The RFID PIA – developed by industry, agreed by regulators

This chapter discusses the privacy impact assessment (PIA) framework endorsed by the European Commission on February 11th, 2011. This PIA, the first to receive the Commission's endorsement, was developed to deal with privacy challenges associated with the deployment of radio frequency identification (RFID) technology, a key building block of the Internet of Things. The goal of this chapter is to present the methodology and key constructs of the RFID PIA Framework in more detail than was possible in the official text. RFID operators can use this article as a support document when they conduct PIAs and need to interpret the PIA Framework. The chapter begins with a history of why and how the PIA Framework for RFID came about. It then proceeds with a description of the endorsed PIA process for RFID applications and explains in detail how this process is supposed to function. It provides examples discussed during the development of the PIA Framework. These examples reflect the rationale behind and evolution of the text's methods and definitions. The chapter also provides insight into the stakeholder debates and compromises that have important implications for PIAs in general.Series: Working Papers on Information Systems, Information Business and Operation

Human Values as the Basis for Sustainable Information System Design

Information systems (IS) play an increasing role for individual well-being [3], for the environment [4], and for society at large [5]. Considering sustainability in IS development is therefore becoming paramount. However, companies today associate sustainability with extra cost and burden on their operations. As a result, many view sustainability more as a demand and a challenge rather than an opportunity. In this article, we argue that companies should rethink this attitude, as both sustainability and a business model can be understood as deeply rooted in human values

IEEE P7000? The First Global Standard Process for Addressing Ethical Concerns in System Design

This keynote will give an introduction to IEEE P7000, the first standard IEEE is ever going to publish on ethical issues in system design. As co-chair of IEEE P7000 I am going to inform the audience about what this standard will be all about. In a nutshell: engineers, technologists and other project stakeholders need a methodology for identifying, analyzing and reconciling ethical concerns of end users at the beginning of systems and software life cycles. The purpose of IEEE P7000 is to enable the pragmatic application of this type of Value-Based System Design methodology which demonstrates that conceptual analysis of values and an extensive feasibility analysis can help to refine ethical system requirements in systems and software life cycles. It will provide engineers and technologists with an implementable process aligning innovation management processes, IS system design approaches and software engineering methods to minimize ethical risk for their organizations, stakeholders and end users. In the course of the keynote I will also show how relevant values and system design ideas can be gained from using utilitarianism, deontological ethics and virtue ethics

The Challenges of Privacy by Design

Heralded by regulators, Privacy by Design holds the promise to solve the digital world's privacy problems. But there are immense challenges, including management commitment and step-by-step methods to integrate privacy into systems

Personenbezogene Daten privatwirtschaftlich nachhaltig nutzen. Regulatorische und technische Zukunftskonzepte

Zunehmende wirtschaftliche Vernetzung und Lobbyismus fordern die Sicherstellung von informierter Zustimmung, Transparenz und Verantwortlichkeit in der privatwirtschaftlichen Verwendung personenbezogener Daten heraus. Unser neues Modell verbindet durch das Zusammenspiel regulatorischer und technischer Datenschutzkonzepte mehr Sicherheit und Selbstbestimmung mit verstärkten Innovationsmöglichkeiten

CONCEPTUALIZING CONTEXT FOR ADAPTIVE PERVASIVE COMMERCE

In retail, demographics are currently regarded as the most convenient base for successful personalized marketing. However, signs point to the dormant power of context recognition. While technologies that can sense the environment are advanced, questions such as what to sense and how to adapt context are largely unanswered. In this paper, we analyze the purchase context of a retail outlet and suggest a context model for adaptive pervasive commerce. Furthermore, we introduce one approach how to conceptualize context that may be applied to conceptualize context for adaptive pervasive advertising applications so that they really deliver on their potential: showing the right message to the right recipient at the right time

Value-based Engineering with IEEE 7000TM

Digital ethics is being discussed worldwide as a necessity to create more reliable IT systems. This discussion, fueled by the fear of uncontrollable artificial intelligence (AI) has moved many institutions and scientists to demand a value-based system engineering. This article presents how organizations can build responsible and ethically founded systems with the 'Value-based Engineering' (VBE) approach that was standardized in the IEEE 7000TM standard. VBE is a transparent, clearly-structured, step-by-step methodology combining innovation management, risk management, system and software engineering in one process framework. It embeds a robust value ontology and terminology. It has been tested in various case studies. This article introduces readers to the most important steps and contributions of the approach.Comment: Value-based Engineering, Value Sensitive Design, Ethics, Ethical Engineering, Machine Ethics, Privac

Personal Information Markets AND Privacy: A New Model to Solve the Controversy

From the early days of the information economy, personal data has been its most valuable asset. Despite data protection laws, companies trade personal information and often intrude on the privacy of individuals. As a result, consumers feel out of control and lose trust in electronic environments. Technologists and regulators are struggling to develop solutions that meet businesses’ demand for more personal information while maintaining privacy. However, no promising proposals seem to be in sight. We propose a 3-tier personal information market model with privacy. In our model, clear roles, rights and obligations for all actors re-establish trust. The ‘relationship space’ enables data subjects and visible business partners to build trusting relationships. The ‘service space’ supports customer relationships with distributed information processing. The ‘rich information space’ enables anonymized information exchange. To transition to this model, we show how existing privacy-enhancing technologies and legal requirements can be integrated