Data Protection

What is information? Information is a resource, regardless of its presentation perceived by the person and / or special devices as a reflection of the material world of the facts in communication process (GOST 7.0-99). There are 3 properties of information: integrity, availability and confidentiality

Towards Data Protection Compliance

Privacy and data protection are fundamental issues nowadays for every organization. This paper calls for the development of methods, techniques and infrastructure to allow the deployment of privacy-aware IT systems, in which humans are integral part of the organizational processes and accountable for their possible misconduct. In particular, we discuss the challenges to be addressed in order to improve organizations privacy practices, as well as the approach to ensure compliance with legal requirements and increasing efficiency

Data protection preliminary verification translation: Italy

Date of decision: 31 January 2013 Requested by Unicredit S.p.A. (Italy; data protection; preliminary verification; biometric data; advance electronic signature

Data protection: the future of privacy

The Art. 29 Working Party (hereinafter “Art. 29 WP”) is an influential body comprised of representatives from the Member State Data Protection Authorities2 established under the Data Protection Directive 95/46/EC, has recently issued an opinion with the Working Party on Police and Justice. This is quite significant, since the opinion sets out some of the issues that will need to be addressed in the lead up to the revision of the Data Protection Directive 95/46/EC.3 This comes at a time, when there have been discussions on the current application of the European Data Protection Directive to the internet,4 (such as social networking) and the recent European Commission’s consultation on the legal framework for the fundamental right to protection of personal data. Not least, there have been a number of cases brought before the European Court of Justice dealing with the partial implementation of the Data Protection Directive 95/46/EC.5. The aim of this paper is to consider in detail the issues set out by the Art. 29 WP and the likely challenges in revising the Data Protection Directive 95/46/EC

Homomorphic Data Isolation for Hardware Trojan Protection

The interest in homomorphic encryption/decryption is increasing due to its excellent security properties and operating facilities. It allows operating on data without revealing its content. In this work, we suggest using homomorphism for Hardware Trojan protection. We implement two partial homomorphic designs based on ElGamal encryption/decryption scheme. The first design is a multiplicative homomorphic, whereas the second one is an additive homomorphic. We implement the proposed designs on a low-cost Xilinx Spartan-6 FPGA. Area utilization, delay, and power consumption are reported for both designs. Furthermore, we introduce a dual-circuit design that combines the two earlier designs using resource sharing in order to have minimum area cost. Experimental results show that our dual-circuit design saves 35% of the logic resources compared to a regular design without resource sharing. The saving in power consumption is 20%, whereas the number of cycles needed remains almost the sam

Data protection preliminary verification translation: Italy

Requested by Fineco Bank S.p.A. (Italy; data protection; preliminary verification; biometric data; advance electronic signature

Data protection preliminary verification translation: Italy

Date of decision: 31 January 2013 Requested by IT Telecom s.r.l. and Cassa di Risparmio di Parma e Piacenza S.p.A. (Italy; data protection; preliminary verification; biometric data; advance electronic signature; need to amend contracts; consent

Translating proprietary protection setting data into standardized IEC 61850 format for protection setting validation

For smart grid development, one of the key expectations is that the data should be accessible to and readily interpreted by different applications. Presently, protection settings are represented using proprietary parameters and stored in various file formats. This makes it very difficult for computer applications to manipulate such data directly. This paper introduces a process that translates the proprietary protection setting data into IEC 61850 standardised format and saves the data as System Configuration description Language (SCL) files. A code generation process that allows rapid implementation of the translation process is proposed. Among various applications, the paper demonstrates how such a translation process and generated SCL files can facilitate the development of an intelligent system for protection setting error detection and validation

Cross-border data protection: Applicable law and territorial powers of national data protection supervisors

An analysis of the European Court of Justice preliminary ruling in Case C-230/14 Weltimmo s.r.o. v Nemzeti Adatvédelmi és Információszabadság Hatóság, on the interpretation of two important aspects of Directive 95/46/EC, namely, the applicable law, and territorial reach of national data protection authorities. The Court ruled that the data protection legislation of a member state may be applied by the national data protection authority to a foreign registered company which exercises, through stable arrangements, real and effective (albeit minimal) activity in that member state; a ruling that potentially increases compliance costs for entities operating across multiple European jurisdictions pending the introduction of the proposed General Data Protection Regulation