key personal data protection regulations, such as the European Union General Data Protection Regulations (GDPR). Among the other suggested adjustments is the Data User's appointment of a Data Protection Officer (DPO) to ensure the commercial entity's compliance with the PDPA 2010 criteria. The change is expected to be enacted in parliament fairly soon; nevertheless, based on the experience of the Personal Data Protection Department (PDPD) in implementing the Act, it is projected that there will be a slew of additional concerns associated with the DPO mandate. Consequently, the goal of this article is to highlight the issues that the DPO will encounter and how the Personal Data Protection Department should respond to this subject. The study result was produced using a qualitative technique based on an examination of the current literature. This research reveals that there are probable obstacles experienced by the DPO, and thus, there should be a definite, clear guideline in place to aid DPO in executing their tasks. It is argued that appointing a DPO is a wise measure in ensuring that the legal data security requirements are met.Keywords: guideline, law, data protection officer, personal data
Procedia PDF Downloads 7826825 Access to Health Data in Medical Records in Indonesia in Terms of Personal Data Protection Principles: The Limitation and Its Implication
Authors: Anny Retnowati, Elisabeth Sundari
Abstract:
This research aims to elaborate the meaning of personal data protection principles on patient access to health data in medical records in Indonesia and its implications. The method uses normative legal research by examining health law in Indonesia regarding the patient's right to access their health data in medical records. The data will be analysed qualitatively using the interpretation method to elaborate on the limitation of the meaning of personal data protection principles on patients' access to their data in medical records. The results show that patients only have the right to obtain copies of their health data in medical records. There is no right to inspect directly at any time. Indonesian health law limits the principle of patients' right to broad access to their health data in medical records. This restriction has implications for the reduction of personal data protection as part of human rights. This research contribute to show that a limitaion of personal data protection may abuse the human rights.Keywords: access, health data, medical records, personal data, protection
Procedia PDF Downloads 9226824 Jurisdictional Issues between Competition Law and Data Protection Law in Protection of Privacy of Online Consumers
Authors: Pankhudi Khandelwal
Abstract:
The revenue models of digital giants such as Facebook and Google, use targeted advertising for revenues. Such a model requires huge amounts of consumer data. While the data protection law deals with the protection of personal data, however, this data is acquired by the companies on the basis of consent, performance of a contract, or legitimate interests. This paper analyses the role that competition law can play in evading these loopholes for the protection of data and privacy of online consumers. Digital markets have certain distinctive features such as network effects and feedback loop, which gives incumbents of these markets a first-mover advantage. This creates a situation where the winner takes it all, thus creating entry barriers and concentration in the market. It has been also seen that this dominant position is then used by the undertakings for leveraging in other markets. This can be harmful to the consumers in form of less privacy, less choice, and stifling innovation, as seen in the cases of Facebook Cambridge Analytica, Google Shopping, and Google Android. Therefore, the article aims to provide a legal framework wherein the data protection law and competition law can come together to provide a balance in regulating digital markets. The issue has become more relevant in light of the Facebook decision by German competition authority, where it was held that Facebook had abused its dominant position by not complying with data protection rules, which constituted an exploitative practice. The paper looks into the jurisdictional boundaries that the data protection and competition authorities can work from and suggests ex ante regulation through data protection law and ex post regulation through competition law. It further suggests a change in the consumer welfare standard where harm to privacy should be considered as an indicator of low quality.Keywords: data protection, dominance, ex ante regulation, ex post regulation
Procedia PDF Downloads 18026823 Regulation on the Protection of Personal Data Versus Quality Data Assurance in the Healthcare System Case Report
Authors: Elizabeta Krstić Vukelja
Abstract:
Digitization of personal data is a consequence of the development of information and communication technologies that create a new work environment with many advantages and challenges, but also potential threats to privacy and personal data protection. Regulation (EU) 2016/679 of the European Parliament and of the Council is becoming a law and obligation that should address the issues of personal data protection and information security. The existence of the Regulation leads to the conclusion that national legislation in the field of virtual environment, protection of the rights of EU citizens and processing of their personal data is insufficiently effective. In the health system, special emphasis is placed on the processing of special categories of personal data, such as health data. The healthcare industry is recognized as a particularly sensitive area in which a large amount of medical data is processed, the digitization of which enables quick access and quick identification of the health insured. The protection of the individual requires quality IT solutions that guarantee the technical protection of personal categories. However, the real problems are the technical and human nature and the spatial limitations of the application of the Regulation. Some conclusions will be drawn by analyzing the implementation of the basic principles of the Regulation on the example of the Croatian health care system and comparing it with similar activities in other EU member states.Keywords: regulation, healthcare system, personal dana protection, quality data assurance
Procedia PDF Downloads 3826822 Democracy Bytes: Interrogating the Exploitation of Data Democracy by Radical Terrorist Organizations
Authors: Nirmala Gopal, Sheetal Bhoola, Audecious Mugwagwa
Abstract:
This paper discusses the continued infringement and exploitation of data by non-state actors for destructive purposes, emphasizing radical terrorist organizations. It will discuss how terrorist organizations access and use data to foster their nefarious agendas. It further examines how cybersecurity, designed as a tool to curb data exploitation, is ineffective in raising global citizens' concerns about how their data can be kept safe and used for its acquired purpose. The study interrogates several policies and data protection instruments, such as the Data Protection Act, Cyber Security Policies, Protection of Personal Information(PPI) and General Data Protection Regulations (GDPR), to understand data use and storage in democratic states. The study outcomes point to the fact that international cybersecurity and cybercrime legislation, policies, and conventions have not curbed violations of data access and use by radical terrorist groups. The study recommends ways to enhance cybersecurity and reduce cyber risks using democratic principles.Keywords: cybersecurity, data exploitation, terrorist organizations, data democracy
Procedia PDF Downloads 20326821 The Feminism of Data Privacy and Protection in Africa
Authors: Olayinka Adeniyi, Melissa Omino
Abstract:
The field of data privacy and data protection in Africa is still an evolving area, with many African countries yet to enact legislation on the subject. While African Governments are bringing their legislation to speed in this field, how patriarchy pervades every sector of African thought and manifests in society needs to be considered. Moreover, the laws enacted ought to be inclusive, especially towards women. This, in a nutshell, is the essence of data feminism. Data feminism is a new way of thinking about data science and data ethics that is informed by the ideas of intersectional feminism. Feminising data privacy and protection will involve thinking women, considering women in the issues of data privacy and protection, particularly in legislation, as is the case in this paper. The line of thought of women inclusion is not uncommon when even international and regional human rights specific for women only came long after the general human rights. The consideration is that these should have been inserted or rather included in the original general instruments in the first instance. Since legislation on data privacy is coming in this century, having seen the rights and shortcomings of earlier instruments, then the cue should be taken to ensure inclusive wholistic legislation for data privacy and protection in the first instance. Data feminism is arguably an area that has been scantily researched, albeit a needful one. With the spate of increase in the violence against women spiraling in the cyber world, compounding the issue of COVID-19 and the needful response of governments, and the effect of these on women and their rights, fast forward, the research on the feminism of data privacy and protection in Africa becomes inevitable. This paper seeks to answer the questions, what is data feminism in the African context, why is it important in the issue of data privacy and protection legislation; what are the laws, if any, existing on data privacy and protection in Africa, are they women inclusive, if not, why; what are the measures put in place for the privacy and protection of women in Africa, and how can this be made possible. The paper aims to investigate the issue of data privacy and protection in Africa, the legal framework, and the protection or provision that it has for women if any. It further aims to research the importance and necessity of feminizing data privacy and protection, the effect of lack of it, the challenges or bottlenecks in attaining this feat and the possibilities of accessing data privacy and protection for African women. The paper also researches the emerging practices of data privacy and protection of women in other jurisprudences. It approaches the research through the methodology of review of papers, analysis of laws, and reports. It seeks to contribute to the existing literature in the field and is explorative in its suggestion. It suggests a draft of some clauses to make any data privacy and protection legislation women inclusive. It would be useful for policymaking, academic, and public enlightenment.Keywords: feminism, women, law, data, Africa
Procedia PDF Downloads 20526820 Challenges in Providing Protection to the Conflict-Affected Refugee Children in Pakistan: A Critical Analysis of the 1951 Refugee Convention
Authors: Faiz Bakhsh, Tahira Yasmeen
Abstract:
The Afghan refugee children in Pakistan are considered as the most vulnerable persons in danger of being abused and treated badly as compared to the minimum criteria of the protection of refugee children under 1951 refugee convention. This paper explores the impact of the 1951 refugee convention on the protection of refugee children, affected by the armed conflict in Afghanistan, residing in refugee camps in Pakistan. Despite, protection available under Refugee Convention, there exist millions of refugees in the world, including a huge portion of women and children, that remain unprotected, and their protection remains a challenging task for the world community. This study investigates the status and number of refugees in Pakistan, especially children; protection and assistance of refugees under Refugee Convention; protection of the rights of refugee children in Pakistan; and implementation of the rules of Refugee Convention relating refugee children in Pakistan and measures for the protection of refugee children in Pakistan. This socio-legal study utilizes a qualitative research approach and applies mixed methods of data collection. The primary data is collected through the interpretation of the legal framework available for the protection of refugees as well as domestic laws of Pakistan. The secondary data is collected through previous studies available on the same topic. The result of this study indicates that lack of proper implementation of the rules, of the Refugee Convention, relating protection of refugee children cause sufferings to refugee children including the provision of basic health, nutrition, family life, education and protection from child abuse. Pakistan needs a comprehensive domestic legal framework for the protection of refugees, especially refugee children. Moreover, the government of Pakistan with the help of the United Nations High Commissioner for Refugees (UNHCR) must prioritize the protection of Afghan refugee children as per standard criteria provided by the refugee convention 1951.Keywords: refugee children, refugee convention, armed conflict, Pakistan
Procedia PDF Downloads 15926819 The Impact of the General Data Protection Regulation on Human Resources Management in Schools
Authors: Alexandra Aslanidou
Abstract:
The General Data Protection Regulation (GDPR), concerning the protection of natural persons within the European Union with regard to the processing of personal data and on the free movement of such data, became applicable in the European Union (EU) on 25 May 2018 and transformed the way personal data were being treated under the Data Protection Directive (DPD) regime, generating sweeping organizational changes to both public sector and business. A social practice that is considerably influenced in the way of its day-to-day operations is Human Resource (HR) management, for which the importance of GDPR cannot be underestimated. That is because HR processes personal data coming in all shapes and sizes from many different systems and sources. The significance of the proper functioning of an HR department, specifically in human-centered, service-oriented environments such as the education field, is decisive due to the fact that HR operations in schools, conducted effectively, determine the quality of the provided services and consequently have a considerable impact on the success of the educational system. The purpose of this paper is to analyze the decisive role that GDPR plays in HR departments that operate in schools and in order to practically evaluate the aftermath of the Regulation during the first months of its applicability; a comparative use cases analysis in five highly dynamic schools, across three EU Member States, was attempted.Keywords: general data protection regulation, human resource management, educational system
Procedia PDF Downloads 10026818 The Right to Data Portability and Its Influence on the Development of Digital Services
Authors: Roman Bieda
Abstract:
The General Data Protection Regulation (GDPR) will come into force on 25 May 2018 which will create a new legal framework for the protection of personal data in the European Union. Article 20 of GDPR introduces a right to data portability. This right allows for data subjects to receive the personal data which they have provided to a data controller, in a structured, commonly used and machine-readable format, and to transmit this data to another data controller. The right to data portability, by facilitating transferring personal data between IT environments (e.g.: applications), will also facilitate changing the provider of services (e.g. changing a bank or a cloud computing service provider). Therefore, it will contribute to the development of competition and the digital market. The aim of this paper is to discuss the right to data portability and its influence on the development of new digital services.Keywords: data portability, digital market, GDPR, personal data
Procedia PDF Downloads 47226817 Regulating User Experience Design, in the European Union, as a Way to Narrow Down the Gap Between Consumers’ Protection and Algorithms Employment
Authors: Prisecaru Diana-Sorina
Abstract:
The paper will show that, while the EU legislator tackled a series of UX patterns used in e-commerce to induce the consumers take actions that they would not normally undertake, it leaves out many other aspects related to misuse or poor UX design that adversely affect EU consumers. Further, the paper proposes a reevaluation of the regulatory addressability of the issue and hand and focuses on explaining why a joint strategy, based on the interplay between provisions aiming consumer protection and personal data protection is the key approach to this matter.Keywords: algorithms, consumer protection, European Union, user experience design
Procedia PDF Downloads 13626816 Food Consumer Protection in Moroccan Legal System: A Systematic Review
Authors: Bouchaib Gazzaz, Mounir Mehdi
Abstract:
In order to ensure consumer food protection, the food industry has a legal obligation to provide food products that comply with the requirements of the legislation in force. National regulations in this area occupy an important place in the food control system in terms of consumer protection. This article discusses the legal and regulatory framework of food safety and consumer protection in Moroccan law. We used the doctrinal research approach by analyzing the judicial normative and bibliographic legal research. As a result, we were able to present the basic principles of consumer food protection by showing to what extent the food safety law provides effective consumer protection in Morocco. We have concluded that there is an impact -in terms of consumer legal protection- of food law reform on the concept of food safety.Keywords: food safety, Morocco, consumer protection, framework, food law
Procedia PDF Downloads 23826815 Analysis of SCR-Based ESD Protection Circuit on Holding Voltage Characteristics
Authors: Yong Seo Koo, Jong Ho Nam, Yong Nam Choi, Dae Yeol Yoo, Jung Woo Han
Abstract:
This paper presents a silicon controller rectifier (SCR) based ESD protection circuit for IC. The proposed ESD protection circuit has low trigger voltage and high holding voltage compared with conventional SCR ESD protection circuit. Electrical characteristics of the proposed ESD protection circuit are simulated and analyzed using TCAD simulator. The proposed ESD protection circuit verified effective low voltage ESD characteristics with low trigger voltage and high holding voltage.Keywords: electro-static discharge (ESD), silicon controlled rectifier (SCR), holding voltage, protection circuit
Procedia PDF Downloads 37826814 The Effect of General Data Protection Regulation on South Asian Data Protection Laws
Authors: Sumedha Ganjoo, Santosh Goswami
Abstract:
The rising reliance on technology places national security at the forefront of 21st-century issues. It complicates the efforts of emerging and developed countries to combat cyber threats and increases the inherent risk factors connected with technology. The inability to preserve data securely might have devastating repercussions on a massive scale. Consequently, it is vital to establish national, regional, and global data protection rules and regulations that penalise individuals who participate in immoral technology usage and exploit the inherent vulnerabilities of technology. This study paper seeks to analyse GDPR-inspired Bills in the South Asian Region and determine their suitability for the development of a worldwide data protection framework, considering that Asian countries are much more diversified than European ones. In light of this context, the objectives of this paper are to identify GDPR-inspired Bills in the South Asian Region, identify their similarities and differences, as well as the obstacles to developing a regional-level data protection mechanism, thereby satisfying the need to develop a global-level mechanism. Due to the qualitative character of this study, the researcher did a comprehensive literature review of prior research papers, journal articles, survey reports, and government publications on the aforementioned topics. Taking into consideration the survey results, the researcher conducted a critical analysis of the significant parameters highlighted in the literature study. Many nations in the South Asian area are in the process of revising their present data protection measures in accordance with GDPR, according to the primary results of this study. Consideration is given to the data protection laws of Thailand, Malaysia, China, and Japan. Significant parallels and differences in comparison to GDPR have been discussed in detail. The conclusion of the research analyses the development of various data protection legislation regimes in South Asia.Keywords: data privacy, GDPR, Asia, data protection laws
Procedia PDF Downloads 8126813 Design Considerations on Cathodic Protection for X65 Steel Tank Containing Fresh Water
Authors: A. M. Al-Sabagh, M. A. Deyab, M. N. Kroush
Abstract:
The present study focused on critical and detailed approach for using aluminum electrode as impressed current anode for cathodic protection of X65 steel tank containing fresh water. The impressed current design calculation showed 0.6 A of current demand and voltage of 0.33 V required to adequately protect the X65 steel tank with internal surface area of 421 m². We used here one transformer rectifier with current and voltage output of 25 A and 25 V, respectively. The data showed that the potentials ranged from -0.474 to -0.509 V (vs. Cu/CuSO₄), prior to the application of cathodic protection. When the potential was measured 1 h after the application of cathodic protection, the potential values showed considerable shift within protection range (-0.950 V vs. Cu/CuSO₄). The results confirmed that aluminum anode can be used in freshwater applications with high efficiency (current capacity) and low consumption rate.Keywords: cathodic protection, aluminum, steel, fresh water
Procedia PDF Downloads 15326812 Techno-Economic Analysis of Solar Energy for Cathodic Protection of Oil and Gas Buried Pipelines in Southwestern of Iran
Authors: M. Goodarzi, M. Mohammadi, A. Gharib
Abstract:
Solar energy is a renewable energy which has attracted special attention in many countries. Solar cathodic protectionsystems harness the sun’senergy to protect underground pipelinesand tanks from galvanic corrosion. The object of this study is to design and the economic analysis a cathodic protection system by impressed current supplied with solar energy panels applied to underground pipelines. In the present study, the technical and economic analysis of using solar energy for cathodic protection system in southwestern of Iran (Khuzestan province) is investigated. For this purpose, the ecological conditions such as the weather data, air clearness and sunshine hours are analyzed. The economic analyses were done using computer code to investigate the feasibility analysis from the using of various energy sources in order to cathodic protection system. The overall research methodology is divided into four components: Data collection, design of elements, techno economical evaluation, and output analysis. According to the results, solar renewable energy systems can supply adequate power for cathodic protection system purposes.Keywords: renewable energy, solar energy, solar cathodic protection station, lifecycle cost method
Procedia PDF Downloads 54126811 Efficient Backup Protection for Hybrid WDM/TDM GPON System
Authors: Elmahdi Mohammadine, Ahouzi Esmail, Najid Abdellah
Abstract:
This contribution aims to present a new protected hybrid WDM/TDM PON architecture using Wavelength Selective Switches and Optical Line Protection devices. The objective from using these technologies is to improve flexibility and enhance the protection of GPON networks.Keywords: Wavlenght Division Multiplexed Passive Optical Network (WDM-PON), Time Division Multiplexed PON (TDM-PON), architecture, Protection, Wavelength Selective Switches (WSS), Optical Line Protection (OLP)
Procedia PDF Downloads 54126810 Application of Blockchain Technology in Geological Field
Authors: Mengdi Zhang, Zhenji Gao, Ning Kang, Rongmei Liu
Abstract:
Management and application of geological big data is an important part of China's national big data strategy. With the implementation of a national big data strategy, geological big data management becomes more and more critical. At present, there are still a lot of technology barriers as well as cognition chaos in many aspects of geological big data management and application, such as data sharing, intellectual property protection, and application technology. Therefore, it’s a key task to make better use of new technologies for deeper delving and wider application of geological big data. In this paper, we briefly introduce the basic principle of blockchain technology at the beginning and then make an analysis of the application dilemma of geological data. Based on the current analysis, we bring forward some feasible patterns and scenarios for the blockchain application in geological big data and put forward serval suggestions for future work in geological big data management.Keywords: blockchain, intellectual property protection, geological data, big data management
Procedia PDF Downloads 8726809 Regulating Issues concerning Data Protection in Cloud Computing: Developing a Saudi Approach
Authors: Jumana Majdi Qutub
Abstract:
Rationale: Cloud computing has rapidly developed the past few years. Because of the importance of providing protection for personal data used in cloud computing, the role of data protection in promoting trust and confidence in users’ data has become an important policy priority. This research examines key regulatory challenges rose by the growing use and importance of cloud computing with focusing on protection of individuals personal data. Methodology: Describing and analyzing governance challenges facing policymakers and industry in Saudi Arabia, with an account of anticipated governance responses. The aim of the research is to describe and define the regulatory challenges on cloud computing for policy making in Saudi Arabia and comparing it with potential complied issues rose in respect of transported data to EU member state. In addition, it discusses information privacy issues. Finally, the research proposes policy recommendation that would resolve concerns surrounds the privacy and effectiveness of clouds computing frameworks for data protection. Results: There are still no clear regulation in Saudi Arabia specialized in legalizing cloud computing and specialty regulations in transferring data internationally and locally. Decision makers need to review the applicable law in Saudi Arabia that protect information in cloud computing. This should be from an international and a local view in order to identify all requirements surrounding this area. It is important to educate cloud computing users about their information value and rights before putting it in the cloud to avoid further legal complications, such as making an educational program to prevent giving personal information to a bank employee. Therefore, with many kinds of cloud computing services, it is important to have it covered by the law in all aspects.Keywords: cloud computing, cyber crime, data protection, privacy
Procedia PDF Downloads 25826808 Data Protection, Data Privacy, Research Ethics in Policy Process Towards Effective Urban Planning Practice for Smart Cities
Authors: Eugenio Ferrer Santiago
Abstract:
The growing complexities of the modern world on high-end gadgets, software applications, scams, identity theft, and Artificial Intelligence (AI) make the “uninformed” the weak and vulnerable to be victims of cybercrimes. Artificial Intelligence is not a new thing in our daily lives; the principles of database management, logical programming, and garbage in and garbage out are all connected to AI. The Philippines had in place legal safeguards against the abuse of cyberspace, but self-regulation of key industry players and self-protection by individuals are primordial to attain the success of these initiatives. Data protection, Data Privacy, and Research Ethics must work hand in hand during the policy process in the course of urban planning practice in different environments. This paper focuses on the interconnection of data protection, data privacy, and research ethics in coming up with clear-cut policies against perpetrators in the urban planning professional practice relevant in sustainable communities and smart cities. This paper shall use expository methodology under qualitative research using secondary data from related literature, interviews/blogs, and the World Wide Web resources. The claims and recommendations of this paper will help policymakers and implementers in the policy cycle. This paper shall contribute to the body of knowledge as a simple treatise and communication channel to the reading community and future researchers to validate the claims and start an intellectual discourse for better knowledge generation for the good of all in the near future.Keywords: data privacy, data protection, urban planning, research ethics
Procedia PDF Downloads 5726807 Distance Protection Performance Analysis
Authors: Abdelsalam Omar
Abstract:
This paper presents simulation-based case study that indicate the need for accurate dynamic modeling of distance protection relay. In many cases, a static analysis based on current and voltage phasors may be sufficient to assess the performance of distance protection. There are several circumstances under which such a simplified study does not provide the depth of analysis necessary to obtain accurate results, however. This letter present study of the influences of magnetizing inrush and power swing on the performance of distance protection relay. One type of numerical distance protection relay has been investigated: 7SA511. The study has been performed in order to demonstrate the relay response when dynamic model of distance relay is utilized.Keywords: distance protection, magnitizing inrush, power swing, dynamic model of protection relays, simulatio
Procedia PDF Downloads 48826806 Analyzing the Risk Based Approach in General Data Protection Regulation: Basic Challenges Connected with Adapting the Regulation
Authors: Natalia Kalinowska
Abstract:
The adoption of the General Data Protection Regulation, (GDPR) finished the four-year work of the European Commission in this area in the European Union. Considering far-reaching changes, which will be applied by GDPR, the European legislator envisaged two-year transitional period. Member states and companies have to prepare for a new regulation until 25 of May 2018. The idea, which becomes a new look at an attitude to data protection in the European Union is risk-based approach. So far, as a result of implementation of Directive 95/46/WE, in many European countries (including Poland) there have been adopted very particular regulations, specifying technical and organisational security measures e.g. Polish implementing rules indicate even how long password should be. According to the new approach from May 2018, controllers and processors will be obliged to apply security measures adequate to level of risk associated with specific data processing. The risk in GDPR should be interpreted as the likelihood of a breach of the rights and freedoms of the data subject. According to Recital 76, the likelihood and severity of the risk to the rights and freedoms of the data subject should be determined by reference to the nature, scope, context and purposes of the processing. GDPR does not indicate security measures which should be applied – in recitals there are only examples such as anonymization or encryption. It depends on a controller’s decision what type of security measures controller considered as sufficient and he will be responsible if these measures are not sufficient or if his identification of risk level is incorrect. Data protection regulation indicates few levels of risk. Recital 76 indicates risk and high risk, but some lawyers think, that there is one more category – low risk/now risk. Low risk/now risk data processing is a situation when it is unlikely to result in a risk to the rights and freedoms of natural persons. GDPR mentions types of data processing when a controller does not have to evaluate level of risk because it has been classified as „high risk” processing e.g. processing on a large scale of special categories of data, processing with using new technologies. The methodology will include analysis of legal regulations e.g. GDPR, the Polish Act on the Protection of personal data. Moreover: ICO Guidelines and articles concerning risk based approach in GDPR. The main conclusion is that an appropriate risk assessment is a key to keeping data safe and avoiding financial penalties. On the one hand, this approach seems to be more equitable, not only for controllers or processors but also for data subjects, but on the other hand, it increases controllers’ uncertainties in the assessment which could have a direct impact on incorrect data protection and potential responsibility for infringement of regulation.Keywords: general data protection regulation, personal data protection, privacy protection, risk based approach
Procedia PDF Downloads 25126805 A Biometric Template Security Approach to Fingerprints Based on Polynomial Transformations
Authors: Ramon Santana
Abstract:
The use of biometric identifiers in the field of information security, access control to resources, authentication in ATMs and banking among others, are of great concern because of the safety of biometric data. In the general architecture of a biometric system have been detected eight vulnerabilities, six of them allow obtaining minutiae template in plain text. The main consequence of obtaining minutia templates is the loss of biometric identifier for life. To mitigate these vulnerabilities several models to protect minutiae templates have been proposed. Several vulnerabilities in the cryptographic security of these models allow to obtain biometric data in plain text. In order to increase the cryptographic security and ease of reversibility, a minutiae templates protection model is proposed. The model aims to make the cryptographic protection and facilitate the reversibility of data using two levels of security. The first level of security is the data transformation level. In this level generates invariant data to rotation and translation, further transformation is irreversible. The second level of security is the evaluation level, where the encryption key is generated and data is evaluated using a defined evaluation function. The model is aimed at mitigating known vulnerabilities of the proposed models, basing its security on the impossibility of the polynomial reconstruction.Keywords: fingerprint, template protection, bio-cryptography, minutiae protection
Procedia PDF Downloads 16926804 Exploring the Intersection Between the General Data Protection Regulation and the Artificial Intelligence Act
Authors: Maria Jędrzejczak, Patryk Pieniążek
Abstract:
The European legal reality is on the eve of significant change. In European Union law, there is talk of a “fourth industrial revolution”, which is driven by massive data resources linked to powerful algorithms and powerful computing capacity. The above is closely linked to technological developments in the area of artificial intelligence, which has prompted an analysis covering both the legal environment as well as the economic and social impact, also from an ethical perspective. The discussion on the regulation of artificial intelligence is one of the most serious yet widely held at both European Union and Member State level. The literature expects legal solutions to guarantee security for fundamental rights, including privacy, in artificial intelligence systems. There is no doubt that personal data have been increasingly processed in recent years. It would be impossible for artificial intelligence to function without processing large amounts of data (both personal and non-personal). The main driving force behind the current development of artificial intelligence is advances in computing, but also the increasing availability of data. High-quality data are crucial to the effectiveness of many artificial intelligence systems, particularly when using techniques involving model training. The use of computers and artificial intelligence technology allows for an increase in the speed and efficiency of the actions taken, but also creates security risks for the data processed of an unprecedented magnitude. The proposed regulation in the field of artificial intelligence requires analysis in terms of its impact on the regulation on personal data protection. It is necessary to determine what the mutual relationship between these regulations is and what areas are particularly important in the personal data protection regulation for processing personal data in artificial intelligence systems. The adopted axis of considerations is a preliminary assessment of two issues: 1) what principles of data protection should be applied in particular during processing personal data in artificial intelligence systems, 2) what regulation on liability for personal data breaches is in such systems. The need to change the regulations regarding the rights and obligations of data subjects and entities processing personal data cannot be excluded. It is possible that changes will be required in the provisions regarding the assignment of liability for a breach of personal data protection processed in artificial intelligence systems. The research process in this case concerns the identification of areas in the field of personal data protection that are particularly important (and may require re-regulation) due to the introduction of the proposed legal regulation regarding artificial intelligence. The main question that the authors want to answer is how the European Union regulation against data protection breaches in artificial intelligence systems is shaping up. The answer to this question will include examples to illustrate the practical implications of these legal regulations.Keywords: data protection law, personal data, AI law, personal data breach
Procedia PDF Downloads 6426803 Cybervetting and Online Privacy in Job Recruitment – Perspectives on the Current and Future Legislative Framework Within the EU
Authors: Nicole Christiansen, Hanne Marie Motzfeldt
Abstract:
In recent years, more and more HR professionals have been using cyber-vetting in job recruitment in an effort to find the perfect match for the company. These practices are growing rapidly, accessing a vast amount of data from social networks, some of which is privileged and protected information. Thus, there is a risk that the right to privacy is becoming a duty to manage your private data. This paper investigates to which degree a job applicant's fundamental rights are protected adequately in current and future legislation in the EU. This paper argues that current data protection regulations and forthcoming regulations on the use of AI ensure sufficient protection. However, even though the regulation on paper protects employees within the EU, the recruitment sector may not pay sufficient attention to the regulation as it not specifically targeting this area. Therefore, the lack of specific labor and employment regulation is a concern that the social partners should attend to.Keywords: AI, cyber vetting, data protection, job recruitment, online privacy
Procedia PDF Downloads 8526802 Lightning Protection Design Applied to Sustainable Development
Authors: Sylvain Fauveaux, T. Nowicki
Abstract:
Lightning protection is nowadays applied worldwide since the advent of international standards. Lightning protection is widely justified by the casualties and damages involved. As a matter of fact, the lightning business is constantly growing as more and more sensible areas need to be protected. However, the worldwide demand of copper materiel is increasing as well, its price too. Furthermore, the most frequently used method of protection is consuming a lot of copper. The copper production is also consuming a large amount of natural and power resources, not to mention the ecologic balance.Keywords: ESEAT, Lightning protection , natural resources management, NF C 17-102, sustainable development
Procedia PDF Downloads 16126801 Pilot Directional Protection Scheme Using Wireless Communication
Authors: Nitish Sharma, G. G. Karady
Abstract:
This paper presents a scheme for the protection of loop system from all type of faults using the direction of fault current. The presence of distributed generation in today’s system increases the complexity of fault detection as the power flow is bidirectional. Hence, protection scheme specific to this purpose needs to be developed. This paper shows a fast protection scheme using communication which can be fiber optic or wireless. In this paper, the possibility of wireless communication for protection is studied to exchange the information between the relays. The negative sequence and positive sequence directional elements are used to determine the direction of fault current. A PSCAD simulation is presented and validated using commercial SEL relays.Keywords: smart grid protection, pilot protection, power system simulation, wireless communication
Procedia PDF Downloads 63526800 The Relationship Between Policy Design and Poverty Reduction: The Case of Ghana
Authors: Joseph Kwame Sarfo-Adu
Abstract:
Social protection programs have been rolled out by successive governments in the quest of bridging the inequality gap in Ghana. Despite notable positive impacts of these programs across the country, there still remains worrying experience of the exclusion of the poor and vulnerable especially in rural Ghana Notwithstanding the rhetoric of participation within the discussion of social protection programs, less attention has been given to the design of these programs. In view of this, the study seeks to address how social protection programs are designed to address the needs of the poor. This study focused on five selected social protection programs in Ghana because they are programs with nationwide coverage. Qualitative thematic analysis was applied to analyze our data with the use of the Nvivo 12 version. We found out that there is a strong link between policy design and poverty alleviation. Our findings revealed that a well-designed program can significantly alleviate poverty, a poorly designed program can create more damage.Keywords: social protection, poverty alleviation, policy design, effective outcome
Procedia PDF Downloads 16226799 The Use of Crisis Workplace Technology to Protect Communication Processes of Critical Infrastructure
Authors: Jiri Barta, Jiří F. Urbanek
Abstract:
This paper deals with a protection of the national and European infrastructure. It is issue nowadays. The paper deals with the perspectives and possibilities of "smart solutions" to critical infrastructure protection. The research project deals with computers aided technologies are used from the perspective of new, better protection of selected infrastructure objects. Protection is focused on communication and information channels. These communication and information channels are very important for the functioning of the system of protection of critical infrastructure elements.Keywords: interoperability, communication systems, controlling proces, critical infrastructure, crisis workplaces, continuity
Procedia PDF Downloads 29826798 Production Structures of Energy Based on Water Force, Its Infrastructure Protection, and Possible Causes of Failure
Authors: Gabriela-Andreea Despescu, Mădălina-Elena Mavrodin, Gheorghe Lăzăroiu, Florin Adrian Grădinaru
Abstract:
The purpose of this paper is to contribute to the enhancement of a hydroelectric plant protection by coordinating protection measures and existing security and introducing new measures under a risk management process. Also, the plan identifies key critical elements of a hydroelectric plant, from its level vulnerabilities and threats it is subjected to in order to achieve the necessary protection measures to reduce the level of risk.Keywords: critical infrastructure, risk analysis, critical infrastructure protection, vulnerability, risk management, turbine, impact analysis
Procedia PDF Downloads 546