Privacy Harm and Non-Compliance from a Legal Perspective

In today\u27s data-sharing paradigm, personal data has become a valuable resource that intensifies the risk of unauthorized access and data breach. Increased data mining techniques used to analyze big data have posed significant risks to data security and privacy. Consequently, data breaches are a significant threat to individual privacy. Privacy is a multifaceted concept covering many areas, including the right to access, erasure, and rectify personal data. This paper explores the legal aspects of privacy harm and how they transform into legal action. Privacy harm is the negative impact to an individual as a result of the unauthorized release, gathering, distillation, or expropriation of personal information. Privacy Enhancing Technologies (PETs) emerged as a solution to address data privacy issues and minimize the risk of privacy harm. It is essential to implement privacy enhancement mechanisms to protect Personally Identifiable Information (PII) from unlawful use or access. FIPPs (Fair Information Practice Principles), based on the 1973 Code of Fair Information Practice (CFIP), and the Organization for Economic Cooperation and Development (OECD), are a collection of widely accepted, influential US codes that agencies use when evaluating information systems, processes, programs, and activities affecting individual privacy. Regulatory compliance places a responsibility on organizations to follow best practices to ensure the protection of individual data privacy rights. This paper will focus on FIPPs, relevance to US state privacy laws, their influence on OECD, and reference to the EU General Data Processing Regulation. (GDPR). Keywords —Privacy harm, Privacy Enhancing Technologies(PETs),Fair Information Practice Principles (FIPPs

Teaching Secure Applications using Sequence Diagrams

Authentication is the validation provided by the communicating entity’s identity as the one that it claims to be. Integration of confidentiality, integrity and authentication into web applications is necessary to prevent unscrupulous attacks. For many years, we have been experimenting with methods for introducing important concepts related to secure transactions and improving undergraduate curricula and research experiences for Computer Science and Information Systems students. To achieve this goal, sequence diagrams which represent the progression of events over time are introduced to our students. This paper describes a learning module developed to help students understand authentication and integration of confidentiality, integrity and authentication into modeling web applications using sequence diagrams

Task based Interdisciplinary E-Commerce Course with UML Sequence Diagrams, Algorithm Transformations and Spatial Circuits to Boost Learning Information Security Concepts

Abstract: This paper describes a task based active learning module developed with projects to help students understand secure protocols, algorithms and modeling web applications to prevent attacks. We have been developing and continuously improving cyber security courses with methods for introducing important concepts for computing majors for more than a decade. Sequence diagrams (step by step diagram) , symbolic representations, and spatial circuit derivation from equations and algorithms are introduced to students to alleviate difficulties in mastering cryptographic algorithms. UML Sequence diagrams represent progression of events with time. Spatial circuits illustrate the transformation of equations and high level programming language constructs into special purpose hardware. These course materials can also be used in computer architecture or embedded systems courses to help students understand and develop special purpose circuitry