A Decentralised Digital Identity Architecture

Current architectures to validate, certify, and manage identity are based on centralised, top-down approaches that rely on trusted authorities and third-party operators. We approach the problem of digital identity starting from a human rights perspective, with a primary focus on identity systems in the developed world. We assert that individual persons must be allowed to manage their personal information in a multitude of different ways in different contexts and that to do so, each individual must be able to create multiple unrelated identities. Therefore, we first define a set of fundamental constraints that digital identity systems must satisfy to preserve and promote privacy as required for individual autonomy. With these constraints in mind, we then propose a decentralised, standards-based approach, using a combination of distributed ledger technology and thoughtful regulation, to facilitate many-to-many relationships among providers of key services. Our proposal for digital identity differs from others in its approach to trust in that we do not seek to bind credentials to each other or to a mutually trusted authority to achieve strong non-transferability. Because the system does not implicitly encourage its users to maintain a single aggregated identity that can potentially be constrained or reconstructed against their interests, individuals and organisations are free to embrace the system and share in its benefits.Comment: 30 pages, 10 figures, 3 table

The control over personal data: True remedy or fairy tale ?

This research report undertakes an interdisciplinary review of the concept of "control" (i.e. the idea that people should have greater "control" over their data), proposing an analysis of this con-cept in the field of law and computer science. Despite the omnipresence of the notion of control in the EU policy documents, scholarly literature and in the press, the very meaning of this concept remains surprisingly vague and under-studied in the face of contemporary socio-technical environments and practices. Beyond the current fashionable rhetoric of empowerment of the data subject, this report attempts to reorient the scholarly debates towards a more comprehensive and refined understanding of the concept of control by questioning its legal and technical implications on data subject\^as agency

Local Government Policy and Planning for Unmanned Aerial Systems

This research identifies key state and local government stakeholders in California for drone policy creation and implementation, and describes their perceptions and understanding of drone policy. The investigation assessed stakeholders’ positions, interests, and influence on issues, with the goal of providing potential policy input to achieve successful drone integration in urban environments and within the national airspace of the United States. The research examined regulatory priorities through the use of a two-tiered Stakeholder Analysis Process. The first tier consisted of a detailed survey sent out to over 450 local agencies and jurisdictions in California. The second tier consisted of an in-person focus group to discuss survey results as well as to gain deeper insights into local policymakers’ current concerns. Results from the two tiers of analysis, as well as recommendations, are provided here

Time Enough - Consequences of Human Microchip Implantation

Dr. Ramesh argues that microchip implantation is both possible and, for some purposes, desirable and suggests that now is the time to consider strategies for preventing potentially grievous intrusion into personal privacy

Medical data processing and analysis for remote health and activities monitoring

Recent developments in sensor technology, wearable computing, Internet of Things (IoT), and wireless communication have given rise to research in ubiquitous healthcare and remote monitoring of human\u2019s health and activities. Health monitoring systems involve processing and analysis of data retrieved from smartphones, smart watches, smart bracelets, as well as various sensors and wearable devices. Such systems enable continuous monitoring of patients psychological and health conditions by sensing and transmitting measurements such as heart rate, electrocardiogram, body temperature, respiratory rate, chest sounds, or blood pressure. Pervasive healthcare, as a relevant application domain in this context, aims at revolutionizing the delivery of medical services through a medical assistive environment and facilitates the independent living of patients. In this chapter, we discuss (1) data collection, fusion, ownership and privacy issues; (2) models, technologies and solutions for medical data processing and analysis; (3) big medical data analytics for remote health monitoring; (4) research challenges and opportunities in medical data analytics; (5) examples of case studies and practical solutions

Digital contact tracing and data protection: assessing the French and Portuguese applications

The rapid outbreak of COVID-19 has necessitated a global response to manage the transmission, spread, and impact of the virus. Many countries started developing digital contact tracing applications to contribute to the process of lifting the restrictions imposed on its citizens. Generally, the protection of personal data is a right that appears in constitutional and legal provisions, and its processing can only be performed under very restricted circumstances, the protection of health being a valid justification. This article focusses on the systems developed as digital contact tracing tools in France (StopCovid) and in Portugal (STAYAWAY COVID), presenting their characteristics and the most relevant aspects concerning the processing of personal data. The most relevant positive characteristics of these systems are their voluntary adoption, their developers’ concern with the people’s security and privacy, and the transparency of their functioning. With the negative characteristics, the most relevant are the restricted interoperability with the systems from other EU countries, and the permanent risk to people’s privacy of collecting lists of contacts and the circumstances of their interactions with other users of the systems