Privacy-by-Design Framework for Assessing Internet of Things Applications and Platforms

Internet of Things (IoT) systems are designed and developed either as standalone applications from the ground-up or with the help of IoT middleware platforms. They are designed to support different kinds of scenarios, such as smart homes and smart cities. Thus far, privacy concerns have not been explicitly considered by IoT ap- plications and middleware platforms. This is partly due to the lack of systematic methods for designing privacy that can guide the software development process in IoT. In this paper, we propose a set of guidelines, a privacy- by-design framework, that can be used to assess privacy capabilities and gaps of existing IoT applications as well as middleware platforms. We have evaluated two open source IoT middleware platforms, namely OpenIoT and Eclipse SmartHome, to demonstrate how our framework can be used in this way

Designing a Serious Game: Teaching Developers to Embed Privacy into Software Systems

Software applications continue to challenge user privacy when users interact with them. Privacy practices (e.g. Data Minimisation (DM), Privacy by Design (PbD) or General Data Protection Regulation (GDPR)) and related "privacy engineering" methodologies exist and provide clear instructions for developers to implement privacy into software systems they develop that preserve user privacy. However, those practices and methodologies are not yet a common practice in the software development community. There has been no previous research focused on developing "educational" interventions such as serious games to enhance software developers' coding behaviour. Therefore, this research proposes a game design framework as an educational tool for software developers to improve (secure) coding behaviour, so they can develop privacy-preserving software applications that people can use. The elements of the proposed framework were incorporated into a gaming application scenario that enhances the software developers' coding behaviour through their motivation. The proposed work not only enables the development of privacy-preserving software systems but also helping the software development community to put privacy guidelines and engineering methodologies into practice.Comment:

La nueva generación de privacidad práctica: una evolución

¿Debe sacrificarse necesariamente la privacidad en aras de una mayor seguridad y eficiencia? La autora argumenta que la mejor forma de combatir las amenazas a la privacidad en la actualidad es mediante medidas prácticas y comunes que ofrecen beneficios demostrables, como: adoptar normas de privacidad globales, desarrollar la privacidad en sistemas y tecnologías de la información y permitir a los interesados tomar decisiones mejor informadas mediante el uso de notificaciones cortas coherentes. Para ello, ilustra su argumento con ejemplos de trabajos recientes de su organismo

The Case for a U.S. Privacy Commissioner: A Canadian Commissioner’s Perspective, 19 J. Marshall J. Computer & Info. L. 1 (2000)

The demands of social democratic government, the growth of electronic commerce, and the advance of technology have fueled the debate over internet privacy. Technology offers unprecedented opportunities but can also become tools of abuse. Debate in the United States centers around the conflicting interests of industry self-control versus government regulation. Technological and market-based solutions are ineffective because they lead to inadequate and inconsistent protection. Many user-driven privacy choices can impede the growth of consumer trust. Voluntarily adopted privacy policies are either extremely limited or easily circumvented with tracking technology that allows no consumer control over the collection of their personal data. Incompatible national standards can disrupt data flow. The United States could address these concerns by shifting away from its industry and state-based regulatory model to one based on fair information practices, with oversight assigned to a single agency controlled by a U.S. Privacy Commissioner who could work with international officials to resolve complex privacy issues

Bracing for Impact - The AI Challenge - Cybersecurity and International Risks in the AI Era

Bracing for Impact: The Artificial Intelligence Challenge (A Roadmap for AI Governance in Canada) Conference organized by IP Osgoode in collaboration with Aviv Gaon, Ian Stedman and the Zvi Meitar Institute for Legal Implications of Emerging Technologies at IDC Herzliya. Cybersecurity and International Risks in the AI Era Cybersecurity is quickly emerging as a crucial component of every nation\u27s security efforts. Recent events around the world have proven the importance of developing the tools needed to face this challenge. AI poses both a risk and opportunity. This Panel will explore the possible changes in mod- ern cybersecurity warfare in the AI era. In doing so, it will bring to the table several experts in the field in an effort to shape a better government cybersecurity policy for the next generation. SESSION CHAIR:Matthew Castel Partner, Orion Legal Group and Logos LP PANELLISTS:Roy Keidar Special Counsel, Yigal Arnon & Co. Law Firm, formerly Israeli NSA Legal Advisor Ann Cavoukian Distinguished Expert-in-Residence, Privacy by Design Centre of Excellence, at Ryerson University Victor Garcia Managing Director & CEO, ABCLive Corporatio