4,638 research outputs found
Enhancing Transparency and Consent in the IoT
International audienceThe development of the IoT raises specific questions in terms of privacy, especially with respect to information to users and consent. We argue that (1) all necessary information about collected data and the collecting devices should be communicated electronically to all data subjects in their range and (2) data subjects should be able to reply also electronically and express their own privacy choices. In this position paper, we take some examples of technologies and initiatives to illustrate our position (including direct and registry-based communications) and discuss them in the light of the GDPR and the WP29 recommendations
Designing the Health-related Internet of Things: Ethical Principles and Guidelines
The conjunction of wireless computing, ubiquitous Internet access, and the miniaturisation of sensors have opened the door for technological applications that can monitor health and well-being outside of formal healthcare systems. The health-related Internet of Things (H-IoT) increasingly plays a key role in health management by providing real-time tele-monitoring of patients, testing of treatments, actuation of medical devices, and fitness and well-being monitoring. Given its numerous applications and proposed benefits, adoption by medical and social care institutions and consumers may be rapid. However, a host of ethical concerns are also raised that must be addressed. The inherent sensitivity of health-related data being generated and latent risks of Internet-enabled devices pose serious challenges. Users, already in a vulnerable position as patients, face a seemingly impossible task to retain control over their data due to the scale, scope and complexity of systems that create, aggregate, and analyse personal health data. In response, the H-IoT must be designed to be technologically robust and scientifically reliable, while also remaining ethically responsible, trustworthy, and respectful of user rights and interests. To assist developers of the H-IoT, this paper describes nine principles and nine guidelines for ethical design of H-IoT devices and data protocols
Making GDPR Usable: A Model to Support Usability Evaluations of Privacy
We introduce a new model for evaluating privacy that builds on the criteria
proposed by the EuroPriSe certification scheme by adding usability criteria.
Our model is visually represented through a cube, called Usable Privacy Cube
(or UP Cube), where each of its three axes of variability captures,
respectively: rights of the data subjects, privacy principles, and usable
privacy criteria. We slightly reorganize the criteria of EuroPriSe to fit with
the UP Cube model, i.e., we show how EuroPriSe can be viewed as a combination
of only rights and principles, forming the two axes at the basis of our UP
Cube. In this way we also want to bring out two perspectives on privacy: that
of the data subjects and, respectively, that of the controllers/processors. We
define usable privacy criteria based on usability goals that we have extracted
from the whole text of the General Data Protection Regulation. The criteria are
designed to produce measurements of the level of usability with which the goals
are reached. Precisely, we measure effectiveness, efficiency, and satisfaction,
considering both the objective and the perceived usability outcomes, producing
measures of accuracy and completeness, of resource utilization (e.g., time,
effort, financial), and measures resulting from satisfaction scales. In the
long run, the UP Cube is meant to be the model behind a new certification
methodology capable of evaluating the usability of privacy, to the benefit of
common users. For industries, considering also the usability of privacy would
allow for greater business differentiation, beyond GDPR compliance.Comment: 41 pages, 2 figures, 1 table, and appendixe
Privacy matters:issues within mechatronics
As mechatronic devices and components become increasingly integrated with and within wider systems concepts such as Cyber-Physical Systems and the Internet of Things, designer engineers are faced with new sets of challenges in areas such as privacy. The paper looks at the current, and potential future, of privacy legislation, regulations and standards and considers how these are likely to impact on the way in which mechatronics is perceived and viewed. The emphasis is not therefore on technical issues, though these are brought into consideration where relevant, but on the soft, or human centred, issues associated with achieving user privacy
In Things We Trust? Towards trustability in the Internet of Things
This essay discusses the main privacy, security and trustability issues with
the Internet of Things
Dwarna : a blockchain solution for dynamic consent in biobanking
Dynamic consent aims to empower research partners and facilitate active participation in the research process. Used within
the context of biobanking, it gives individuals access to information and control to determine how and where their
biospecimens and data should be used. We present Dwarna—a web portal for ‘dynamic consent’ that acts as a hub
connecting the different stakeholders of the Malta Biobank: biobank managers, researchers, research partners, and the
general public. The portal stores research partners’ consent in a blockchain to create an immutable audit trail of research
partners’ consent changes. Dwarna’s structure also presents a solution to the European Union’s General Data Protection
Regulation’s right to erasure—a right that is seemingly incompatible with the blockchain model. Dwarna’s transparent
structure increases trustworthiness in the biobanking process by giving research partners more control over which research
studies they participate in, by facilitating the withdrawal of consent and by making it possible to request that the biospecimen
and associated data are destroyed.peer-reviewe
Visions and Challenges in Managing and Preserving Data to Measure Quality of Life
Health-related data analysis plays an important role in self-knowledge,
disease prevention, diagnosis, and quality of life assessment. With the advent
of data-driven solutions, a myriad of apps and Internet of Things (IoT) devices
(wearables, home-medical sensors, etc) facilitates data collection and provide
cloud storage with a central administration. More recently, blockchain and
other distributed ledgers became available as alternative storage options based
on decentralised organisation systems. We bring attention to the human data
bleeding problem and argue that neither centralised nor decentralised system
organisations are a magic bullet for data-driven innovation if individual,
community and societal values are ignored. The motivation for this position
paper is to elaborate on strategies to protect privacy as well as to encourage
data sharing and support open data without requiring a complex access protocol
for researchers. Our main contribution is to outline the design of a
self-regulated Open Health Archive (OHA) system with focus on quality of life
(QoL) data.Comment: DSS 2018: Data-Driven Self-Regulating System
Sensing the City : Designing for Privacy and Trust in the Internet of Things
Acknowledgments: The work described here was funded by the award made by the RCUK Digital Economy programme to the University of Aberdeen (EP/N028074/1).Peer reviewedPostprin
Security and privacy requirements engineering for human centric IoT systems using eFRIEND and Isabelle
In this paper, we combine a framework for ethical requirement elicitation eFRIEND with automated reasoning. To provide trustworthy and secure IoT for vulnerable users in healthcare scenarios, we need to apply ethics to arrive at suitable system requirements. In order to map those to technical system requirements, we employ high level logical modeling using dedicated Isabelle frameworks for (1) infrastructures with human actors and security policies, (2) attack tree analysis, and (3) security protocol analysis. Following this outline, we apply these frameworks to a case study for supporting Security and Privacy when diagnosing Alzheimer’s patients with smartphone and sensor technolog
- …