Analytic surveillance: Big data business models in the time of privacy awareness

 Massive data collection and analysis is at the heart of many business models today. New technologies allow for fine-grained recommendation systems that help companies make accurate market predictions while also providing clients with highly personalized services. Because of this, extreme care must be taken when it comes to storing and managing personal (often highly sensitive) information. In this paper we focus on the influence of big data management in media business content platforms, mainly in well-known OTT (Over the Top) services. In addition, we comment on the implications of data management in social networks. We discuss the privacy and security risks associated with this novel scenario, and briefly comment on tools that aid in securing the privacy of business intelligence within this context

Democratizing algorithmic news recommenders: how to materialize voice in a technologically saturated media ecosystem

The deployment of various forms of AI, most notably of machine learning algorithms, radically transforms many domains of social life. In this paper we focus on the news industry, where different algorithms are used to customize news offerings to increasingly specific audience preferences. While this personalization of news enables media organizations to be more receptive to their audience, it can be questioned whether current deployments of algorithmic news recommenders (ANR) live up to their emancipatory promise. Like in various other domains, people have little knowledge of what personal data is used and how such algorithmic curation comes about, let alone that they have any concrete ways to influence these data-driven processes. Instead of going down the intricate avenue of trying to make ANR more transparent, we explore in this article ways to give people more influence over the information news recommendation algorithms provide by thinking about and enabling possibilities to express voice. After differentiating four ideal typical modalities of expressing voice (alternation, awareness, adjustment and obfuscation) which are illustrated with currently existing empirical examples, we present and argue for algorithmic recommender personae as a way for people to take more control over the algorithms that curate people's news provision

Proposta de uma taxonomia de requisitos de privacidade baseada na LGPD e ISO/IEC 29100 : aplicação prática no Open Banking Brasil

Dissertação (mestrado) — Universidade de Brasília, Faculdade de Tecnologia, Departamento de Engenharia Elétrica, 2022.Contexto: A preocupação com a privacidade de dados é algo que vem se destacando ao longo dos anos no mundo. No Brasil a Lei Geral de Proteção de Dados (LGPD) [42] foi publicada em agosto de 2018 e entrou em vigor dois anos após a sua publicação. Porém, algumas dificuldades ainda são enfrentadas pelas equipes de desenvolvimento na adequação dos mecanismos tecnológicos por parte das organizações que ainda estão em processo inicial de conformidade à LGPD [56]. Objetivo: Este trabalho propõe uma taxonomia de requisitos de privacidade baseada na LGPD e na ISO/IEC 29100 com o objetivo de apoiar as equipes de desenvolvimento de software no alcance da conformidade com os princípios da LGPD. Método: Foi realizada uma revisão sistemática de literatura (RSL) para identificar as taxonomias de privacidade de dados existentes na literatura com o objetivo de apoiar a elaboração da taxonomia proposta neste trabalho e a sua aplicação no projeto do Open Banking Brasil (OPB). Esse projeto é adequado pois compartilha os dados dos seus clientes a partir de seu consentimento, que está fundamentado na LGPD, tornando-se um projeto interessante para avaliação da aderência à legislação. A aplicação prática da taxonomia proposta foi realizada no processo de solicitação de consentimento e nos termos e condições de três bancos brasileiros a partir da aplicação da taxonomia proposta através de um formulário. Resultado: A RSL identificou 10 estudos primários, mas nenhum deles propuseram uma taxonomia de requisitos de privacidade no contexto da LGPD. A taxonomia proposta gerou 129 requisitos, divididos em 10 categorias e 5 contextos. A aplicação prática da taxonomia resultou em um percentual satisfatório de aderência aos requisitos de privacidade. Conclusão: Portanto, a aplicação da taxonomia em um contexto real demonstrou que a taxonomia pode apoiar as equipes de desenvolvimento de software na busca pela adequação à LGPD dos requisitos de privacidade especificados pelas equipes de desenvolvimento.Coordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES).Context: The concerning about data privacy has been highlighted over the years on the world. In Brazil the General Data Protection Law (LGPD) [42] was published in August 2018 and entered into force two years after its publication. However, some primor difficulties are still faced into the institution by the praticioners in the process of complying to LGPD [56] yet. Goal: This work proposes a taxonomy of privacy requirements based on LGPD and ISO/IEC 29100 in order to support software development teams in achieving compliance with LGPD principles. Method: A Systematic Literature Review (SLR) was carried out to identify existing data privacy taxonomies in the literature in order to support the elaboration of the taxonomy proposed in this work and its application in the Open Banking Brazil project (OPB). This project is suitable as it shares its customers’ data based on their consent, which is based on LGPD, making it an interesting project to assess compliance with the legislation. The practical application of the proposed taxonomy was carried out in the consent request process and in the terms and conditions of three Brazilian banks from the application of the proposed taxonomy through a form. Result: The SLR identified 10 primary studies, but none of them proposed a taxonomy of privacy requirements in the context of LGPD. The proposed taxonomy generated 129 requirements, divided into 10 categories and 5 contexts. The practical application of the taxonomy resulted in a satisfactory percentage of adherence to privacy requirements. Conclusion: Therefore, the application of the taxonomy in a real context demonstrated that the taxonomy can support software development teams in the search for compliance with LGPD of the privacy requirements specified by the development teams