L'utilisation des mégadonnée présente des problèmes juridiques importants, notamment en termes de protection des données. Le cadre juridique existant de l'Union européenne, basé notamment sur la Directive 46/95/CE et le Règlement général sur la protection des données (RGPD - en anglais : General Data Protection Regulation, GDPR) assurent une protection adéquate. Mais pour les mégadonnées, une stratégie globale et complète est nécessaire. L'évolution au fil du temps est passée du droit d'exclure les autres au droit de contrôler leurs propres (...) données et, à l'heure actuelle, à repenser le droit à l'identité (numérique). 10.13140/RG.2.2.35505.81766 . (shrink)

The use of Big Data presents significant legal problems, especially in terms of data protection. The existing legal framework of the European Union based in particular on the Directive no. 46/95/EC and the General Regulation on the Protection of Personal Data provide adequate protection. But for Big Data, a comprehensive and global strategy is needed. The evolution over time was from the right to exclude others to the right to control their own data and, at present, to the rethinking of (...) the right to (digital) identity. The General Data Protection Regulation, "GDPR" (Regulation EU 2016/679) deals with data protection and privacy of persons in the European Union and the European Economic Area. DOI: 10.13140/RG.2.2.29614.46400. (shrink)

In 2016, the European Parliament approved the General Data Protection Regulation (GDPR) whose core aim is the safeguarding of information privacy, and, by corollary, human dignity. Drawing on the field of philosophical anthropology, this paper analyses various interpretations of human dignity and human exceptionalism. It concludes that privacy is essential for humans to flourish and enable individuals to build a sense of self and the world.

Digital privacy scholars tend to bemoan ordinary people’s limited knowledge of and lukewarm interest in what happens to their digital data. This general lack of interest and knowledge is often taken as a consideration in favor of legislation aiming to force internet companies into adopting more responsible data practices. While we remain silent on whether any new laws are called for, in this paper we wish to underline a neglected consequence of people’s ignorance of and apathy for digital privacy: their (...) potential to encourage capture by industry interests. In particular, we argue that such laws may be at increased risk of capture because they are unlikely to be democratically responsive. We make this claim on a twofold basis: first, well-known theoretical mechanisms explaining how the absence of responsiveness leads to capture, identified in prior political science and political philosophy literature, yield the prediction that digital privacy legislation is likely to be unresponsive and thus captured; second, empirical data concerning the European Union’s digital privacy laws, with a special focus on the General Data Protection Regulation, appears to confirm these predictions: the bloc’s (world’s?) flagship privacy protection law seems more responsive to corporate than citizen interests. (shrink)

Since approval of the EU General Data Protection Regulation (GDPR) in 2016, it has been widely and repeatedly claimed that the GDPR will legally mandate a ‘right to explanation’ of all decisions made by automated or artificially intelligent algorithmic systems. This right to explanation is viewed as an ideal mechanism to enhance the accountability and transparency of automated decision-making. However, there are several reasons to doubt both the legal existence and the feasibility of such a right. In contrast (...) to the right to explanation of specific automated decisions claimed elsewhere, the GDPR only mandates that data subjects receive meaningful, but properly limited, information (Articles 13-15) about the logic involved, as well as the significance and the envisaged consequences of automated decision-making systems, what we term a ‘right to be informed’. Further, the ambiguity and limited scope of the ‘right not to be subject to automated decision-making’ contained in Article 22 (from which the alleged ‘right to explanation’ stems) raises questions over the protection actually afforded to data subjects. These problems show that the GDPR lacks precise language as well as explicit and well-defined rights and safeguards against automated decision-making, and therefore runs the risk of being toothless. We propose a number of legislative and policy steps that, if taken, may improve the transparency and accountability of automated decision-making when the GDPR comes into force in 2018. (shrink)

The COVID-19 pandemic demonstrated the benefits of international data sharing. Data sharing enabled the health care policy makers to make decisions based on real-time data, it enabled the tracking of the virus, and importantly it enabled the development of vaccines that were crucial to mitigating the impact of the virus. This data sharing is not the norm as data sharing needs to navigate complex ethical and legal rules, and in particular, the fragmented application of the General Data Protection Regulation ( (...) class='Hi'>GDPR). The introduction of the draft regulation for a European Health Data Space (EHDS) in May 2022 seeks to address some of these legal issues. If passed, it will create an obligation to share electronic health data for certain secondary purposes. While there is a clear need to address the legal complexities involved with data sharing, it is critical that any proposed reforms are in line with ethical principles and the expectations of the data subjects. In this paper we offer a critique of the EHDS and offer some recommendations for this evolving regulatory space. (shrink)

An increasing number of European research projects return, or plan to return, individual genomic research results (IRR) to participants. While data access is a data subject’s right under the General Data Protection Regulation (GDPR), and many legal and ethical guidelines allow or require participants to receive personal data generated in research, the practice of returning results is not straightforward and raises several practical and ethical issues. Existing guidelines focusing on return of IRR are mostly project-specific, only discuss which results (...) to return, or were developed outside Europe. To address this gap, we analysed existing normative documents identified online using inductive content analysis. We used this analysis to develop a checklist of steps to assist European researchers considering whether to return IRR to participants. We then sought feedback on the checklist from an interdisciplinary panel of European experts (clinicians, clinical researchers, population-based researchers, biobank managers, ethicists, lawyers and policy makers) to refine the checklist. The checklist outlines seven major components researchers should consider when determining whether, and how, to return results to adult research participants: 1) Decide which results to return; 2) Develop a plan for return of results; 3) Obtain participant informed consent; 4) Collect and analyse data; 5) Confirm results; 6) Disclose research results; 7) Follow-up and monitor. Our checklist provides a clear outline of the steps European researchers can follow to develop ethical and sustainable result return pathways within their own research projects. Further legal analysis is required to ensure this checklist complies with relevant domestic laws. (shrink)

The first few years of the 21st century were characterised by a progressive loss of privacy. Two phenomena converged to give rise to the data economy: the realisation that data trails from users interacting with technology could be used to develop personalised advertising, and a concern for security that led authorities to use such personal data for the purposes of intelligence and policing. In contrast to the early days of the data economy and internet surveillance, the last few years have (...) witnessed a rising concern for privacy. As bad data practices have come to light, citizens are starting to understand the real cost of using online digital technologies. Two events stamped 2018 as a landmark year for privacy: the Cambridge Analytica scandal, and the implementation of the European Union’s General Data Protection Regulation (GDPR). The former showed the extent to which personal data has been shared without data subjects’ knowledge and consent and many times for unacceptable purposes, such as swaying elections. The latter inaugurated the beginning of robust data protection regulation in the digital age. Getting privacy right is one of the biggest challenges of this new decade of the 21st century. The past year has shown that there is still much work to be done on privacy to tame the darkest aspects of the data economy. As data scandals continue to emerge, questions abound as to how to interpret and enforce regulation, how to design new and better laws, how to complement regulation with better ethics, and how to find technical solutions to data problems. The aim of the research project Data, Privacy, and the Individual is to contribute to a better understanding of the ethics of privacy and of differential privacy. The outcomes of the project are seven research papers on privacy, a survey, and this final report, which summarises each research paper, and goes on to offer a set of reflections and recommendations to implement best practices regarding privacy. (shrink)

Principalele probleme cu care se confruntă oamenii de știință în lucrul cu seturile mari de date (Big Data), evidențiind principale aspecte etice, luând în considerare inclusiv legislația din Uniunea Europeană. După o scurtă Introducere despre Big Data, secțiunea Tehnologia prezintă aplicațiile specifice în cercetare. Urmează o abordare a principalelor probleme filosofice specifice în Aspecte filosofice, și Aspecte legale cu evidențierea problemelor etice specifice din Regulamentul UE privind protecția datelor 2016/679 (General Data Protection Regulation, "GDPR"). Secțiunea Probleme etice detaliază aspectele (...) specifice generate de Big Data. După o scurtă secțiune Cercetarea Big Data, finalizez lucrarea cu prezentarea Concluziilor pentru etica cercetării în lucrul cu Big CUPRINS: Abstract 1. Introducere - 1.1 Definiții - 1.2 Dimensiunile Big Data 2. Tehnologia - 2.1 Aplicații - - 2.1.1 În cercetare 3. Aspecte filosofice 4 Aspecte legale - 4.1 GDPR - - Etapele procesării datelor personale - - Principiile procesării datelor - - Politica de confidențialitate și transparența - - Scopurile procesării datelor - - Confidențialitate prin design și implicită - - Paradoxul (legal) al Big Data 5. Probleme etice - Etica în cercetare - Conștientizarea - Consimțământul - Controlul - Transparența - Încrederea - Proprietatea - Supravegherea și securitatea - Identitatea digitală - Realitatea ajustată - De-anonimizarea - Inegalitatea digitală - Confidențialitatea 6. Cercetarea Big Data Concluzii Bibliografie DOI: 10.13140/RG.2.2.27629.33761 . (shrink)

In this chapter I identify three problems affecting the plausibility of group privacy and argue in favour of their resolution. The first problem concerns the nature of the groups in question. I shall argue that groups are neither discovered nor invented, but designed by the level of abstraction (LoA) at which a specific analysis of a social system is developed. Their design is therefore justified insofar as the purpose, guiding the choice of the LoA, is justified. This should remove the (...) objection that groups cannot have a right to privacy because groups are mere artefacts (there are no groups, only individuals) or that, even if there are groups, it is too difficult to deal with them. The second problem concerns the possibility of attributing rights to groups. I shall argue that the same logic of attribution of a right to individuals may be used to attribute a right to a group, provided one modifies the LoA and now treats the whole group itself as an individual. This should remove the objection that, even if groups exist and are manageable, they cannot be treated as holders of rights. The third problem concerns the possibility of attributing a right to privacy to groups. I shall argue that sometimes it is the group and only the group, not its members, that is correctly identified as the correct holder of a right to privacy. This should remove the objection that privacy, as a group right, is a right held not by a group as a group but rather by the group’s members severally. The solutions of the three problems supports the thesis that an interpretation of privacy in terms of a protection of the information that constitutes an individual—both in terms of a single person and in terms of a group—is better suited than other interpretations to make sense of group privacy. (shrink)

This dissertation consists of five chapters, each written as independent research papers that are unified by an overarching concern regarding information privacy and machine learning-based artificial intelligence (AI). This dissertation addresses the issues concerning privacy and AI by responding to the following three main research questions (RQs): RQ1. ‘How does an AI system affect privacy?’; RQ2. ‘How effectively does the General Data Protection Regulation (GDPR) assess and address privacy issues concerning both individuals and groups?’; and RQ3. ‘How can the (...) value of privacy be embedded into systems?’ -/- To respond to the RQs, this dissertation adopts the privacy impact assessment (PIA) as the overall methodology. A PIA encompasses three distinct stages; the first, the analytical stage, concerns the analysis of how AI (particularly focusing on inference as a process that includes inferred information, AI models’ performance, and accessing information uncovered by AI models) impacts privacy. Second, the legal assessment stage concerns whether AI that processes personal information and develops models complies with the GDPR. Finally, the design requirements stage features proposals for design requirements for systems aimed at protecting privacy. Accordingly, this dissertation is structured in three parts, each corresponding to a specific stage of a PIA and responding to one of the RQs. -/- Part I, which addresses the first stage of the PIA, comprises three chapters that altogether respond to RQ1. Chapter 2 analyses how AI impacts the descriptive aspect of privacy; this part argues that AI challenges the current definitions of privacy and that the ‘source control’ and ‘actual access’ definitions of privacy, once revised in the face of counter-examples involving inferred information, converge. Chapter 3, which considers how AI impacts the normative aspect of privacy, particularly the value of privacy, argues that AI affects the social value of privacy, which depends on trust, as this dimension of privacy is constituted when AI models perform accurately. Chapter 4 examines how AI impacts the normative aspect of privacy, particularly the right to privacy, and it argues that, although accessing information uncovered by AI models raises concerns about the privacy of algorithmically designed groups, the right to privacy cannot be recognised for such groups. This is the disruptive feature of AI that has led to consideration of new approaches other than the traditional one, which involves recognising the right to privacy, to protect the privacy of these groups. Instead of recognising the right to privacy for algorithmically designed groups, this chapter suggests taking a moral principle for the moral obligation of protecting vulnerable groups within an ethics of vulnerability. -/- Part II concerns the second stage of the PIA and consists of one chapter that responds to RQ2. Chapter 5, in addition to evaluating whether AI that processes personal information and develops models complies with the GDPR, also assesses whether the GDPR adequately addresses the privacy issues raised by AI. It specifically focuses on group privacy and argues that GDPR has limitations in protecting the privacy of algorithmically designed groups and that the privacy of such vulnerable entities must be considered in the context of privacy and data protection. -/- Part III, which is related to the third stage of the PIA, also consists of one chapter that responds to RQ3. Chapter 6 proposes design requirements to protect privacy by integrating privacy into systems and argues that privacy is instrumentally valuable for the sake of autonomy. Accordingly, to embed the value of privacy into systems, design requirements are articulated through the translation of norms that promote and protect autonomy. (shrink)

ABSTRACT: One important criticism of algorithmic systems is that they lack transparency. Such systems can be opaque because they are complex, protected by patent or trade secret, or deliberately obscure. In the EU, there is a debate about whether the General Data Protection Regulation (GDPR) contains a “right to explanation,” and if so what such a right entails. Our task in this chapter is to address this informational component of algorithmic systems. We argue that information access is integral for (...) respecting autonomy, and transparency policies should be tailored to advance autonomy. -/- To make this argument we distinguish two facets of agency (i.e., capacity to act). The first is practical agency, or the ability to act effectively according to one’s values. The second is what we call cognitive agency, which is the ability to exercise what Pamela Hieronymi calls “evaluative control” (i.e., the ability to control our affective states, such as beliefs, desires, and attitudes). We argue that respecting autonomy requires providing persons sufficient information to exercise evaluative control and properly interpret the world and one’s place in it. We draw this distinction out by considering algorithmic systems used in background checks, and we apply the view to key cases involving risk assessment in criminal justice decisions and K-12 teacher evaluation. -/- The link below is to an open access version of the chapter. (shrink)

The EDPS Ethics Advisory Group (EAG) has carried out its work against the backdrop of two significant social-political moments: a growing interest in ethical issues, both in the public and in the private spheres and the imminent entry into force of the General Data Protection Regulation (GDPR) in May 2018. For some, this may nourish a perception that the work of the EAG represents a challenge to data protection professionals, particularly to lawyers in the field, as well as to (...) companies struggling to adapt their processes and routines to the requirements of the GDPR. What is the purpose of a report on digital ethics, if the GDPR already provides all regulatory requirements to protect European citizens with regard to the processing of their personal data? Does the existence of this EAG mean that a new normative ethics of data protection will be expected to fill regulatory gaps in data protection law with more flexible, and thus less easily enforceable ethical rules? Does the work of the EAG signal a weakening of the foundation of legal doctrine, such as the rule of law, the theory of justice, or the fundamental values supporting human rights, and a strengthening of a more cultural approach to data protection? Not at all. The reflections of the EAG contained in this report are not intended as the continuation of policy by other means. It neither supersedes nor supplements the law or the work of legal practitioners. Its aims and means are different. On the one hand, the report seeks to map and analyse current and future paradigm shifts which are characterised by a general shift from analogue experience of human life to a digital one. On the other hand, and in light of this shift, it seeks to re-evaluate our understanding of the fundamental values most crucial to the well-being of people, those taken for granted in a data-driven society and those most at risk. The objective of this report is thus not to generate definitive answers, nor to articulate new norms for present and future digital societies but to identify and describe the most crucial questions for the urgent conversation to come. This requires a conversation between legislators and data protection experts, but also society at large - because the issues identified in this report concern us all, not only as citizens but also as individuals. They concern us in our daily lives, whether at home or at work and there isn’t a place we could travel to where they would cease to concern us as members of the human species. (shrink)

In this paper we propose an non-machine learning artificial intelligence (AI) based approach for telecom data analysis, with a special focus on clique detection. Clique detection can be used to identify households, which is a major challenge in telecom data analysis and predictive analytics. Our approach does not use any form of machine learning, but another type of algorithm: satisfiability for propositional logic. This is a neglected approach in modern AI, and we aim to demonstrate that for certain tasks, it (...) may be a good alternative to machine learning-based approaches. We have used a simple DPLL satisfiability solver over an artificially generated telecom dataset (due to GDPR regulations), but our approach can be implemented on any telecom data by following the SAT encoding we have developed, and the DPLL solver can be substituted by a more advanced alternative such as CDCL. This paper extends the method presented in [1] for banking logs to data containing caller information, and proposes a more efficient encoding. -/- . (shrink)

The aim of this workshop was to ask potential end-users of the citizens’ information pack on legal and ethical issues around ICTs the following questions: What is your knowledge of the EU’s General Data Protection Regulation, and what actions have you taken in response to these regulations? What challenges are you experiencing in ensuring the protection and security of your project data, and compliance with the GDPR, within existing data management processes/systems? What information/tools/resources do you need to overcome these (...) challenges? What are the best formats/channels for receiving, sharing and acting upon this information? What is the most appropriate structure/format for the citizens’ information pack? (shrink)

ICTs, personal data, digital rights, the GDPR, data privacy, online security… these terms, and the concepts behind them, are increasingly common in our lives. Some of us may be familiar with them, but others are less aware of the growing role of ICTs and data in our lives - and the potential risks this creates. These risks are even more pronounced for vulnerable groups in society. People can be vulnerable in different, often overlapping, ways, which place them at a (...) disadvantage to the majority of citizens; Table 3 in this guide presents some of the many forms and causes of vulnerability. As a result, vulnerable people need greater support to navigate the digital world, and to ensure that they are able to exercise their rights. This guide explains where such support can be found, and also answers the following questions: - What are the main ethical and legal issues around ICTs for vulnerable citizens? - Who is vulnerable in Europe? - How do issues around ICTs affect vulnerable people in particular? This guide is a resource for members of vulnerable groups, people who work with vulnerable groups, and citizens more broadly. It is also useful for data controllers1 who collect data about vulnerable citizens. While focused on citizens in Europe, it may be of interest to people in other parts of the world. It forms part of the Citizens’ Information Pack produced by the PANELFIT project, and is available in English, French, German, Italian and Spanish. You are welcome to translate this guide into other languages. Please send us a link to online versions in other languages, so that we can add them to the project website. (shrink)

To create fair and accountable AI and robotics, we need precise regulation and better methods to certify, explain, and audit inscrutable systems.

Odată cu creșterea volumului de date pe Internet, în media socială, cloud computing, dispozitive mobile și date guvernamentale, Big Data devine în același timp o amenințare și o oportunitate în ceea ce privește gestionarea și utilizarea acestor date, menținând în același timp drepturile persoanelor implicate. În fiecare zi, folosim și generăm tone de date, alimentând bazele de date ale agențiilor guvernamentale, companiilor private și chiar cetățenilor privați. Beneficiem în multe feluri de existența și utilizarea Big Data, dar trebuie să ne (...) amintim de asemenea că „nu există nimic gratuit”. Există riscuri în utilizarea Big Data, un fel de parte întunecată. Schimbările de piață pot fi obținute prin utilizarea Big Data: în timp ce acestea pot fi pozitive pentru cineva, ele pot dăuna altcuiva. Riscurile potențiale provin și de la agențiile publice. Este clar că datele mari pot aduce beneficii cetățenilor și companiilor, dar trebuie să fie echilibrate de o conștientizare sporită a „părții întunecate” a Big Data în exploatarea noilor capacități și oportunități pe care le oferă tuturor . -/- CUPRINS -/- 1. Big Data - Definiție - Caracteristici - Clasificarea datelor mari - Arhitectura - Tehnologii - Oportunități - Provocări - Critici - - Criticile paradigmei Big Data - - Criticile modelului "V" - - Criticile de noutate - - Criticile execuției Big Data - 1.1 Viața datelor mari - - Nașterea - - Copilăria - - - Educație - - - Divertisment - - Adolescența - - - Servicii online - - - Comunicații mobile - - - Servicii de streaming - - Adulți tineri - - - Căutarea de locuri de muncă - - - Servicii bancare și asigurări - - - Utilități - - - Dating online și pornografie - - Vârsta medie - - - Servicii de sănătate - - - Aplicații pentru îngrijire și aplicații pentru sănătate și fitness - - - Căutarea de locuri de muncă - - - Dating online - - Bătrânețea - - - Îngrijirea sănătății - - Moartea - 1.2 Aplicații - - Guvern - - Dezvoltare internațională - - Fabrici - - Sănătate - - Educaţie - - Mass-media - - Asigurare - - Internetul obiectelor (IoT) - - Tehnologia informației - 1.3 Studii de caz - - Guvern - - - China - - - India - - - Israel - - - Regatul Unit - - - Statele Unite ale Americii - - Cu amănuntul - - Ştiinţă - - Sport - - Tehnologie - - Activități de cercetare - - - Prelevarea de date mari - 1.4 Agenda europeană privind societatea digitală - - Cadrul juridic - - Peisajul opiniei părților interesate - 1.5 GDPR - - Etapele procesării datelor personale - - Principiile procesării datelor - - Politica de confidențialitate și transparența - - Scopurile procesării datelor - - Confidențialitate prin design și implicită - - - Paradoxul (legal) al Big Data - - Domeniul teritorial al GDPR - - Definirea datelor mari, a datelor personale și a datelor anonime - - Etapele procesării datelor cu caracter personal - - Principii de prelucrare a datelor - - Politica de confidențialitate și Transparența - - Scopuri de prelucrare a datelor - - Confidențialitate prin design și confidențialitate în mod implicit - - Paradoxul (legal) al datelor mari 2. Analiza Big Data - 2.1 Analitica - - Analitica vs. analiză - - Aplicații ale analiticii - - - Optimizarea marketingului - - - Analiza oamenilor - - - Analiza portofoliului - - - Analitica riscurilor - - - Analitica digitală - - - Analitica securității - - - Analitica software-ului - - Provocări - - Riscuri - 2.2 Analitica predictivă - - Definiție - - Procesul de analitica predictivă - - Tipuri - - - Modele predictive - - - Modele descriptive - - - Modele de decizie - - Aplicații - - - Managementul relațiilor cu clienții analitic (CRM) - - - Protecția copilului - - - Sisteme de suport decizional clinic - - - Analiticile colecțiilor - - - Vânzări încrucișate - - - Retenția clienților - - - Marketing direct - - - Detectarea fraudelor - - - Prezicerea rezultatelor deciziilor legale - - - Previziuni privind portofoliul, produsele sau economia - - - Managementul riscului de proiect - - - Acceptanța (Underwriting) - - Tehnologia și influențele big data - - Tehnici analitice - - - Tehnici de regresie - - - - Model de regresie liniară - - - - Modele de alegere discretă - - - - Regresie logistică - - - - Regresie logistică multinomială - - - - Regresie probit - - - - Logit versus probit - - - - Modele pentru serii de timp - - - - Analiza supraviețuirii sau a duratei - - - - Arborele de clasificare și regresie (CART) - - - - Funcții spline adaptive de regresie multivariate - - - Tehnici de învățare automată - - - - Rețele neuronale - - - - Perceptron multistrat (MLP) - - - - Funcții radiale de bază - - - - Mașini cu vectori de suport - - - - Bayesiene naive - - - - Vecinul k-cel mai apropiat - - - - Modelarea predictivă geospațială - - Instrumente - - - PMML - - Critici - 2.3 Analitica prescriptivă - - Istorie - 2.4 Studiul critic al datelor - - Perspective critice - - Abordare: Pragmatismul și etica discursului 3. Etica Big Data - Datele personale ale copiilor - Rolul instituțiilor - - State naționale - - Bănci - Articole relevante de știri despre etica datelor - Legislație relevantă privind etica datelor - 3.1 Principii ale eticii Big Data - - Etica în cercetare - - Conștientizarea - - Consimţământul - - Controlul - - Transparența - - Încrederea - - Proprietatea - - Supravegherea și securitatea - - Identitatea digitală - - Realitatea ajustată - - De-anonimizarea - - Inegalitatea digitală - - Confidențialitatea - - Financiar - - - Cât de mult merită datele? - - Deschidere - 3.2 Probleme etice în cercetare - - Etica cercetării pentru cercetarea socială - - Principalele aspecte etice ale cercetării sociale - - - Intimitate - - - Consimțământ informat - - - De-identificarea - - - Inegalitate – Diviziune digitală - - Integritatea cercetării - - Probleme emergente - - Aviz legal - 3.3 Aspecte filosofice - 3.4 10 reguli de bază în lucrul cu Big Data - - Concluzie Referințe Despre autor - Nicolae Sfetcu - - De același autor - - Contact Editura - MultiMedia Publishing . (shrink)

The main problems faced by scientists in working with Big Data sets, highlighting the main ethical issues, taking into account the legislation of the European Union. After a brief Introduction to Big Data, the Technology section presents specific research applications. There is an approach to the main philosophical issues in Philosophical Aspects, and Legal Aspects with specific ethical issues in the EU Regulation on the protection of natural persons with regard to the processing of personal data and on the free (...) movement of such data, and repealing Directive 95/46/EC (Data Protection Directive - General Data Protection Regulation, "GDPR"). The Ethics Issues section details the specific aspects of Big Data. After a brief section of Big Data Research, I finalize my work with the presentation of Conclusions on research ethics in working with Big Data. -/- ISBN 978-606-033-307-4 , DOI: 10.58679/MM14975 . (shrink)

In previous works (Floridi 2018) I introduced the distinction between hard ethics (which may broadly be described as what is morally right and wrong independently of whether something is legal or illegal), and soft or post-compliance ethics (which focuses on what ought to be done over and above existing legislation). This paper analyses the applicability of soft ethics to the General Data Protection Regulation and advances the theory that soft ethics has a dual advantage—as both an opportunity strategy and a (...) risk management solution. (shrink)

Les principaux problèmes rencontrés par les scientifiques qui travaillent avec des ensembles de données massives (mégadonnées, Big Data), en soulignant les principaux problèmes éthiques, tout en tenant compte de la législation de l'Union européenne. Après une brève Introduction au Big Data, la section Technologie présente les applications spécifiques de la recherche. Il suit une approche des principales questions philosophiques spécifiques dans Aspects philosophiques, et Aspects juridiques en soulignant les problèmes éthiques spécifiques du règlement de l'UE sur la protection des données (...) 2016/679 (General Data Protection Regulation, « GDPR »). La section Problèmes éthiques détaille les problèmes spécifiques générés par le big data. Après une brève section de Recherche de big data, sont présentées les Conclusions sur l’éthique de la recherche dans l’utilisation du big data. SOMMAIRE: Abstract 1. Introduction - 1.1 Définitions - 1.2 Les dimensions du big data 2. La technologie - 2.1 Applications - - 2.1.1 En recherche 3. Aspects philosophiques 4 Aspects juridiques - 4.1 RGPD (GDPR) - - Étapes du traitement des données personnelles - - Principes du traitement des données - - Politique de confidentialité et transparence - - Finalités du traitement des données - - Confidentialité par conception et confidentialité implicite - - Le paradoxe (juridique) des mégadonnées 5. Problèmes éthiques - L'éthique dans la recherche - Prise de conscience - Consentement - Contrôle - Transparence - Confiance - Propriété - Surveillance et sécurité - Identité numérique - Réalité ajustée - De-anonymisation - Inégalité numérique - Confidentialité 6. Recherche des mégadonnées Conclusions Bibliographie DOI: 10.13140/RG.2.2.10128.56328 . (shrink)

Digital data help data scientists and epidemiologists track and predict outbreaks of disease. Mobile phone GPS data, social media data, or other forms of information updates such as the progress of epidemics are used by epidemiologists to recognize disease spread among specific groups of people. Targeting groups as potential carriers of a disease, rather than addressing individuals as patients, risks causing harm to groups. While there are rules and obligations at the level of the individual, we have to reach a (...) stage in the development of data analytics where groups are protected as entities. This chapter offers a deeper examination of harms to the groups. (shrink)

The European Medical Information Framework project, funded through the IMI programme, has designed and implemented a federated platform to connect health data from a variety of sources across Europe, to facilitate large scale clinical and life sciences research. It enables approved users to analyse securely multiple, diverse, data via a single portal, thereby mediating research opportunities across a large quantity of research data. EMIF developed a code of practice to ensure the privacy protection of data subjects, protect the interests of (...) data sharing parties, comply with legislation and various organisational policies on data protection, uphold best practices in the protection of personal privacy and information governance, and eventually promote these best practices more widely. EMIF convened an Ethics Advisory Board, to provide feedback on its approach, platform, and the EcoP. The most important challenges the ECoP team faced were: how to define, control and monitor the purposes for which federated health data are used; the kinds of organisation that should be permitted to conduct permitted research; and how to monitor this. This manuscript explores those issues, offering the combined insights of the EAB and EMIF core ECoP team. For some issues, a consensus on how to approach them is proposed. For other issues, a singular approach may be premature but the challenges are summarised to help the community to debate the topic further. Arguably, the issues and their analyses have application beyond EMIF, to many research infrastructures connected to health data sources. (shrink)

The ability to collect fine-grained energy data from smart meters has benefits for utilities and consumers. However, a proactive approach to data privacy is necessary to maximize the potential of these data to support low-carbon energy systems, and innovative business models.