Minimum Viable Accelerator: Planning, Starting and Improving Startup Accelerator Programs under a Lean Approach

Startup accelerators positively influence their surrounding entrepreneurial ecosystem. This paper establishes a theoretical framework for a Minimum Viable Accelerator (MVA), a first-time accelerator program following lean principles. The MVA aims to improve the establishment and performance of accelerator programs. The resulting framework comprises six different stages, namely preparation, awareness, application, program, demo day and post demo day. The MVA framework focuses on improving validated learning through the implementation of Ries’ (2011) BML loop and the principle of structural questions. Simultaneously, MVAs reduce the amount of resources expended for setting up new programs through the involvement of the accelerator’s stakeholders

Polar Coding for Achieving the Capacity of Marginal Channels in Nonbinary-Input Setting

Achieving information-theoretic security using explicit coding scheme in which unlimited computational power for eavesdropper is assumed, is one of the main topics is security consideration. It is shown that polar codes are capacity achieving codes and have a low complexity in encoding and decoding. It has been proven that polar codes reach to secrecy capacity in the binary-input wiretap channels in symmetric settings for which the wiretapper's channel is degraded with respect to the main channel. The first task of this paper is to propose a coding scheme to achieve secrecy capacity in asymmetric nonbinary-input channels while keeping reliability and security conditions satisfied. Our assumption is that the wiretap channel is stochastically degraded with respect to the main channel and message distribution is unspecified. The main idea is to send information set over good channels for Bob and bad channels for Eve and send random symbols for channels that are good for both. In this scheme the frozen vector is defined over all possible choices using polar codes ensemble concept. We proved that there exists a frozen vector for which the coding scheme satisfies reliability and security conditions. It is further shown that uniform distribution of the message is the necessary condition for achieving secrecy capacity.Comment: Accepted to be published in "51th Conference on Information Sciences and Systems", Baltimore, Marylan

Rubinstein-Taybi Syndrome; A Case Report

ObjectiveRubinstein-Taybi Syndrome is a rare genetic disorder with characteristic featuresincluding downward slanting palpebral fissures, broad thumbs and halluces,and mental retardation. Systemic features may involve cardiac, auditory,ophthalmic, endocrine, nervous, renal and respiratory systems. This syndromeis sporadic in nature and has been linked to microdeletion at 16p 13.3 encodingCREB-binding protein gene (CREBBP). We report a 15-years-old girl, a knowncase of chronic renal failure, with downward slanting palpebral fissures towardthe ears, hypertelorism, short stature, beaked nose, micrognathia, strabismus,dental anomalies, large toes, broad thumbs, and mental retardation.Key words: Rubinstein-Taybi syndrome; chromosome 16p 13.3; mentalretardation; CBP gene.  

Collectively Exercizing the Right of Access: Individual Effort Societal Effect

The debate about how to govern personal data has intensified in recent years. The European Union’s General Data Protection Regulation, which comes into effect in 2018, relies on transparency mechanisms codified through obligations for organizations and citizen rights. While some of these rights have existed for decades, their effectiveness is rarely tested in practice. This paper reports on the exercise of the so-called right of access, which gives citizens the right to get access to their personal data. We study this by working with participants—citizens for whom the law is written—who collectively sent over a hundred data access requests and shared the responses with us. We analyze the replies to the access requests, as well as the participant's evaluation of them. We find that non-compliance with the law's obligations is widespread. Participants were critical of many responses, though they also reported a large variation in quality. They did not find them effective for getting transparency into the processing of their own personal data. We did find a way forward emerging from their responses, namely by looking at the requests as a collective endeavor, rather than an individual one. Comparing the responses to similar access requests creates a context to judge the quality of a reply and the lawfulness of the data practices it reveals. Moreover, collective use of the right of access can help shift the power imbalance between individual citizens and organizations in favor of the citizen, which may incentivize organizations to deal with data in a more transparent way

The GDPR’s Rules on Data Breaches: Analysing Their Rationales and Effects

The General Data Protection Regulation (GDPR) requires an organisation that suffers a data breach to notify the competent Data Protection Authority. The organisation must also inform the relevant individuals, when a data breach threatens their rights and freedoms. This paper focuses on the following question: given the goals of the GDPR’s data breach notification obligation, what are its strengths and weaknesses? We identify six goals of, or rationales for, the GDPR`s data breach notification obligation, and we assess the obligation in the light of those goals. We refer to insights from information security and economics, and present them in a reader-friendly way for lawyers. Our main conclusion is that the GDPR’s data breach rules are likely to contribute to the goals. For instance, the data breach notification obligation can nudge organisations towards better security; such an obligation enables regulators to perform their duties; and such an obligation improves transparency and accountability. However, the paper also warns that we should not have unrealistic expectations of the possibilities for people to protect their interests after a data breach notice. Likewise, we should not have high expectations of people switching to other service providers after receiving a data breach notification. Lastly, the paper calls for Data Protection Authorities to publish more information about reported data breaches. Such information can help to analyse security threats

Responsibility for Data Protection in a Networked World: On the Question of the Controller, Effective and Complete Protection and Its Application to Data Access Rights in Europe

This paper analyses the current system in Europe for determining who is (or better, are) responsible for observing data protection obligations in networked service settings. In doing so we address the following problems: (1) of ambiguity in applying the concept of data controller in networked settings; and (2) of insufficiencies in the framework for establishing the extent of the responsibilities in situations of joint control. We look at how the law and regulators address these problems and how the European Court of Justice tackles these problems by applying the principle of “effective and complete protection”. The issue of joint responsibility has gained particular relevance in the wake of Wirtschaftsakademie, a case recently decided by the European Court of Justice. In this case, a Facebook fan page administrator was found to be a joint-controller and therefore jointly responsible, together with Facebook, for observing data protection rules. Following this decision, there are many more situations of joint control than previously thought. As a consequence, part of the responsibility for compliance with data protection legislation and risk of enforcement measures are moved to those who integrate external services. This will change the incentive structure in such a way that joint-controllers will place a much higher value on data protection. To explore the practical implications of the legal framework, we analyse a number of examples taken from our earlier empirical work on the right of access to reflect on the newly emerging data responsibility infrastructure. We show that the coordination of responsibilities is complex in practice because many organisations do not have a clear overview of data flows, there are power imbalances between different actors, and personal data governance is often happening in separated specialised units

Measuring the Brussels Effect through Access Requests

The introduction of the GDPR reheated the ongoing debate about the extraterritorial effect of European data protection law. In this debate, Anu Bradford argued that European data protection law affects global markets through the so-called "Brussels Effect", according to which policies diffuse primarily through market mechanisms. Specifically, this phenomenon operates even when the laws of non-EU countries, which set the rules for companies operating in those markets, have not changed to adopt provisions which equal those of EU law. In this paper we investigate empirically whether the introduction of the GDPR has initiated a “Brussels Effect”, improving compliance with data protection law and exporting GDPR standards outside of Europe. By measuring compliance with the right of access for residents of the EU and Canada, we find that this is indeed the case. We suggest that the GDPR’s stronger enforcement provisions are the key driver of this effect, which allows the EU to de facto unilaterally affect companies' behavior globally