Supporting Privacy by Design using Privacy Process Patterns

Advances in Information and Communication Technology (ICT) have had significant impact on every-day life and have allowed us to share, store and manipulate information easily and at any time. On the other hand, such situation also raises important privacy concerns. To deal with such concerns, the literature has identified the need to introduce a Privacy by Design (PbD) approach to support the elicitation and analysis of privacy requirements and their implementation through appropriate Privacy Enhancing Technologies. However, and despite all the work presented in the literature, there is still a gap between privacy design and implementation. This paper presents a set of Privacy Process Patterns that can be used to bridge that gap. To demonstrate the practical application of such patterns, we instantiate them in JavaScript Object Notation (JSON), we use them in conjunction with the Privacy Safeguard (PriS) methodology and we apply them to a real case study

Analysing the Design of Privacy-Preserving Data-Sharing Architecture

Privacy has become an essential software quality to consider in a software system. Privacy practices should be adopted from the early stages of the system design to safeguard personal data from privacy violations. Privacy patterns are proposed in industry and academia as reusable design solutions to address different privacy issues. However, the diverse types and granularity of the patterns lead to difficulty for the practitioner to select and adopt them in the architecture. First, the fragmented information about the system actors in the patterns does not align with the regulatory entities and interactions between them. Second, these privacy patterns lack architectural perspectives that could help weave patterns into concrete software designs. Third, the consequences of applying the patterns have not covered the impacts on software quality attributes. This thesis aims to provide guidance to software architects and practitioners for considering and applying privacy patterns in their design, by adding new perspectives to the existing patterns. First, the research provides an analysis of the relationships between regulatory entities and their responsibility in adopting the patterns in a software design. Then, the research reports studies that were conducted using architectural-level modelling-based approaches, to analyse the architectural views of privacy patterns. The analyses aim to improve understanding of how privacy patterns are applied in software designs and how such a design affects software quality attributes, including privacy, performance, and modifiability. Finally, in an effort to harmonise and unite the extended view of privacy patterns that have a close relation to system architecture, this research proposes an enhanced pattern catalogue and a systematic privacy-by-design (PbD) pattern-selection model that aims to aid and guide software architects in pattern selection during software design. The enhanced pattern catalogue offers consolidated information on the extended view of privacy patterns. The selection model provides a structured way for the practitioner to know when and how to use the pattern catalogue in the system-design process. Two industry case studies are used to evaluate the proposed pattern catalogue and selection model. The findings demonstrate how the proposed frameworks are applicable to different types of data-sharing software systems and their usability in supporting pattern selection decisions in the privacy design

A Human-centric Perspective on Digital Consenting: The Case of GAFAM

According to different legal frameworks such as the European General Data Protection Regulation (GDPR), an end-user's consent constitutes one of the well-known legal bases for personal data processing. However, research has indicated that the majority of end-users have difficulty in understanding what they are consenting to in the digital world. Moreover, it has been demonstrated that marginalized people are confronted with even more difficulties when dealing with their own digital privacy. In this research, we use an enactivist perspective from cognitive science to develop a basic human-centric framework for digital consenting. We argue that the action of consenting is a sociocognitive action and includes cognitive, collective, and contextual aspects. Based on the developed theoretical framework, we present our qualitative evaluation of the consent-obtaining mechanisms implemented and used by the five big tech companies, i.e. Google, Amazon, Facebook, Apple, and Microsoft (GAFAM). The evaluation shows that these companies have failed in their efforts to empower end-users by considering the human-centric aspects of the action of consenting. We use this approach to argue that their consent-obtaining mechanisms violate principles of fairness, accountability and transparency. We then suggest that our approach may raise doubts about the lawfulness of the obtained consent—particularly considering the basic requirements of lawful consent within the legal framework of the GDPR

End-to-End Privacy for Open Big Data Markets

The idea of an open data market envisions the creation of a data trading model to facilitate exchange of data between different parties in the Internet of Things (IoT) domain. The data collected by IoT products and solutions are expected to be traded in these markets. Data owners will collect data using IoT products and solutions. Data consumers who are interested will negotiate with the data owners to get access to such data. Data captured by IoT products will allow data consumers to further understand the preferences and behaviours of data owners and to generate additional business value using different techniques ranging from waste reduction to personalized service offerings. In open data markets, data consumers will be able to give back part of the additional value generated to the data owners. However, privacy becomes a significant issue when data that can be used to derive extremely personal information is being traded. This paper discusses why privacy matters in the IoT domain in general and especially in open data markets and surveys existing privacy-preserving strategies and design techniques that can be used to facilitate end to end privacy for open data markets. We also highlight some of the major research challenges that need to be address in order to make the vision of open data markets a reality through ensuring the privacy of stakeholders.Comment: Accepted to be published in IEEE Cloud Computing Magazine: Special Issue Cloud Computing and the La

Culture-based artefacts to inform ICT design: foundations and practice

Cultural aspects frame our perception of the world and direct the many different ways people interact with things in it. For this reason, these aspects should be considered when designing technology with the purpose to positively impact people in a community. In this paper, we revisit the foundations of culture aiming to bring this concept in dialogue with design. To inform design with cultural aspects, we model reality in three levels of formality: informal, formal, and technical, and subscribe to a systemic vision that considers the technical solution as part of a more complex social system in which people live and interact. In this paper, we instantiate this theoretical and methodological view by presenting two case studies of technology design in which culture-based artefacts were employed to inform the design process. We claim that as important as including issues related to culture in the ICT design agenda—from the conception to the development, evaluation, and adoption of a technology—is the need to support the design process with adequate artefacts that help identifying cultural aspects within communities and translating them into sociotechnical requirements. We argue that a culturally informed perspective on design can go beyond an informative analysis, and can be integrated with the theoretical and methodological framework used to support design, throughout the entire design process

The Internet-of-Things Meets Business Process Management: Mutual Benefits and Challenges

The Internet of Things (IoT) refers to a network of connected devices collecting and exchanging data over the Internet. These things can be artificial or natural, and interact as autonomous agents forming a complex system. In turn, Business Process Management (BPM) was established to analyze, discover, design, implement, execute, monitor and evolve collaborative business processes within and across organizations. While the IoT and BPM have been regarded as separate topics in research and practice, we strongly believe that the management of IoT applications will strongly benefit from BPM concepts, methods and technologies on the one hand; on the other one, the IoT poses challenges that will require enhancements and extensions of the current state-of-the-art in the BPM field. In this paper, we question to what extent these two paradigms can be combined and we discuss the emerging challenges

Advanced Cloud Privacy Threat Modeling

Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system . This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. We believe that the extended methodology facilitates the application of a privacy-preserving cloud software development approach from requirements engineering to design

Interpretable Machine Learning for Privacy-Preserving Pervasive Systems

Our everyday interactions with pervasive systems generate traces that capture various aspects of human behavior and enable machine learning algorithms to extract latent information about users. In this paper, we propose a machine learning interpretability framework that enables users to understand how these generated traces violate their privacy

Fall Prediction and Prevention Systems: Recent Trends, Challenges, and Future Research Directions.

Fall prediction is a multifaceted problem that involves complex interactions between physiological, behavioral, and environmental factors. Existing fall detection and prediction systems mainly focus on physiological factors such as gait, vision, and cognition, and do not address the multifactorial nature of falls. In addition, these systems lack efficient user interfaces and feedback for preventing future falls. Recent advances in internet of things (IoT) and mobile technologies offer ample opportunities for integrating contextual information about patient behavior and environment along with physiological health data for predicting falls. This article reviews the state-of-the-art in fall detection and prediction systems. It also describes the challenges, limitations, and future directions in the design and implementation of effective fall prediction and prevention systems