Link Before You Share: Managing Privacy Policies through Blockchain

With the advent of numerous online content providers, utilities and applications, each with their own specific version of privacy policies and its associated overhead, it is becoming increasingly difficult for concerned users to manage and track the confidential information that they share with the providers. Users consent to providers to gather and share their Personally Identifiable Information (PII). We have developed a novel framework to automatically track details about how a users' PII data is stored, used and shared by the provider. We have integrated our Data Privacy ontology with the properties of blockchain, to develop an automated access control and audit mechanism that enforces users' data privacy policies when sharing their data across third parties. We have also validated this framework by implementing a working system LinkShare. In this paper, we describe our framework on detail along with the LinkShare system. Our approach can be adopted by Big Data users to automatically apply their privacy policy on data operations and track the flow of that data across various stakeholders.Comment: 10 pages, 6 figures, Published in: 4th International Workshop on Privacy and Security of Big Data (PSBD 2017) in conjunction with 2017 IEEE International Conference on Big Data (IEEE BigData 2017) December 14, 2017, Boston, MA, US

Using the blockchain to enable transparent and auditable processing of personal data in cloud- based services: Lessons from the Privacy-Aware Cloud Ecosystems (PACE) project

The architecture of cloud-based services is typically opaque and intricate. As a result, data subjects cannot exercise adequate control over their personal data, and overwhelmed data protection authorities must spend their limited resources in costly forensic efforts to ascertain instances of non-compliance. To address these data protection challenges, a group of computer scientists and socio-legal scholars joined forces in the Privacy-Aware Cloud Ecosystems (PACE) project to design a blockchain-based privacy-enhancing technology (PET). This article presents the fruits of this collaboration, highlighting the capabilities and limits of our PET, as well as the challenges we encountered during our interdisciplinary endeavour. In particular, we explore the barriers to interdisciplinary collaboration between law and computer science that we faced, and how these two fields’ different expectations as to what technology can do for data protection law compliance had an impact on the project's development and outcome. We also explore the overstated promises of techno-regulation, and the practical and legal challenges that militate against the implementation of our PET: most industry players have no incentive to deploy it, the transaction costs of running it make it prohibitively expensive, and there are significant clashes between the blockchain's decentralised architecture and GDPR's requirements that hinder its deployability. We share the insights and lessons we learned from our efforts to overcome these challenges, hoping to inform other interdisciplinary projects that are increasingly important to shape a data ecosystem that promotes the protection of our personal data

RegTech in public and private sectors: the nexus between data, technology and regulation

Higher regulatory compliance requirements, fast and continuous changes in regulations and high digital dynamics in the financial markets are powering RegTech (regulatory technology), defined as technology-enabled innovation applied to the world of regulation, compliance, risk management, reporting and supervision. This work builds on a systematic literature review and a bibliometric analysis of the literature on RegTech, its influential papers and authors, its main areas of research, its past and its future. The resulting multi-dimensional framework bridges across four main dimensions, starting with regulation and technology, where one or more regulations, not necessarily financial ones, are addressed with the support of technologies (e.g. artificial intelligence, DLT, blockchain, smart contracts, API). Data play a central role, as sharing them enables data ecosystems, where additional value can be attained by each market participant, while data automation and machine-readable regulations empower regulators to pull data directly from the banks' systems and combine these data with data obtained directly from customers or other external sources. Several applications emerge, both for regulated entities, covering matters of compliance, monitoring, risk management, reporting and operations, as well as for authorities, which can leverage on RegTech (SupTech) solutions to make policies, to undertake their authorising, supervising and enforcement operations, for monitoring and controlling purposes, and even to issue fines automatically. As a consequence, stakeholders can reap a series of benefits, such as higher efficiency and effectiveness, accuracy, transparency and lower compliance costs but also risks, such as cyber risk, algorithmic biases, and dehumanization

The Future of Cybercrime: AI and Emerging Technologies Are Creating a Cybercrime Tsunami

This paper reviews the impact of AI and emerging technologies on the future of cybercrime and the necessary strategies to combat it effectively. Society faces a pressing challenge as cybercrime proliferates through AI and emerging technologies. At the same time, law enforcement and regulators struggle to keep it up. Our primary challenge is raising awareness as cybercrime operates within a distinct criminal ecosystem. We explore the hijacking of emerging technologies by criminals (CrimeTech) and their use in illicit activities, along with the tools and processes (InfoSec) to protect against future cybercrime. We also explore the role of AI and emerging technologies (DeepTech) in supporting law enforcement, regulation, and legal services (LawTech)

Can Blockchain Revolutionize Tax Administration?

Experts predict that the use of smart contracts and other applications of blockchain technology could revolutionize the manner in which we do business. Blockchain technology promises the elimination of middlemen, increased trust and transparency, and improved access to shared information and records. Thus, it is no surprise that companies and entrepreneurs are developing blockchain solutions for an array of markets, ranging from real estate to health care. But can this new technology revolutionize tax administration? This Article is the first to consider blockchain technology’s role in addressing the shortcomings of our current administration system— namely, a large tax gap, high compliance and administrative costs, and operational inefficiencies. To mitigate these problems, this Article introduces two innovative uses of blockchain technology in the tax space: a blockchain-based platform for information returns and a blockchain-based platform for digital invoices. Implementing these blockchain-based platforms for tax administration presents significant opportunities to digitalize and automate certain tax processes, improve tax compliance and enforcement, and minimize many inefficiencies currently involved in the tax administration process. This Article also considers the broader implications of using technology to improve tax administration by demonstrating that any blockchain tax initiative is unlikely to make meaningful improvements to tax processes without additional government action. It, therefore, sets forth normative steps for policymakers to take in supporting the use of blockchain and other technologies in the tax space. By doing so, this Article promotes a proactive approach to exploring and understanding blockchain technology’s benefits, limitations, and implications to ultimately place the government in the best position to modernize our tax administration system

A Proposal to Harmonize BIM and IoT Data Silos using Blockchain Application

The integration of Building Information Modelling (BIM) and Internet of Things (IoT) provide significant end-to-end benefits for the architecture, engineering, construction, and operations (AECO) industry. Example applications include on-site assembly services, data localization for built environment, occupancy performance measures and many other analyses that can be used to improve the built environment. However, silos in the BIM and IoT data exchange have impacted the digital process adoption in AECO industry, which aims to change the dynamics and behaviors of the current working process. Penzes, (2018) in his report, acknowledges the AECO industry as one of the most fragmented sectors with a scattered and complex supply chain. Kelly & Dowd, (2015) reported that the prevalence of waste in AECO industry is due to old management practice and business culture, while Charlès, (2014) suggested this is a symptom of ineffective practices caused by the lack of data integration and disconnected documents between the industry players. Insufficient data for process simulation have resulted in poor productivity, high risk, and low profitability. This study sets out to critically analyse the Blockchain technology’s potential to connect, integrate and advance AECO industry information exchanges and digital processes by using BIM and IoT integration use case as a methodology to identify, clarify and organize the proposed system requirements. This paper presents a comprehensive literature review to uncover the current state of BIM and IoT data silos. Moreover, an online survey assessment and a simulated test were conducted to critically evaluate, investigate, and examine the opportunities and solutions in harmonizing BIM and IoT data silos by using the Blockchain application