Privacy in the information society and the principle of necessity

Privacy is a concept that has evolved a lot in the past century: from the original right to seclusion and to one’s own self-determination without external invasion of private spaces, the technological changes occurred in society have transformed it into a complex set of rights to provide individuals with some degree of control over the processing and the flow of their own personal data. After a long delay in adopting data protection laws when compared to other countries, Italy put up a steep pace and introduced a novelty in the law currently in force, d.lgs. 196/03: the principle of necessity. This provision, significantly located among the three “top principles” in data protection, imposes on data controllers a limitation on the use of personal data, requiring the processing of anonymous data whenever possible. The principle has been in force since 2003, and the Italian authority for the protection of personal data is firm in its enforcement, invoking it in many decisions. The present work slowly zooms in on the principle of necessity: it starts from a broad history of the concept of privacy up to the current times; then it surveys the various approaches to a privacy law in the international scene, with a major attention to the European context; a timeline of the Italian legislation, with a summary of the current discipline, follows. Finally, the focus is centered on art. 3 of the law, containing the principle of necessity: from a general explanation to theoretical literature on the subject, not forgetting the application performed so far by the Guarantor with a number of examples in several fields. The conclusive analysis tries to highlight the strengths and weaknesses of the provision by putting it in the perspective of its natural application field: a society where information, and even more the Internet, have dramatically changed the business models and favored the birth of new, opposing interests

Mutating OWLs: semantic mutation testing for ontologies

Ontologies are an essential component of semantic knowledge bases and applications, and nowadays they are used in a plethora of domains. Despite the maturity of ontology languages, support tools and engineering techniques, the testing and validation of ontologies is a field which still lacks consolidated approaches and tools. This paper attempts at partly bridging that gap, taking a first step towards the extension of mutation testing techniques to ontologies expressed in a widely-used format. Mutation testing techniques, revisited in the light of the peculiar features of the ontology language and structure, can help in the engineering and refinement of ontologies and software based on them

Analgesic and Antineuropathic Drugs Acting Through Central Cholinergic Mechanisms

The role of muscarinic and nicotinic cholinergic receptors in analgesia and neuropathic pain relief is relatively unknown. This review describes how such drugs induce analgesia or alleviate neuropathic pain by acting on the central cholinergic system. Several pharmacological strategies are discussed which increase synthesis and release of acetylcholine (ACh) from cholinergic neurons. The effects of their acute and chronic administration are described. The pharmacological strategies which facilitate the physiological functions of the cholinergic system without altering the normal modulation of cholinergic signals are highlighted. It is proposed that full agonists of muscarinic or nicotinic receptors should be avoided. Their activation is too intense and un-physiological because neuronal signals are distorted when these receptors are constantly activated. Good results can be achieved by using agents that are able to a) increase ACh synthesis, b) partially inhibit cholinesterase activity c) selectively block the autoreceptor or heteroreceptor feedback mechanisms

Reconciling Data Protection Rights and Obligations: An Ontology of the Forthcoming EU Regulation

Knowledge theory has made its way into modern computing, through the use of models and annotations to organize it. The bottom layer of knowledge organizations makes use of ontologies, which are models based on a formal language structure and designed to express the concepts pertaining to a domain and the relationships between them. The use of ontologies is popular also in the legal domain to organize legal documents and as a support to legal reasoning. A legal topic which is currently under the limelight at the European level is data protection. Under the pressure of the last years’ technological developments, the data protection legislation has shown its weaknesses, and is currently undergoing a long and complex reform that is finally approaching its completion. The reform will urge businesses dealing with personal data to comply with the new Regulation. The aim of the current paper is to provide a basic ontology for the upcoming data protection legislation, highlighting the duties of the data controller, to ease the transition of systems and services from the existing legislation to the new one

Law and the software development life cycle

The increasing demand of reliable software services and the dependability that our daily personal and professional life have on them is bringing significant changes in the domain of software service engineering. One of the most revolutionary is the introduction of regulations, repeating what in the past has concerned the product market. Regulations need to find a balance between the interests of several roles and reduce the inevitable tensions that would otherwise arise among them, as well as to defend the right of the weakest parties (normally the end users). There are multiple interests to balance: the interests of end users, the protection of intellectual property, a fair competition against other enterprises, just to name a few. While some of these requirements concern the structure and organization of the enterprise, some of them are fit to penetrate into the software development life cycle. This would serve multiple purposes: allow the enterprise to design services which already take the legal requirements into account; visually represent the requirements and their interaction with the functionality of the system; develop the software components using tools and methodologies that are able to deal with those requirements; define metrics to measure the degree to which such requirements are met; measure the impact of the requirements on the functionality of the service and on other parameters of the service (such as performance or storage occupation); verify and monitor whether the legal requirements are met; and, last but not least, to have an argument to be used in case of a complaint in a court or at a competent authority. Before being considered in the software service life cycle, legal requirements must undergo a preprocessing phase in which they are translated into some form which is compatible with the tools and methodologies proper of the software engineering, for instance being modelled into a formalism that makes them processable by a machine. There is a significant amount of interdisciplinary topics that need to be combined together to reach an integration between regulation and software life cycle. In particular, at least from three complementary perspectives are needed. One perspective requires the analysis of the provisions of the law, the extraction of the legal requirements classified according to the stakeholders affected, and the translation of those requirements into some formal model that can be processed using appropriate software tools. A second perspective requires a study of the legal requirements from the point of view of requirements engineering techniques, also defining metrics to measure them. The third concerns the models used in the various stages of software engineering (design, modeling, development, validation and testing), which need to be extended to accommodate the legal requirements in their formal representation. Only by putting together these perspectives a comprehensive approach to deal with legal requirements in software engineering is possible

Using Ontologies to Model Data Protection Requirements in Workflows

Data protection, currently under the limelight at the European level, is undergoing a long and complex reform that is finally approaching its completion. Consequently, there is an urgent need to customize semantic standards towards the prospective legal framework. The aim of this paper is to provide a bottom-up ontology describing the constituents of data protection domain and its relationships. Our contribution envisions a methodology to highlight the (new) duties of data controllers and foster the transition of IT-based systems, services, tools and businesses to comply with the new General Data Protection Regulation. This structure may serve as the foundation for the design of data protection compliant information systems