A Risk Management Process for Consumers

Simply by using information technology, consumers expose themselves to considerable security risks. Because no technical or legal solutions are readily available, the only remedy is to develop a risk management process for consumers, similar to the process executed by enterprises. Consumers need to consider the risks in a structured way, and take action, not once, but iteratively. Such a process is feasible: enterprises already execute such processes, and time-saving tools can support the consumer in her own process. In fact, given our society's emphasis on individual responsibilities, skills and devices, a risk management process for consumers is the logical next step in improving information security

A National Dialogue on Health Information Technology and Privacy

Increasingly, government leaders recognize that solving the complex problems facing America today will require more than simply keeping citizens informed. Meeting challenges like rising health care costs, climate change and energy independence requires increased level of collaboration. Traditionally, government agencies have operated in silos -- separated not only from citizens, but from each other, as well. Nevertheless, some have begun to reach across and outside of government to access the collective brainpower of organizations, stakeholders and individuals.The National Dialogue on Health Information Technology and Privacy was one such initiative. It was conceived by leaders in government who sought to demonstrate that it is not only possible, but beneficial and economical, to engage openly and broadly on an issue that is both national in scope and deeply relevant to the everyday lives of citizens. The results of this first-of-its-kind online event are captured in this report, together with important lessons learned along the way.This report served as a call to action. On his first full day in office, President Obama put government on notice that this new, more collaborative model can no longer be confined to the efforts of early adopters. He called upon every executive department and agency to "harness new technology" and make government "transparent, participatory, and collaborative." Government is quickly transitioning to a new generation of managers and leaders, for whom online collaboration is not a new frontier but a fact of everyday life. We owe it to them -- and the citizens we serve -- to recognize and embrace the myriad tools available to fulfill the promise of good government in the 21st Century.Key FindingsThe Panel recommended that the Administration give stakeholders the opportunity to further participate in the discussion of heath IT and privacy through broader outreach and by helping the public to understand the value of a person-centered view of healthcare information technology

Human-agent collectives

We live in a world where a host of computer systems, distributed throughout our physical and information environments, are increasingly implicated in our everyday actions. Computer technologies impact all aspects of our lives and our relationship with the digital has fundamentally altered as computers have moved out of the workplace and away from the desktop. Networked computers, tablets, phones and personal devices are now commonplace, as are an increasingly diverse set of digital devices built into the world around us. Data and information is generated at unprecedented speeds and volumes from an increasingly diverse range of sources. It is then combined in unforeseen ways, limited only by human imagination. People’s activities and collaborations are becoming ever more dependent upon and intertwined with this ubiquitous information substrate. As these trends continue apace, it is becoming apparent that many endeavours involve the symbiotic interleaving of humans and computers. Moreover, the emergence of these close-knit partnerships is inducing profound change. Rather than issuing instructions to passive machines that wait until they are asked before doing anything, we will work in tandem with highly inter-connected computational components that act autonomously and intelligently (aka agents). As a consequence, greater attention needs to be given to the balance of control between people and machines. In many situations, humans will be in charge and agents will predominantly act in a supporting role. In other cases, however, the agents will be in control and humans will play the supporting role. We term this emerging class of systems human-agent collectives (HACs) to reflect the close partnership and the flexible social interactions between the humans and the computers. As well as exhibiting increased autonomy, such systems will be inherently open and social. This means the participants will need to continually and flexibly establish and manage a range of social relationships. Thus, depending on the task at hand, different constellations of people, resources, and information will need to come together, operate in a coordinated fashion, and then disband. The openness and presence of many distinct stakeholders means participation will be motivated by a broad range of incentives rather than diktat. This article outlines the key research challenges involved in developing a comprehensive understanding of HACs. To illuminate this agenda, a nascent application in the domain of disaster response is presented

A Blockchain-based Approach for Data Accountability and Provenance Tracking

The recent approval of the General Data Protection Regulation (GDPR) imposes new data protection requirements on data controllers and processors with respect to the processing of European Union (EU) residents' data. These requirements consist of a single set of rules that have binding legal status and should be enforced in all EU member states. In light of these requirements, we propose in this paper the use of a blockchain-based approach to support data accountability and provenance tracking. Our approach relies on the use of publicly auditable contracts deployed in a blockchain that increase the transparency with respect to the access and usage of data. We identify and discuss three different models for our approach with different granularity and scalability requirements where contracts can be used to encode data usage policies and provenance tracking information in a privacy-friendly way. From these three models we designed, implemented, and evaluated a model where contracts are deployed by data subjects for each data controller, and a model where subjects join contracts deployed by data controllers in case they accept the data handling conditions. Our implementations show in practice the feasibility and limitations of contracts for the purposes identified in this paper