The Data Breach Dilemma: Proactive Solutions for Protecting Consumers’ Personal Information

Data breaches are an increasingly common part of consumers’ lives. No institution is immune to the possibility of an attack. Each breach inevitably risks the release of consumers’ personally identifiable information and the strong possibility of identity theft. Unfortunately, current solutions for handling these incidents are woefully inadequate. Private litigation like consumer class actions and shareholder lawsuits each face substantive legal and procedural barriers. States have their own data security and breach notification laws, but there is currently no unifying piece of legislation or strong enforcement mechanism. This Note argues that proactive solutions are required. First, a national data security law—setting minimum data security standards, regulating the use and storage of personal information, and expanding the enforcement role of the Federal Trade Commission—is imperative to protect consumers’ data. Second, a proactive solution requires reconsidering how to minimize the problem by going to its source: the collection of personally identifiable information in the first place. This Note suggests regulating companies’ collection of Social Security numbers, and, eventually, using a system based on distributed ledger technology to replace the ubiquity of Social Security numbers

Food Fraud in the EU: Analysis of Reports in the Rapid Alert System for Food and Feed

openFood fraud is a major concern to public health, consumer confidence, and the integrity of the EU food industry. Although the EU legal framework lacks a clear definition for food fraud, it provides regulations like the General Food Law, Food Information to Consumers Regulation, and Official Controls Regulation, which serve as a foundation also for addressing fraudulent practices. The General Food Law was passed in 2002, but the specific criteria for identifying food fraud were not defined until 2019. Nevertheless, incidents such as the dioxin crisis in Belgium in 1999, the illegal dyes crisis in 2005, the melamine crisis in 2008, the Chinese milk scandal in 2008, and the Horsemeat scandal in 2013 highlight the financial and public health consequences of food fraud. In this study, food fraud and adulterations reported in the RASFF database from 2005 to 2021 (n=2031) were analysed to identify the overall pattern and trend. The United Kingdom emerged as a focal point with 31.8% of all food fraud notifications, followed by Italy (9.0%). China and India were identified as the predominant origins of food fraud, constituting 16.94% and 11.96% of the reported cases, respectively. The study found that nuts, nut products, and seeds accounted for the highest proportion of fraud/adulteration cases at 22.01%. Followed by fruits and vegetables (10.49%), and meat and meat products other than poultry (10.44%). Furthermore, the study identified health certificates as the common manipulated aspect in food fraud, representing 40.92% of reported cases. In addition, mislabelling, adulteration, and tampering were common with meat and meat products, whereas document forgery was more frequent with nuts and seeds. Grey market activities were prevalent among dietetic foods, while counterfeiting was primarily observed in soups and sauces. From the findings, it is recommended that the regulatory authorities within the EU collaborate and work together to identify each country’s unique challenges and develop specific prevention strategies accordingly. Further, the collaborative efforts should focus on sharing intelligence, harmonising standards, and developing joint initiatives to combat cross-border food fraud incidents. This initiative should consider and incorporate WTO rules to ensure fair and transparent trade while safeguarding consumers. The EU should also consider developing specialised regulations and standards for each high-risk food category. Targeted campaigns and awareness programs should be launched to help consumers identify vulnerable products and understand labelling regulations.Food fraud is a major concern to public health, consumer confidence, and the integrity of the EU food industry. Although the EU legal framework lacks a clear definition for food fraud, it provides regulations like the General Food Law, Food Information to Consumers Regulation, and Official Controls Regulation, which serve as a foundation also for addressing fraudulent practices. The General Food Law was passed in 2002, but the specific criteria for identifying food fraud were not defined until 2019. Nevertheless, incidents such as the dioxin crisis in Belgium in 1999, the illegal dyes crisis in 2005, the melamine crisis in 2008, the Chinese milk scandal in 2008, and the Horsemeat scandal in 2013 highlight the financial and public health consequences of food fraud. In this study, food fraud and adulterations reported in the RASFF database from 2005 to 2021 (n=2031) were analysed to identify the overall pattern and trend. The United Kingdom emerged as a focal point with 31.8% of all food fraud notifications, followed by Italy (9.0%). China and India were identified as the predominant origins of food fraud, constituting 16.94% and 11.96% of the reported cases, respectively. The study found that nuts, nut products, and seeds accounted for the highest proportion of fraud/adulteration cases at 22.01%. Followed by fruits and vegetables (10.49%), and meat and meat products other than poultry (10.44%). Furthermore, the study identified health certificates as the common manipulated aspect in food fraud, representing 40.92% of reported cases. In addition, mislabelling, adulteration, and tampering were common with meat and meat products, whereas document forgery was more frequent with nuts and seeds. Grey market activities were prevalent among dietetic foods, while counterfeiting was primarily observed in soups and sauces. From the findings, it is recommended that the regulatory authorities within the EU collaborate and work together to identify each country’s unique challenges and develop specific prevention strategies accordingly. Further, the collaborative efforts should focus on sharing intelligence, harmonising standards, and developing joint initiatives to combat cross-border food fraud incidents. This initiative should consider and incorporate WTO rules to ensure fair and transparent trade while safeguarding consumers. The EU should also consider developing specialised regulations and standards for each high-risk food category. Targeted campaigns and awareness programs should be launched to help consumers identify vulnerable products and understand labelling regulations

Elektronik Posta Sistemine Üçüncü Taraf Güveni Gerektirmeyen Bir Çözüm Önerisi

Bireyler ve kurumlar arasında bilgi ve belgenin iletilmesi, günlük hayatın olağan süreçlerinden biridir. Ancak bilgi ve belgenin güvenli olarak iletilmesi günümüzde önemli problemlerden biridir. Bilgi ve belgenin aktarımı noktasında, uzunca bir süre elden teslim, posta ve ilan gibi fiziksel yöntemler tercih edilmiştir. Günümüz dünyasında teknolojinin gelişimi ve internetin hayatın önemli bir kısmına sirayet etmesiyle birlikte, iletişimde önemli gelişmelerin oluşmasına neden olmakla birlikte bu etkileşim ve iletişim süreçlerinde elektronik yöntemlerin çeşitliliğini de beraberinde getirmiştir. Etkileşim ve iletişimde yoğun bir şekilde kullanılan elektronik sistemler sayesinde internet teknolojisindeki hız, verimlilik artışı ve maliyetlerin düşmesi de sağlanmıştır. İnternet teknolojilerinin sağladığı imkânlar vasıtasıyla elektronik posta ortaya çıkmıştır. Elektronik posta kullanıcılarının kayıt altına alınması ile kayıtlı elektronik posta sistemi oluşmuştur. Kayıtlı elektronik posta sistemi, genel olarak elektronik postayı gönderen ve gönderiyi alan arasında var olan iletişimin belli standartlarda gerçekleştirilmesi sonucunda yasal kanıtların oluşturulması esasına dayanmaktadır. Böylelikle yasal altyapısı olan ve güvenliği arttırılmış olan bilgi ve belge aktarım yöntemi elde edilmiştir. Kayıtlı elektronik posta sistemi yasal standartlar ile belli bir seviyede güvenlik sağlamaktadır ancak merkezi mimariye sahip olarak tasarlanmıştır. Merkezi mimariye sahip çözümler, doğası gereği merkezi yapının güvenliği üzerine kuruludur. Bu güven kendi içinde de problemler içermektedir. Ancak merkezi yapıya alternatif olarak merkezi olmayan ve üçüncü tarafa güven gerektirmeden verinin yönetilebildiği yöntemler bulunmaktadır. Bu yöntemler içerisinde en yaygın olarak kullanılan yöntem blok zincir teknolojisidir. Blok zincir teknolojisi verinin yönetilmesi alanında yenilikçi bir yöntem sunmaktadır. Blok zincir teknolojisinin veri yönetimi açısından sunduğu yenilikçi bakış açısı ve sağladığı faydalar nedeniyle günlük hayatta veri yönetimi ile ilgili birçok uygulama tercih edilmeye başlanmıştır. Çalışmada, kayıtlı elektronik posta sisteminin merkezi mimarisine alternatif olarak blok zincir teknoloji kullanımı önerilmiş olup blok zincir teknolojisine entegrasyonu açıklanmıştır. Bu çalışmada amaç; blok zincir teknolojisinin kullanımının kayıtlı elektronik posta sisteminde uygulanması ve merkezi yapıda olan benzeri süreçlerin ve yazılımların güvene dayalı olan güvenlik zayıflıklarının ortadan kaldırılmasına yönelik çözüm önerisi ortaya koymaktır. Çalışma, elektronik posta sisteminin blok zincir teknolojisi ile yeniden tasarlanması ve entegrasyonunun detaylandırması açısından özgün bir çalışmadır. Bu çalışmada öncelikle kayıtlı elektronik posta sisteminin kavramsal çerçevesi hakkında bilgi verilmiştir. Ardından kayıtlı elektronik posta sisteminin temelini oluşturan yasal altyapı açıklanmıştır. Kayıtlı elektronik posta sisteminin kullanımının bireyler ve kurumlar açısından faydalarına değinilmiştir. Kayıtlı elektronik posta sisteminin merkezi mimarisine alternatif olarak blok zincir teknolojisinin dağıtık yapısının kullanımı açıklanmıştır. Önerilen yöntemin anlaşılabilmesi amacıyla, blok zincir teknolojisi açıklanmış ardından hali hazırda kullanılan mimariye alternatif olan blok zincir teknolojisinin sağlayacağı faydalar açıklanmıştır. Çalışmanın son bölümünde önerilen model detaylı olarak açıklanmıştır

A secured message transmission protocol for vehicular ad hoc networks

Vehicular Ad hoc Networks (VANETs) become a very crucial addition in the Intelligent Transportation System (ITS). It is challenging for a VANET system to provide security services and parallelly maintain high throughput by utilizing limited resources. To overcome these challenges, we propose a blockchain-based Secured Cluster-based MAC (SCB-MAC) protocol. The nearby vehicles heading towards the same direction will form a cluster and each of the clusters has its blockchain to store and distribute the safety messages. The message which contains emergency information and requires Strict Delay Requirement (SDR) for transmission are called safety messages (SM). Cluster Members (CMs) sign SMs with their private keys while sending them to the blockchain to confirm authentication, integrity, and confidentiality of the message. A Certificate Authority (CA) is responsible for physical verification, key generation, and privacy preservation of the vehicles. We implemented a test scenario as proof of concept and tested the safety message transmission (SMT) protocol in a real-world platform. Computational and storage overhead analysis shows that the proposed protocol for SMT implements security, authentication, integrity, robustness, non-repudiation, etc. while maintaining the SDR. Messages that are less important compared to the SMs are called non-safety messages (NSM) and vehicles use RTS/CTS mechanism for NSM transmission. Numerical studies show that the proposed NSM transmission method maintains 6 times more throughput, 2 times less delay and 125% less Packet Dropping Rate (PDR) than traditional MAC protocols. These results prove that the proposed protocol outperforms the traditionalMAC protocols

Decrypting Democracy: Incentivizing Blockchain Voting Technology for an Improved Election System

[B]lockchain technology provides a cryptographically secure and transparent method for transferring “digital assets.” Although blockchain technology is most commonly recognized as the technology that underpins virtual currencies, such as Bitcoin, it may also hold the key to facilitating secure online elections in America. To preface the need for blockchain voting, Part II addresses the current problems with voting in the United States. Part III provides an elementary explanation of blockchain. Parts IV and V outline current election laws and explain how implementing blockchain voting would very likely comply with these laws. Transitioning to a new voting system, however, does not come without challenges. Thus, the remainder of Part V outlines valid concerns with and counterarguments against blockchain voting. Part VI advocates for congressional action, tracing the failed regulation of Bitcoin back to the lack of uniform guidance. The time is ripe for modernization, yet current proposals for online voting lack the sophistication necessary to implement a secure and trusted system. Thus, Part VII of this Comment proposes that Congress pass a bill authorizing the use of blockchain voting and incentivizing states to modernize voting systems using this innovative technology

D8.6 OPTIMAI commercialization and exploitation strategy

Deliverable D8.6 OPTIMAI commercialization and exploitation strategy 1 st version is the first version of the OPTIMAI Exploitation Plan. Exploitation aims at ensuring that OPTIMAI becomes sustainable well after the conclusion of the research project period so as to create impact. OPTIMAI intends to develop an industry environment that will optimize production, reducing production line scrap and production time, as well as improving the quality of the products through the use of a variety of technological solutions, such as Smart Instrumentation of sensors network at the shop floor, Metrology, Artificial Intelligence (AI), Digital Twins, Blockchain, and Decision Support via Augmented Reality (AR) interfaces. The innovative aspects: Decision Support Framework for Timely Notifications, Secure and adaptive multi-sensorial network and fog computing framework, Blockchain-enabled ecosystem for securing data exchange, Intelligent Marketplace for AI sharing and scrap re-use, Digital Twin for Simulation and Forecasting, Embedded Cybersecurity for IoT services, On-the-fly reconfiguration of production equipment allows businesses to reconsider quality management to eliminate faults, increase productivity, and reduce scrap. The OPTIMAI exploitation strategy has been drafted and it consists of three phases: Initial Phase, Mid Phase and Final Phase where different activities are carried out. The aim of the Initial phase (M1 to M12), reported in this deliverable, is to have an initial results' definition for OPTIMAI and the setup of the structures to be used during the project lifecycle. In this phase, also each partner's Individual Exploitation commitments and intentions are drafted, and a first analysis of the joint exploitation strategies is being presented. The next steps, leveraging on the outcomes of the preliminary market analysis, will be to update the Key Exploitable Results with a focus on their market value and business potential and to consolidate the IPR Assessment and set up a concrete Exploitation Plan. The result of the next period of activities will be reported in D8.7 OPTIMAI commercialization and exploitation strategy - 2nd version due at month 18 (June 2022

A review on the mobile applications developed for COVID-19: An exploratory analysis

The objective of this research is to explore the existing mobile applications developed for the COVID-19 pandemic. To obtain this research objective, firstly the related applications were selected through the systematic search technique in the popular application stores. Secondly, data related to the app objectives, functionalities provided by the app, user ratings, and user reviews were extracted. Thirdly, the extracted data were analyzed through the affinity diagram, noticing-collecting-thinking, and descriptive analysis. As outcomes, the review provides a state-of-the-art view of mobile apps developed for COVID-19 by revealing nine functionalities or features. It revealed ten factors related to information systems design characteristics that can guide future app design. The review outcome highlights the need for new development and further refinement of the existing applications considering not only the revealed objectives and their associated functionalities, but also revealed design characteristics such as reliability, performance, usefulness, supportive, security, privacy, flexibility, responsiveness, ease of use, and cultural sensitivity.Comment: 11 pages, 3 figures, 4 table

Blockchain’s roles in strengthening cybersecurity and protecting privacy

This paper evaluates blockchain's roles in strengthening cybersecurity and protecting privacy. Since most of the data is currently stored in cloud data centers, it also compares how blockchain performs vis-vis the cloud in various aspects of security and privacy. Key underlying mechanisms related to the blockchain's impacts on the Internet of Things (IoT) security are also covered. From the security and privacy considerations, it highlights how blockchain-based solutions could possibly be, in many aspects, superior to the current IoT ecosystem, which mainly relies on centralized cloud servers through service providers. Using practical applications and real-world examples, the paper argues that blockchain's decentralized feature is likely to result in a low susceptibility to manipulation and forgery by malicious participants. Special consideration is also given to how blockchain-based identity and access management systems can address some of the key challenges associated with IoT security. The paper provides a detailed analysis and description of blockchain's roles in tracking the sources of insecurity in supply chains related to IoT devices. The paper also delves into how blockchain can make it possible to contain an IoT security breach in a targeted way after it is discovered. It discusses and evaluates initiatives of organizations, inter-organizational networks and industries on this front. A number of policy implications are discussed. First, in order to strengthen IoT, regulators can make it obligatory for firms to deploy blockchain in supply chain, especially in systems that are mission critical, and have substantial national security and economic benefits. Second, public policy efforts directed at protecting privacy using blockchain should focus on providing training to key stakeholders and increasing investment in this technology. Third, one way to enrich the blockchain ecosystem would be to turn attention to public–private partnerships. Finally, national governments should provide legal clarity and more information for parties to engage in smart contracts that are enforceable