Since approval of the EU General Data Protection Regulation (GDPR) in 2016, it has been widely and repeatedly claimed that the GDPR will legally mandate a ‘right to explanation’ of all decisions made by automated or artificially intelligent algorithmic systems. This right to explanation is viewed as an ideal mechanism to enhance the accountability and transparency of automated decision-making. However, there are several reasons to doubt both the legal existence and the feasibility of such a right. In contrast (...) to the right to explanation of specific automated decisions claimed elsewhere, the GDPR only mandates that data subjects receive meaningful, but properly limited, information (Articles 13-15) about the logic involved, as well as the significance and the envisaged consequences of automated decision-making systems, what we term a ‘right to be informed’. Further, the ambiguity and limited scope of the ‘right not to be subject to automated decision-making’ contained in Article 22 (from which the alleged ‘right to explanation’ stems) raises questions over the protection actually afforded to data subjects. These problems show that the GDPR lacks precise language as well as explicit and well-defined rights and safeguards against automated decision-making, and therefore runs the risk of being toothless. We propose a number of legislative and policy steps that, if taken, may improve the transparency and accountability of automated decision-making when the GDPR comes into force in 2018. (shrink)

In previous works (Floridi 2018) I introduced the distinction between hard ethics (which may broadly be described as what is morally right and wrong independently of whether something is legal or illegal), and soft or post-compliance ethics (which focuses on what ought to be done over and above existing legislation). This paper analyses the applicability of soft ethics to the General Data Protection Regulation and advances the theory that soft ethics has a dual advantage—as both an opportunity strategy (...) and a risk management solution. (shrink)

The first few years of the 21st century were characterised by a progressive loss of privacy. Two phenomena converged to give rise to the data economy: the realisation that data trails from users interacting with technology could be used to develop personalised advertising, and a concern for security that led authorities to use such personal data for the purposes of intelligence and policing. In contrast to the early days of the data economy and internet surveillance, the (...) last few years have witnessed a rising concern for privacy. As bad data practices have come to light, citizens are starting to understand the real cost of using online digital technologies. Two events stamped 2018 as a landmark year for privacy: the Cambridge Analytica scandal, and the implementation of the European Union’s General Data Protection Regulation (GDPR). The former showed the extent to which personal data has been shared without data subjects’ knowledge and consent and many times for unacceptable purposes, such as swaying elections. The latter inaugurated the beginning of robust data protection regulation in the digital age. Getting privacy right is one of the biggest challenges of this new decade of the 21st century. The past year has shown that there is still much work to be done on privacy to tame the darkest aspects of the data economy. As data scandals continue to emerge, questions abound as to how to interpret and enforce regulation, how to design new and better laws, how to complement regulation with better ethics, and how to find technical solutions to data problems. The aim of the research project Data, Privacy, and the Individual is to contribute to a better understanding of the ethics of privacy and of differential privacy. The outcomes of the project are seven research papers on privacy, a survey, and this final report, which summarises each research paper, and goes on to offer a set of reflections and recommendations to implement best practices regarding privacy. (shrink)

Qualitative fieldwork research on sensitive topics sometimes requires that interviewees be granted confidentiality and anonymity. When qualitative researchers later publish their findings, they must ensure that any statements obtained during fieldwork interviews cannot be traced back to the interviewees. Given these protections to interviewees, the integrity of the published findings cannot usually be verified or replicated by third parties, and the scholarly community must trust the word of qualitative researchers when they publish their results. This trust is fundamentally abused, however, (...) when researchers publish articles reporting qualitative fieldwork data that they never collected. Using only publicly available information, I argue that a 2017 article in an Elsevier foreign policy and international relations journal presents anonymised fieldwork interviews that could not have occurred as described. As an exercise in post-publication peer review (PPPR), this paper examines the evidence that calls into question the reliability of the putative fieldwork quotations. I show further that the 2017 article is not a unique case. The anonymity and confidentiality protections common in some areas of research create an ethical problem: the protections necessary for obtaining research data can be used as a cover to hide substandard research practices as well as research misconduct. (shrink)

ICTs, personal data, digital rights, the GDPR, data privacy, online security… these terms, and the concepts behind them, are increasingly common in our lives. Some of us may be familiar with them, but others are less aware of the growing role of ICTs and data in our lives - and the potential risks this creates. These risks are even more pronounced for vulnerable groups in society. People can be vulnerable in different, often overlapping, ways, which place them (...) at a disadvantage to the majority of citizens; Table 3 in this guide presents some of the many forms and causes of vulnerability. As a result, vulnerable people need greater support to navigate the digital world, and to ensure that they are able to exercise their rights. This guide explains where such support can be found, and also answers the following questions: - What are the main ethical and legal issues around ICTs for vulnerable citizens? - Who is vulnerable in Europe? - How do issues around ICTs affect vulnerable people in particular? This guide is a resource for members of vulnerable groups, people who work with vulnerable groups, and citizens more broadly. It is also useful for data controllers1 who collect data about vulnerable citizens. While focused on citizens in Europe, it may be of interest to people in other parts of the world. It forms part of the Citizens’ Information Pack produced by the PANELFIT project, and is available in English, French, German, Italian and Spanish. You are welcome to translate this guide into other languages. Please send us a link to online versions in other languages, so that we can add them to the project website. (shrink)

Nowadays, protecting trust in social sciences also means engaging in open community dialogue, which helps to safeguard robustness and improve efficiency of research methods. The combination of open data, open review and open dialogue may sound simple but implementation in the real world will not be straightforward. However, in view of Begley and Ellis’s (2012) statement that, “the scientific process demands the highest standards of quality, ethics and rigour,” they are worth implementing. More importantly, they are feasible to work (...) on and likely will help to restore plausibility to social sciences research. Therefore, I feel it likely that the triplet of open data, open review and open dialogue will gradually emerge to become policy requirements regardless of the research funding source. (shrink)

Health data processing fields face ethical and legal problems regarding fundamental rights. As we know, patients can benefit in the Digital Era from having health or medical information available, and medical decisions can be more effective with a better understanding of clinical histories, medical and health data thanks to the development of Artificial Intelligence, Internet of Things and other Digital technologies. However, at the same time, we need to guarantee fundamental rights, including privacy ones. The complaint about ethical (...) and legal requirements – including constitutional ones – is particularly relevant in the processing of health data. This paper is focused on the problem of the consent required to the processing of health data and the exceptions established in the new European Union General Data Regulation, which cover the processing of this special data -within other aims- for scientific, historical and statistical research as legitimate purposes, which include biomedical research. The conclusion is that these open concepts are problematic both for the protection of privacy rights and for the legal security/certainty of research. On one hand there are several interpretation problems, regarding the processing of health data and the protection of information privacy. On the other hand, professionals must follow the Multilevel legal framework and to guarantee fundamental rights in the processing of health data, so there are also problems of interpretation for researchers. Therefore, we need a clearer legal framework for biomedical research. (shrink)

Big Data ethics involves adherence to the concepts of right and wrong behavior regarding data, especially personal data. Big Data ethics focuses on structured or unstructured data collectors and disseminators. Big Data ethics is supported, at EU level, by extensive documentation, which seeks to find concrete solutions to maximize the value of Big Data without sacrificing fundamental human rights. The European Data Protection Supervisor (EDPS) supports the right to privacy and the (...) right to the protection of personal data in the respect of human dignity. DOI: 10.13140/RG.2.2.30867.43041. (shrink)

Data subject rights provide data controllers with obligations that can help with transparency, giving data subjects some control over their personal data. To date, a growing number of researchers have used these data subject rights as a methodology for data collection in research studies. No one, however, has gathered and analysed different academic research studies that use data subject rights as a methodology for data collection. To this end, we conducted a systematic (...) literature review that searched, compiled, and analysed 32 academic studies that use data subject rights as a data collection method. We find that the right of access is the most commonly-used data subject right by researchers, most studies are interested in measuring data subject rights compliance, and that a variety of difficulties exist in conducting research studies with data subject rights. We conclude that researchers should explore other data subject rights for alternative purposes, ease the process of exercising data subject rights, and improve the scalability of these studies. (shrink)

Digital data help data scientists and epidemiologists track and predict outbreaks of disease. Mobile phone GPS data, social media data, or other forms of information updates such as the progress of epidemics are used by epidemiologists to recognize disease spread among specific groups of people. Targeting groups as potential carriers of a disease, rather than addressing individuals as patients, risks causing harm to groups. While there are rules and obligations at the level of the individual, we (...) have to reach a stage in the development of data analytics where groups are protected as entities. This chapter offers a deeper examination of harms to the groups. (shrink)

This paper presents an ethical framework designed to support the development of critical data literacy for research methods courses and data training programmes in higher education. The framework we present draws upon our reviews of literature, course syllabi and existing frameworks on data ethics. For this research we reviewed 250 research methods syllabi from across the disciplines, as well as 80 syllabi from data science programmes to understand how or if data ethics was taught. We (...) also reviewed 12 data ethics frameworks drawn from different sectors. Finally, we reviewed an extensive and diverse body of literature about data practices, research ethics, data ethics and critical data literacy, in order to develop a transversal model that can be adopted across higher education. To promote and support ethical approaches to the collection and use of data, ethics training must go beyond securing informed consent to enable a critical understanding of the techno-centric environment and the intersecting hierarchies of power embedded in technology and data. By fostering ethics as a method, educators can enable research that protects vulnerable groups and empower communities. (shrink)

The concept of an individual, liberal data subject, who was traditionally at the centre of data protection efforts has recently come under scrutiny. At the same time, the particularly destructive effect of digital technology on Black people establishes the need for an analysis that not only considers but brings racial dimensions to the forefront. I argue that because Afrofuturism situates the Black struggle in persistent, yet continuously changing structural disparities and power relations, it offers a powerful departure (...) point for re-imagining data protection. Sketching an Afrofuturist data subject then centres on radical subjectivity, collectivity, and contextuality. (shrink)

Data is very important in any research experiment because it occupies a central place in making decisions based on findings resulting from the analysis of such data. Given its central role, it follows that such an important asset as data, deserve effective management in order to protect the integrity and provide an opportunity for effective problem-solving. The main thrust of this paper was to examine data management practices that should be adopted by scholars in maintaining the (...) quality of their research data. In achieving this, various concepts related to this paper were clarified. Various data management practices were also discussed beginning from data generation to data shredding. Based on the underlying observations from the light of the discussions made in this paper, it was recommended among others that: tertiary institutions in every part of the world should endeavour to establish a data management unit that will be saddled with the primary duty of formulating research data management policies, and the hosting of research data; every Journal should as a matter of compulsion, require the submission of data set corresponding to empirical papers submitted by authors and scholars. (shrink)

The main problems faced by scientists in working with Big Data sets, highlighting the main ethical issues, taking into account the legislation of the European Union. After a brief Introduction to Big Data, the Technology section presents specific research applications. There is an approach to the main philosophical issues in Philosophical Aspects, and Legal Aspects with specific ethical issues in the EU Regulation on the protection of natural persons with regard to the processing of personal data (...) and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive - General Data Protection Regulation, "GDPR"). The Ethics Issues section details the specific aspects of Big Data. After a brief section of Big Data Research, I finalize my work with the presentation of Conclusions on research ethics in working with Big Data. -/- ISBN 978-606-033-307-4 , DOI: 10.58679/MM14975 . (shrink)

An issue about the privacy of the clustered groups designed by algorithms arises when attempts are made to access certain pieces of information about those groups that would likely be used to harm them. Therefore, limitations must be imposed regarding accessing such information about clustered groups. In the discourse on group privacy, it is argued that the right to privacy of such groups should be recognised to respect group privacy, protecting clustered groups against discrimination. According to this viewpoint, this right (...) places a duty on others, for example, private companies, institutions, and governments, to refrain from accessing such information. To defend the idea that the right to privacy should be recognised for clustered groups, at least two requirements must be satisfied. First, clustered group privacy must be conceived of as either a collective good or a participatory good. Since these forms of good are of the type from which no member of a group can be excluded from benefiting, the right to them is defined as a group right. Second, there must be group interests on which to base a group right. Group interests can be either the interests of those members that are a result of their being in the group or the interests of the group as a whole that transcend the interests of its members. However, this paper argues that clustered group privacy cannot be conceived of as either a collective or a participatory good because it is possible for some individuals to be excluded from benefiting from it. Furthermore, due to the lack of awareness among individuals that they are members of a clustered group and the nature of a clustered group itself, such groups cannot have the group interests necessary to establish a group right. Hence, the group right to privacy cannot be recognised for these groups, implying that the group right cannot be considered a means to protect clustered groups against discrimination. Instead, this paper suggests that moral principles need to be articulated within an ethics of vulnerability to identify the moral obligations of protecting vulnerable clustered groups. The duty owed to the vulnerable should involve refraining from accessing certain information about clustered groups in specific contexts. This duty is not engendered by the right to privacy of such groups; it is the duty owed to the vulnerable. The findings highlight the need to articulate moral principles regarding privacy and data protection to protect clustered groups in contexts in which accessing information about them could constitute a reason for discriminatory targeting. (shrink)

Data security is, protecting data from ill- conceived get to, utilize, introduction, intrusion, change, examination, recording or destruction. Cloud computing is a sort of Internet-based computing that grants conjoint PC handling resources and information to PCs what's more, different gadgets according to necessity. It is a model that empowers universal, on-request access to a mutual pool of configurable computing resources. At present, security has been viewed as one of the best issues in the improvement of Cloud Computing. The (...) key issue in effective execution of Cloud Computing is to adequately deal with the security in the cloud applications. This paper talks about the part of cryptography in cloud computing to improve the data security. The expectation here is to get bits of knowledge another security approach with the usage of cryptography to secure information at cloud data centers. (shrink)

All societies have to balance privacy claims with other moral concerns. However, while some concern for privacy appears to be a common feature of social life, the definition, extent and moral justifications for privacy differ widely. Are there better and worse ways of conceptualising, justifying, and managing privacy? These are the questions that lie in the background of this thesis. -/- My particular concern is with the ethical issues around privacy that are tied to the rise of new information and (...) communication technologies (henceforth “ICT”). The focus here is on technologies involved in processing personal data in its broadest sense, including “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.” The issue of moral concern is commonly designated as that of 'data privacy'. -/- The first step is to consider why privacy matters, or ought to matter, in the first place. And here we run into our first difficulty, since both the conceptualisation of privacy and the justification for the right to privacy are matters for contention. On the one hand, we are animated by a moral concern for privacy in some sense; on the other, we lack the conceptual and moral resources for making sense of this concern or for promoting particular social policies and criticising others. This often-cited dichotomy and its ensuing confusion have been the central motivation for most of the philosophical literature on privacy – including this thesis. -/- In what follows, I will suggest a way out of the confusion that pervades the current debate on data privacy. I will essentially argue two claims: one, that the concept of (data) privacy is uniquely characterised by a particular context within which we exchange information; two, that because (data) privacy constitutes an intrinsic value, its moral concerns and justifications ought to be deliberated as such. -/- The first chapter sketches the current data privacy landscape by introducing a number of concepts and arguing the unique nature of the landscape. I argue that the traditional distinction between four kinds of privacy (physical, mental, decisional and informational) is no longer accurate, given the technological context that reduces, unifies and processes all aspects of people’s lives by means of digital data. In fact, to hold on to the distinction leads to a fundamental misconception of data privacy. I further argue that today’s distinction between data protection and data privacy runs the risk of ignoring the fact that the former is an inherent aspect of the latter. These arguments allow me to settle on a (provisional) definition of data privacy: controlling how data about identifiable people is processed by ICT. -/- Next, I draw a line between descriptive and normative accounts of data privacy, and explain why this book belongs to the latter category. After a brief discussion of the coherence and distinctiveness theses, and of the difference between instrumental and intrinsic theories of privacy, I introduce the problem of data privacy as a distinct, coherent, and intrinsic moral concern. Three arguments support this position: one, data privacy is a coherent moral concern because it is motivated by a singular moral concept; two, data privacy is a distinct moral concern because the privacy challenges we face today are of a fundamentally new nature – distinct from any moral concerns we’ve faced in the past; and three, data privacy is an intrinsic moral concern that is predominantly justified, not by what it instrumentally protects us from, but by what it intrinsically constitutes. -/- Chapter Two makes the case against a harm-based, consequentialist approach to data privacy. After a brief introduction to the basic tenets of consequentialism I discuss harm-based arguments in favour as well as against privacy. I explain how privacy may protect us against psychological distress, but at the same time constitute the source of that distress; how privacy may be necessary for the proper functioning of democratic societies, but at the same time provide a cloak for anti-social and immoral behaviour; and how privacy protects us against the improper use of our personal data by others, but at the same enables us to conceal information or spread false information about ourselves in ways that are harmful to others. Next, I argue that consequentialism essentially relies on two flawed presumptions – that we know what harm is, and that we know how to predict it – and discuss the controversies surrounding definitions and predictions of harm. This argument becomes especially pertinent in today’s rapidly changing technological context: we may guess, and make assumptions, perhaps even find correlations, but don’t really know or understand (yet) with any degree of certainty the harmful consequences today’s data privacy violations are causing or will eventually cause – if any. -/- I illustrate this with examples of recent data privacy violations, and with a brief overview of consequentialist arguments for and against data privacy. Those who invoke consequentialist arguments against data privacy claim that personal data is nothing more than a raw material that can be turned into something useful and valuable without harming anyone. Choosing to move fast and break things – a popular mantra that promotes the benefits of technological “permissionless innovation” over and above its risks and costs – they draw our attention to the many benefits free data flows generate. Those who rely on consequentialist arguments in favour of data privacy, on the other hand, insist on actual and potential misuse of personal data. Rather careful than sorry, they draw our attention to the urgent need to take back control and protect ourselves against data privacy violations – precisely because we don’t know which harm they may cause in the future. Others go one step further and argue that these violations are part of a broader ideology of power. -/- What Chapter Two demonstrates is that vague definitions, unreliable predictions and inconclusive allegations of harm from both sides of the debate perpetuate a stalemate that fails to produce morally defensible answers to our growing data privacy concerns. Deliberating about data privacy from a consequentialist perspective is a dead end. -/- Chapter Three proposes an alternative to the harm-based approach, namely that privacy is an intrinsic value that deserves moral protection for its own sake. After a brief account of what I take values to be, and why we have a need to protect them, I introduce the foundational value of respect for persons, and lay out my main argument in two steps. The conceptual component of my argument returns to the definition of data privacy I had temporarily settled on in Chapter One, but now with the added consideration of the particular context, and particular circumstances and attitudes, within which information is exchanged. This addition is crucial, as it reveals the fundamental value that is at stake in our data privacy concerns, namely the inherent value of each and every person, which we protect by upholding an ethical principle commonly known as the principle of respect for persons. It is for this reason that the violation of privacy cannot (only) be expressed in terms of harm. I further argue that the principle of respect for persons is consistent with, and in fact unthinkable without, some degree of privacy. -/- I reply to potential challenges to a value-based approach to data privacy by showing that (i) values and value trade-offs are fundamentally different from consequential benefits and cost-benefit analyses; (ii) the suspension of one value in favour of another is not inherently contradictory; what matters is morally defensible deliberation about values and valid individual consent; (iii) data privacy concerns cannot be reduced to other moral concerns and therefore deserve a specific, distinct protection. -/- Finally, because this is a thesis in applied ethics, I attempt an answer to the question as to how we ought to apply a value-based approach to practical data privacy concerns. I argue that a revised, three-pronged version of John Rawls’ reflective equilibrium, founded on the non-negotiable principle of respect for persons, is the best possible procedure to deliberate data privacy concerns in relation to other moral values. (shrink)

Principalele probleme cu care se confruntă oamenii de știință în lucrul cu seturile mari de date (Big Data), evidențiind principale aspecte etice, luând în considerare inclusiv legislația din Uniunea Europeană. După o scurtă Introducere despre Big Data, secțiunea Tehnologia prezintă aplicațiile specifice în cercetare. Urmează o abordare a principalelor probleme filosofice specifice în Aspecte filosofice, și Aspecte legale cu evidențierea problemelor etice specifice din Regulamentul UE privind protecția datelor 2016/679 (General Data Protection Regulation, "GDPR"). Secțiunea Probleme (...) etice detaliază aspectele specifice generate de Big Data. După o scurtă secțiune Cercetarea Big Data, finalizez lucrarea cu prezentarea Concluziilor pentru etica cercetării în lucrul cu Big CUPRINS: Abstract 1. Introducere - 1.1 Definiții - 1.2 Dimensiunile Big Data 2. Tehnologia - 2.1 Aplicații - - 2.1.1 În cercetare 3. Aspecte filosofice 4 Aspecte legale - 4.1 GDPR - - Etapele procesării datelor personale - - Principiile procesării datelor - - Politica de confidențialitate și transparența - - Scopurile procesării datelor - - Confidențialitate prin design și implicită - - Paradoxul (legal) al Big Data 5. Probleme etice - Etica în cercetare - Conștientizarea - Consimțământul - Controlul - Transparența - Încrederea - Proprietatea - Supravegherea și securitatea - Identitatea digitală - Realitatea ajustată - De-anonimizarea - Inegalitatea digitală - Confidențialitatea 6. Cercetarea Big Data Concluzii Bibliografie DOI: 10.13140/RG.2.2.27629.33761 . (shrink)

The background to this paper is that in our world of massively increasing personal digital data any control over the data about me seems illusionary – informational privacy seems a lost cause. On the other hand, the production of this digital data seems a necessary component of our present life in the industrialized world. A framework for a resolution of this apparent dilemma is provided if by the distinction between (meaningless) data and (meaningful) information. I argue (...) that computational data processing is necessary for many present-day processes and not a breach of privacy, while collection and processing of private information is often not necessary and a breach of privacy. The problem and the sketch of its solution are illustrated in a case-study: supermarket customer cards. (shrink)

In the global fight against the rapid spread of COVID-19, a variety of unprecedented preventive measures have been implemented across the globe, as well as in Vietnam. How Vietnamese people respond to threats to their health and life remains unclear. For this reason, the current study aims to examine Vietnamese people’s protective behavior and its factors. Based on 1,798 online survey respondents’ data collected on the last three days of the nationwide social distancing campaign in mid-April, it is found (...) that gender, knowledge of COVID-19 and preventive measures, and attitudes towards the COVID-19 prevention policies are the three main factors of participants’ protective behaviors. We also find that males are less likely than females to adopt precautionary measures. People who are knowledgeable about COVID-19 may have inappropriate practices towards it. Further research is needed to examine other determinants of protective behaviors to provide more useful information for authorities, public health policy-makers, and healthcare workers to deliver the best practices to control COVID-19 in our country. (shrink)

We talk about how to best protect Australia against cyberterrorist attacks of the type in which the offenders use a computer to attack or in which the offenders attack computers. Our concern is phenomena like Stuxnet and Ransomware, but also any attack that has not yet happened, as for our official records, so say hacking of satellite and use of its allowances to burn people alive to death. We talk about the basics, which could be the advice of FireEye, and (...) we talk about the sophisticated, which could be what is not yet printed. We worry about actions that could be considered part of the intelligence system, so things that demand detailed study of the past and systemic plus organised collection of data in the present. We do not talk about how to deal with Acts of War: Only about how to protect our systems to best so that we do not get those happening via computer or from a computer. (shrink)

This paper describes an AFOSR-supported basic research program that focuses on developing a new framework for combining hard with soft data in order to improve space situational awareness. The goal is to provide, in an automatic and near real-time fashion, a ranking of possible threats to blue assets (assets trying to be protected) from red assets (assets with hostile intentions). The approach is based on Conceptual Spaces models, which combine features from traditional associative and symbolic cognitive models. While Conceptual (...) Spaces are revolutionary, they lack an underlying mathematical framework. Several such frameworks have attempted to represent Conceptual Spaces, but by far the most robust is the model developed by Holender. His model utilizes integer linear programming in order to obtain an overall similarity value between observations and concepts that support the formation of hypotheses. This paper will describe a method for building Conceptual Spaces models for threats that utilizes ontologies as a means to provide a clear semantic foundation for this inferencing process; in particular threat ontologies and space domain ontologies are developed and employed in this approach. A space situational awareness use-case is presented involving a kinetic kill scenario and results are shown to assess the performance of this fusion-based inferencing framework. (shrink)

The use of Big Data presents significant legal problems, especially in terms of data protection. The existing legal framework of the European Union based in particular on the Directive no. 46/95/EC and the General Regulation on the Protection of Personal Data provide adequate protection. But for Big Data, a comprehensive and global strategy is needed. The evolution over time was from the right to exclude others to the right to control their own (...) class='Hi'>data and, at present, to the rethinking of the right to (digital) identity. The General Data Protection Regulation, "GDPR" (Regulation EU 2016/679) deals with data protection and privacy of persons in the European Union and the European Economic Area. DOI: 10.13140/RG.2.2.29614.46400. (shrink)

Most people are completely oblivious to the danger that their medical data undergoes as soon as it goes out into the burgeoning world of big data. Medical data is financially valuable, and your sensitive data may be shared or sold by doctors, hospitals, clinical laboratories, and pharmacies—without your knowledge or consent. Medical data can also be found in your browsing history, the smartphone applications you use, data from wearables, your shopping list, and more. At (...) best, data about your health might end up in the hands of researchers on whose good will we depend to avoid abuses of power.2 Most likely, it will end up with data brokers who might sell it to a future employer, or an insurance company, or the government. At worst, your medical data may end up in the hands of criminals eager to commit extortion or identity theft. In addition to data harms related to exposure and discrimination, the collection of sensitive data by powerful corporations risks the creation of data monopolies that can dominate and condition access to health care. -/- This chapter aims to explore the challenge that big data brings to medical privacy. Section I offers a brief overview of the role of privacy in medical settings. I define privacy as having one’s personal information and one’s personal sensorial space (what I call autotopos) unaccessed. Section II discusses how the challenge of big data differs from other risks to medical privacy. Section III is about what can be done to minimise those risks. I argue that the most effective way of protecting people from suffering unfair medical consequences is by having a public universal healthcare system in which coverage is not influenced by personal data (e.g., genetic predisposition, exercise habits, eating habits, etc.). (shrink)

This study systematically examined people’s protective behaviors against COVID-19 in China, and particular attention was given to people’s perceived threat and information-processing strategies. This study constructed a conceptual model and used structural equation modeling to explore this issue, and a questionnaire survey was conducted to collect data involving 4,605 participants during the early stage of the COVID-19 pandemic in China. The results showed that people’s initial information acquisition played an essential role in their behavioral responses; acquiring more initial information (...) about COVID-19 would make them perceive a higher threat and present a higher demand for information, then making them more likely to seek and process information, and subsequently motivating their protective behaviors. (shrink)

This paper is an approach to the regulation of drones and the protection of fundamental rights, particularly in relation to the use of drones equipped with image and data capture technologies, with special attention to the position and protection of minors.

This article addresses the general ethical issues of accessing online personal data for research purposes. The authors discuss the practical aspects of online research with a specific case study that illustrates the ethical challenges encountered when accessing data from Kooth, an online youth web-counselling service. This paper firstly highlights the relevance of a process-based approach to ethics when accessing highly sensitive data and then discusses the ethical considerations and potential challenges regarding the accessing of public data (...) from Digital Mental Health services. It presents solutions that aim to protect young DMH service users as well as the DMH providers and researchers mining such data. Special consideration is given to service users’ expectations of what their data might be used for, as well as their perceptions of whether the data they post is public, private or open. We provide recommendations for planning and designing online research in an ethical manner that includes vulnerable young people as research participants. We emphasise the distinction between public, private and open data, which is crucial to comprehend the ethical challenges in accessing DMH data. Among our key recommendations, we foreground the need to consider a collaborative approach with the DMH providers while respecting service users’ control over personal data, and we propose the implementation of digital solutions embedded within the platform for explicit opt-out/opt-in recruitment strategies and ‘read more’ options. (shrink)

This article analyses, defines, and refines the concepts of ownership and personal data to explore their compatibility in the context of EU law. It critically examines the traditional dividing line between personal and non-personal data and argues for a strict conceptual separation of personal data from personal information. The article also considers whether, and to what extent, the concept of ownership can be applied to personal data in the context of the Internet of Things (IoT). This (...) consideration is framed around two main approaches shaping all ownership theories: a bottom-up and top-down approach. Via these dual lenses, the article reviews existing debates relating to four elements supporting introduction of ownership of personal data, namely the elements of control, protection, valuation, and allocation of personal data. It then explores the explanatory advantages and disadvantages of the two approaches in relation to each of these elements as well as to ownership of personal data in IoT at large. Lastly, the article outlines a revised approach to ownership of personal data in IoT that may serve as a blueprint for future work in this area and inform regulatory and policy debates. (shrink)

Cambodians are still vulnerable. To reverse those conditions, National Social Protection Strategy (N.S.P.S) was developed for the poor and vulnerable people to promote their livelihoods. Royal Government of Cambodia (R.G.C) has paid attention to social assistance. In strategic plans, highlights on strengthening, and collectively developing social security, consistent and effective. With these issues, the government establishes a national social protection policy framework to help all people in particular poor and vulnerable people (M.o.E.F, 2017, p.1). The research aims at (...) reviewing the institutional capacity of government institutions in charge of the National Social Protection Framework (N.S.P.P.F) toward its goal achievement The Department for International Development (D.E.F.I.D) capacity approach is proposed as a framework for this institution of government toward its goal achievement. The D.E.F.I.D (2003) cited in Kay amp Franks (2003) identifies the approach for assessing capacities in three-level. The strengths and the weakness of the seven points were identified. Those included an Overview of N.S.P.P.F, financial resources, relationship with others, policies and systems, strategies, structures, and technical skills and competencies. It was concluded that budget limitations and lack of data and guidelines for implementing the frameworks were limited. Recommendations were identification of People with Disability (P.W.D) data, people close to the poverty line, the inclusion of P.W.D, increase in budget, and budget decentralization. (shrink)

The COVID-19 pandemic demonstrated the benefits of international data sharing. Data sharing enabled the health care policy makers to make decisions based on real-time data, it enabled the tracking of the virus, and importantly it enabled the development of vaccines that were crucial to mitigating the impact of the virus. This data sharing is not the norm as data sharing needs to navigate complex ethical and legal rules, and in particular, the fragmented application of the (...) General Data Protection Regulation (GDPR). The introduction of the draft regulation for a European Health Data Space (EHDS) in May 2022 seeks to address some of these legal issues. If passed, it will create an obligation to share electronic health data for certain secondary purposes. While there is a clear need to address the legal complexities involved with data sharing, it is critical that any proposed reforms are in line with ethical principles and the expectations of the data subjects. In this paper we offer a critique of the EHDS and offer some recommendations for this evolving regulatory space. (shrink)

Abstract—The purpose of this study is to highlight and prove the positive impact in which blockchain could have on today’s IoT environment in terms of providing Cybersecurity for not just organizations, but other individuals who share data via the internet. The current IoT environs operates on a centralized cloud based server, meanwhile block chain operates on a decentralized server. The differentiation between the both plays a major role in the level of security they both provide; whereby, decentralized systems are (...) less vulnerable to cyber-attacks and centralized ones are not. In this report, real life illustrations are used to justify the knowledge that the block chain security could serve as a saving grace for internet users. Also, this form of security seems to be the only way to eradicate all forms of insecurity in supply chain and IoT breaches for businesses. An in depth understanding on how the block chain system operates would show why it’s held with such high hopes and how it can be beneficial for a wide range of industries. However, this research also highlights some difficulties that might arise in implementing the block chain system. It also gives ways in which the system can be gradually implemented. Firstly, the government needs to make it mandatory for businesses that deal with national based confidential data to implement block chain in their supply chain system to boost security. Secondly, top company officials like C.E. O’s need to take genuine interest in the block chain technology by investing in its development and making it a part of employee training, which in the long run would benefit the economy and business in return. Thirdly, a merge of more public and private businesses would help push the use of block chain further. Lastly, the government should make the block chain technology easily accessible, making the official permission to implement -easy and cost effective. (shrink)

The overall objective of the study was to examine the pros and cons of the participatory approach adopted in natural resource management in the ecologically protected areas of the Sundarbans mangrove of Bangladesh. A comparative study was done between the people who are involved and non-involved in this approach. Empirical data was collected through personal interviews with a structured questionnaire. The Gini coefficient was measured first and then embedded with the Lorenz curve to draw a line between perfect equality (...) and inequality vis-a-vis. The study revealed that the co-management built awareness in favor of biodiversity conservation and the efficient use of natural resources. Contradictorily, a segment of different hierarchical committees was involved in destructive activities like poisoning the wetlands for fishing. Therefore, a mixed outcome was found. The findings will help the policymakers in identifying the pitfalls and bottlenecks rooted in co-management. Hence, the study recommends revising the approach to ensure the community’s active participation on an equal basis and take action against them who degrade those resources. Exploring profitable alternative income-generating activities is warranted to narrow down the dependency on the Sundarbans mangrove’s natural resources. In order to address the tragedy of the commons, the study advocates for the unity of all knowledge ranging from science to humanistic scholarship for sound policymaking. (shrink)

Violence risk assessment tools are increasingly used within criminal justice and forensic psychiatry, however there is little relevant, reliable and unbiased data regarding their predictive accuracy. We argue that such data are needed to (i) prevent excessive reliance on risk assessment scores, (ii) allow matching of different risk assessment tools to different contexts of application, (iii) protect against problematic forms of discrimination and stigmatisation, and (iv) ensure that contentious demographic variables are not prematurely removed from risk assessment tools.

Children continue to be overlooked as a topic of concern in discussions around the ethical use of people’s data and information. Where children are the subject of such discussions, the focus is often primarily on privacy concerns and consent relating to the use of their data. This paper highlights the unique challenges children face when it comes to online interferences with their decision-making, primarily due to their vulnerability, impressionability, the increased likelihood of disclosing personal information online, and their (...) developmental capacities. These traits allow for practices such as hypernudging to be executed on them more accurately and with more serious consequences, specifically by potentially undermining their autonomy. We argue that children are autonomous agents in the making and thus require additional special protections to ensure that the development of their autonomy is safeguarded. This means that measures should be taken to prohibit most forms of hypernudging children and thus ensure that they are protected from this powerful technique of digital manipulation. (shrink)

Les principaux problèmes rencontrés par les scientifiques qui travaillent avec des ensembles de données massives (mégadonnées, Big Data), en soulignant les principaux problèmes éthiques, tout en tenant compte de la législation de l'Union européenne. Après une brève Introduction au Big Data, la section Technologie présente les applications spécifiques de la recherche. Il suit une approche des principales questions philosophiques spécifiques dans Aspects philosophiques, et Aspects juridiques en soulignant les problèmes éthiques spécifiques du règlement de l'UE sur la (...) class='Hi'>protection des données 2016/679 (General Data Protection Regulation, « GDPR »). La section Problèmes éthiques détaille les problèmes spécifiques générés par le big data. Après une brève section de Recherche de big data, sont présentées les Conclusions sur l’éthique de la recherche dans l’utilisation du big data. SOMMAIRE: Abstract 1. Introduction - 1.1 Définitions - 1.2 Les dimensions du big data 2. La technologie - 2.1 Applications - - 2.1.1 En recherche 3. Aspects philosophiques 4 Aspects juridiques - 4.1 RGPD (GDPR) - - Étapes du traitement des données personnelles - - Principes du traitement des données - - Politique de confidentialité et transparence - - Finalités du traitement des données - - Confidentialité par conception et confidentialité implicite - - Le paradoxe (juridique) des mégadonnées 5. Problèmes éthiques - L'éthique dans la recherche - Prise de conscience - Consentement - Contrôle - Transparence - Confiance - Propriété - Surveillance et sécurité - Identité numérique - Réalité ajustée - De-anonymisation - Inégalité numérique - Confidentialité 6. Recherche des mégadonnées Conclusions Bibliographie DOI: 10.13140/RG.2.2.10128.56328 . (shrink)

Can green growth policies help protect the environment while keeping the industry growing and infrastructure expanding? The City of Kitakyushu, Japan, has actively implemented eco-friendly policies since 1967 and recently inspired the pursuit of sustainable development around the world, especially in the Global South region. However, empirical studies on the effects of green growth policies are still lacking. This study explores the relationship between road infrastructure development and average industrial firm size with air pollution in the city through the Environmental (...) Kuznets Curve (EKC) hypothesis. Auto-Regressive Distributed Lag (ARDL) and Non-linear Auto-Regressive Distributed Lag (NARDL) methods were applied on nearly 50-years’ time series data, from 1967 to 2015. The results show that the shape of the EKC of industrial growth, measured by average firm size, depends on the type of air pollution: inverted N-shaped relationships with NO2 and CO, and the U-shaped relationships with falling dust particle and Ox. Regarding infrastructure development, on the one hand, our analysis shows a positive effect of road construction on alleviating the amount of falling dust and CO concentration. On the other hand, the emissions of NO2 and Ox are shown to rise when plotted against road construction. The decline of CO emission, when plotted against both industrial growth and road development, indicates that the ruthlessness of the local government in pursuing green growth policies is effective in this case. However, the story is not straightforward when it comes to other air pollutants, which hint at limits in the current policies. The case of Kitakyushu illustrates the complex dynamics of the interaction among policy, industry, infrastructure, and air pollution. It can serve as an important reference point for other cities in the Global South when policies are formed, and progress is measured in the pursuit of a green economy. Finally, as an OECD SDGs pilot city and the leading Asian green-growth city, policymakers in Kitakyushu city are recommended to revise the data policy to enhance the findability and interoperability of data as well as to invest in the application of big data. (shrink)

The public constitutes a major stakeholder in the debate about, and resolution of privacy and ethical The public constitutes a major stakeholder in the debate about, and resolution of privacy and ethical about Big Data research seriously and how to communicate messages designed to build trust in specific big data projects and the institution of science in general. This chapter explores the implications of various examples of engaging the public in online activities such as Wikipedia that contrast with (...) “Notice and Consent” forms and offers models for scientists to consider when approaching their potential subjects in research. Drawing from Lessig, Code and Other Laws of Cyberspace, the chapter suggests that four main regulators drive the shape of online activity: Code (or Architecture), Laws, Markets, and Norms. Specifically, scientists should adopt best practices in protecting computerized Big Data (Code), remain completely transparent about their data management practices (Law), make smart choices when deploying digital solutions that place a premium on information protection (Market), and, critically, portray themselves to the public as seriously concerned with protecting the privacy of persons and security of data (Norms). The community of Big Data users and collectors should remember that such data are not just “out there” somewhere but are the intimate details of the lives of real persons who have just as deep an interest in protecting their privacy as they do in the good work that is conducted with such data. (shrink)

This study presents a neural network-based model for predicting smoke potential in a specific area using a Kaggle-derived dataset with 15 environmental features and 62,631 samples. Our five-layer neural network achieved an accuracy of 89.14% and an average error of 0.000715, demonstrating its effectiveness. Key influential features, including temperature, humidity, crude ethanol, pressure, NC1.0, NC2.5, SCNT, and PM2.5, were identified, providing insights into smoke occurrence. This research aids in proactive smoke mitigation and public health protection. The model's accuracy and (...) feature analysis empower decision-makers, with potential applications in real-time smoke event monitoring and preparedness strategies. This work contributes to the field of air quality forecasting and environmental stewardship, offering a data-driven approach to address smoke-related challenges and enhance community well-being. (shrink)

The aim of this workshop was to ask potential end-users of the citizens’ information pack on legal and ethical issues around ICTs the following questions: What is your knowledge of the EU’s General Data Protection Regulation, and what actions have you taken in response to these regulations? What challenges are you experiencing in ensuring the protection and security of your project data, and compliance with the GDPR, within existing data management processes/systems? What information/tools/resources do you (...) need to overcome these challenges? What are the best formats/channels for receiving, sharing and acting upon this information? What is the most appropriate structure/format for the citizens’ information pack? (shrink)

Fixing the problem won’t be easy, but humans’ sharpened focus on an emerging philosophy of data might give us some clue about where we will be heading for.

The EDPS Ethics Advisory Group (EAG) has carried out its work against the backdrop of two significant social-political moments: a growing interest in ethical issues, both in the public and in the private spheres and the imminent entry into force of the General Data Protection Regulation (GDPR) in May 2018. For some, this may nourish a perception that the work of the EAG represents a challenge to data protection professionals, particularly to lawyers in the field, as (...) well as to companies struggling to adapt their processes and routines to the requirements of the GDPR. What is the purpose of a report on digital ethics, if the GDPR already provides all regulatory requirements to protect European citizens with regard to the processing of their personal data? Does the existence of this EAG mean that a new normative ethics of data protection will be expected to fill regulatory gaps in data protection law with more flexible, and thus less easily enforceable ethical rules? Does the work of the EAG signal a weakening of the foundation of legal doctrine, such as the rule of law, the theory of justice, or the fundamental values supporting human rights, and a strengthening of a more cultural approach to data protection? Not at all. The reflections of the EAG contained in this report are not intended as the continuation of policy by other means. It neither supersedes nor supplements the law or the work of legal practitioners. Its aims and means are different. On the one hand, the report seeks to map and analyse current and future paradigm shifts which are characterised by a general shift from analogue experience of human life to a digital one. On the other hand, and in light of this shift, it seeks to re-evaluate our understanding of the fundamental values most crucial to the well-being of people, those taken for granted in a data-driven society and those most at risk. The objective of this report is thus not to generate definitive answers, nor to articulate new norms for present and future digital societies but to identify and describe the most crucial questions for the urgent conversation to come. This requires a conversation between legislators and data protection experts, but also society at large - because the issues identified in this report concern us all, not only as citizens but also as individuals. They concern us in our daily lives, whether at home or at work and there isn’t a place we could travel to where they would cease to concern us as members of the human species. (shrink)

Ambient assisted living technologies are increasingly presented and sold as essential smart additions to daily life and home environments that will radically transform the healthcare and wellness markets of the future. An ethical approach and a thorough understanding of all ethics in surveillance/monitoring architectures are therefore pressing. AAL poses many ethical challenges raising questions that will affect immediate acceptance and long-term usage. Furthermore, ethical issues emerge from social inequalities and their potential exacerbation by AAL, accentuating the existing access gap between (...) high-income countries and low and middle-income countries. Legal aspects mainly refer to the adherence to existing legal frameworks and cover issues related to product safety, data protection, cybersecurity, intellectual property, and access to data by public, private, and government bodies. Successful privacy-friendly AAL applications are needed, as the pressure to bring Internet of Things devices and ones equipped with artificial intelligence quickly to market cannot overlook the fact that the environments in which AAL will operate are mostly private. The social issues focus on the impact of AAL technologies before and after their adoption. Future AAL technologies need to consider all aspects of equality such as gender, race, age and social disadvantages and avoid increasing loneliness and isolation among, e.g. older and frail people. Finally, the current power asymmetries between the target and general populations should not be underestimated nor should the discrepant needs and motivations of the target group and those developing and deploying AAL systems. Whilst AAL technologies provide promising solutions for the health and social care challenges, they are not exempt from ethical, legal and social issues. A set of ELSI guidelines is needed to integrate these factors at the research and development stage. (shrink)

Recent discussions among lawyers, philosophers, policy researchers and athletes have focused on the potential threat to privacy posed by the World Anti-Doping Agency’s (WADA) whereabouts requirements. These requirements demand, among other things, that all elite athletes file their whereabouts information for the subsequent quarter on a quarterly basis and comprise data for one hour of each day when the athlete will be available and accessible for no advance notice testing at a specified location of their choosing. Failure to file (...) one’s whereabouts, or the non-availability for testing at said location on three occasions within any 18-month period constitutes an anti-doping rule violation that is equivalent to testing positive to a banned substance, and may lead to a suspension of the athlete for a time period of between one and two years. We critically explore the extent to which WADA’s whereabouts requirements are in tension with existing legislation on privacy, with respect to UK athletes, who are simultaneously protected by UK domestic and EU law. Both UK domestic and EU law are subject to the European Convention on Human Rights (ECHR) Article 8, which establishes a right to “respect for private and family life, home and correspondence”. We critically discuss the centrality of the whereabouts requirements in relation to WADA’s aims, and the adoption and implementation of its whereabouts rules. We conclude that as WADA’s whereabouts requirements appear to be in breach of an elite athlete’s rights under European workers’ rights, health & safety and data protection law they are also, therefore, in conflict with Article 8 of the ECHR and the UK Human Rights Act 1998. We call for specific amendments that cater for the exceptional case of elite sports labour if the WADA requirements are to be considered legitimate. (shrink)

In this chapter I identify three problems affecting the plausibility of group privacy and argue in favour of their resolution. The first problem concerns the nature of the groups in question. I shall argue that groups are neither discovered nor invented, but designed by the level of abstraction (LoA) at which a specific analysis of a social system is developed. Their design is therefore justified insofar as the purpose, guiding the choice of the LoA, is justified. This should remove the (...) objection that groups cannot have a right to privacy because groups are mere artefacts (there are no groups, only individuals) or that, even if there are groups, it is too difficult to deal with them. The second problem concerns the possibility of attributing rights to groups. I shall argue that the same logic of attribution of a right to individuals may be used to attribute a right to a group, provided one modifies the LoA and now treats the whole group itself as an individual. This should remove the objection that, even if groups exist and are manageable, they cannot be treated as holders of rights. The third problem concerns the possibility of attributing a right to privacy to groups. I shall argue that sometimes it is the group and only the group, not its members, that is correctly identified as the correct holder of a right to privacy. This should remove the objection that privacy, as a group right, is a right held not by a group as a group but rather by the group’s members severally. The solutions of the three problems supports the thesis that an interpretation of privacy in terms of a protection of the information that constitutes an individual—both in terms of a single person and in terms of a group—is better suited than other interpretations to make sense of group privacy. (shrink)

This essay accounts for part of the moral, social and legal problems behind the attempts for justifying and implementing the so-called right to be forgotten in the Internet. Such right implies that –under certain circumstances–individuals are entitled to demand that search engines remove links containing their personal information. Our inquiry reflects on a ruling issued by the Court of Justice of the European Union and made public on May 13th 2014, as well as on the recommendations conveyed in Article 29 (...) of the Data Protection Working Party, the practice of Google and the report of its Advisory Council. (shrink)

One of the most noticeable trends in recent years has been the increasing reliance of public decision-making processes on algorithms, i.e. computer-programmed step-by-step instructions for taking a given set of inputs and producing an output. The question raised by this article is whether the rise of such algorithmic governance creates problems for the moral or political legitimacy of our public decision-making processes. Ignoring common concerns with data protection and privacy, it is argued that algorithmic governance does pose a (...) significant threat to the legitimacy of such processes. Modelling my argument on Estlund’s threat of epistocracy, I call this the ‘threat of algocracy’. The article clarifies the nature of this threat and addresses two possible solutions. It is argued that neither solution is likely to be successful, at least not without risking many other things we value about social decision-making. The result is a somewhat pessimistic conclusion in which we confront the possibility that we are creating decision-making processes that constrain and limit opportunities for human participation. (shrink)

The European Medical Information Framework project, funded through the IMI programme, has designed and implemented a federated platform to connect health data from a variety of sources across Europe, to facilitate large scale clinical and life sciences research. It enables approved users to analyse securely multiple, diverse, data via a single portal, thereby mediating research opportunities across a large quantity of research data. EMIF developed a code of practice to ensure the privacy protection of data (...) subjects, protect the interests of data sharing parties, comply with legislation and various organisational policies on data protection, uphold best practices in the protection of personal privacy and information governance, and eventually promote these best practices more widely. EMIF convened an Ethics Advisory Board, to provide feedback on its approach, platform, and the EcoP. The most important challenges the ECoP team faced were: how to define, control and monitor the purposes for which federated health data are used; the kinds of organisation that should be permitted to conduct permitted research; and how to monitor this. This manuscript explores those issues, offering the combined insights of the EAB and EMIF core ECoP team. For some issues, a consensus on how to approach them is proposed. For other issues, a singular approach may be premature but the challenges are summarised to help the community to debate the topic further. Arguably, the issues and their analyses have application beyond EMIF, to many research infrastructures connected to health data sources. (shrink)

ABSTRACT: One important criticism of algorithmic systems is that they lack transparency. Such systems can be opaque because they are complex, protected by patent or trade secret, or deliberately obscure. In the EU, there is a debate about whether the General Data Protection Regulation (GDPR) contains a “right to explanation,” and if so what such a right entails. Our task in this chapter is to address this informational component of algorithmic systems. We argue that information access is integral (...) for respecting autonomy, and transparency policies should be tailored to advance autonomy. -/- To make this argument we distinguish two facets of agency (i.e., capacity to act). The first is practical agency, or the ability to act effectively according to one’s values. The second is what we call cognitive agency, which is the ability to exercise what Pamela Hieronymi calls “evaluative control” (i.e., the ability to control our affective states, such as beliefs, desires, and attitudes). We argue that respecting autonomy requires providing persons sufficient information to exercise evaluative control and properly interpret the world and one’s place in it. We draw this distinction out by considering algorithmic systems used in background checks, and we apply the view to key cases involving risk assessment in criminal justice decisions and K-12 teacher evaluation. -/- The link below is to an open access version of the chapter. (shrink)