Search

Your search keyword '"Gdpr"' showing total 6,109 results
Start Over Descriptor "Gdpr"

Refine your results

more »

more »

more »

more »

more »

more »
6,109 results on '"Gdpr"'

8. THE DARK SIDE OF VOLUNTARY DATA SHARING.

Author

Xi Li, Bingqing Li, and Zhilin Yang

Abstract

To balance the need for privacy and the benefits of big data analytics, regulators around the world are giving consumers control over their data, allowing them to choose whether or not to voluntarily share their purchase history data with firms. Intuition suggests that voluntary data sharing benefits consumers who can now choose to share their data only when it is profitable to do so. To investigate this argument, we built a model in which a monopolistic firm sells a repeatedly purchased product to consumers over two periods, and consumers decide whether or not to share their purchase history data with the firm, who can use it in the future to pricediscriminate against them. We found that, compared to when data collection is completely outlawed, voluntary data sharing can benefit the firm but at the consumer's expense. Moreover, regulations that mandate firms to better protect consumer data against data breaches can backfire on consumers. Finally, we show that under voluntary data sharing, a firm's ability to offer consumers a monetary incentive to share their data can improve profits without hurting consumers. Taken together, these findings underscore the surprising effects of voluntary data sharing and caution public policymakers of how certain data policies that, on the surface, seem purely beneficial can lead to unintended consequences. [ABSTRACT FROM AUTHOR]

Published
2025

10. AUTOMATED ANALYSIS OF CHANGES IN PRIVACY POLICIES: A STRUCTURED SELF-ATTENTIVE SENTENCE EMBEDDING APPROACH.

Author

Lin, Fangyu, Samtani, Sagar, Zhu, Hongyi, Laura, Brandimarte, and Chen, Hsinchun

Abstract

The increasing societal concern for consumer information privacy has led to the enforcement of privacy regulations worldwide. In an effort to adhere to privacy regulations such as the General Data Protection Regulation (GDPR), many companies’ privacy policies have become increasingly lengthy and complex. In this study, we adopted the computational design science paradigm to design a novel privacy policy evolution analytics framework to help identify how companies change and present their privacy policies based on privacy regulations. The framework includes a self-attentive annotation system (SAAS) that automatically annotates paragraph-length segments in privacy policies to help stakeholders identify data practices of interest for further investigation. We rigorously evaluated SAAS against state-of-the-art machine learning (ML) and deep learning (DL)-based methods on a well-established privacy policy dataset, OPP-115. SAAS outperformed conventional ML and DL models in terms of F1-score by statistically significant margins. We demonstrate the proposed framework’s practical utility with an in-depth case study of GDPR’s impact on Amazon’s privacy policies. The case study results indicate that Amazon’s post-GDPR privacy policy potentially violates a fundamental principle of GDPR by causing consumers to exert more effort to find information about first-party data collection. Given the increasing importance of consumer information privacy, the proposed framework has important implications for regulators and companies. We discuss several design principles followed by the SAAS that can help guide future design science-based e-commerce, health, and privacy research. [ABSTRACT FROM AUTHOR]

Published
2024
Full Text
View/download PDF

11. Pseudonymisation of SS7 Identifiers by Random Tables

Author

Beumier, Charles, Debatty, Thibault, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, and Arai, Kohei, editor

Published
2025
Full Text
View/download PDF

12. Balancing Data Protection and Decentralization: Harnessing Blockchain’s Potential While Ensuring GDPR Compliance

Author

Anido-Rifón, Luis, von-Eitzen-Delgado, Christian, Ruiz Molina, María, Molina Martínez, Pablo, Álvarez González, Susana, Rodríguez Vázquez, Virgilio, Fernández-Iglesias, Manuel J., Mikic Fonte, Fernando, Llamas Nistal, Martín, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Prieto, Javier, editor, Vargas, Rafael Pastor, editor, Lage, Oscar, editor, Machado, José Manuel, editor, and Bálint, Molnár, editor

Published
2025
Full Text
View/download PDF

22. Multi-Role Actors and Rebounding Effects Across User Interfaces - Exploring Big Tech’s Privacy Scandals and GDPR Limitations in Data Ecosystems

Author

Kurtz, Christian, Burmeister, Fabian, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Marcus, Aaron, editor, Rosenzweig, Elizabeth, editor, Soares, Marcelo M., editor, Rau, Pei-Luen Patrick, editor, and Moallem, Abbas, editor

Published
2025
Full Text
View/download PDF

23. Evaluating the Importance of SSI-Blockchain Digital Identity Framework for Cross-Border Healthcare Patient Record Management

Author

Broshka, Esmeralda, Jahankhani, Hamid, Masys, Anthony J., Editor-in-Chief, Bichler, Gisela, Advisory Editor, Bourlai, Thirimachos, Advisory Editor, Johnson, Chris, Advisory Editor, Karampelas, Panagiotis, Advisory Editor, Leuprecht, Christian, Advisory Editor, Morse, Edward C., Advisory Editor, Skillicorn, David, Advisory Editor, Yamagata, Yoshiki, Advisory Editor, Montasari, Reza, editor, and Jahankhani, Hamid, editor

Published
2025
Full Text
View/download PDF

24. i-Right: Identifying and Classifying GDPR User Rights in Fitness Tracker and Smart Home Privacy Policies

Author

Kounoudes, Alexia Dini, Kapitsaki, Georgia M., Katakis, Ioannis, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Barhamgi, Mahmoud, editor, Wang, Hua, editor, and Wang, Xin, editor

Published
2025
Full Text
View/download PDF

25. Transparency vs Explanation of Machine Learning Algorithms: Perspectives from Recent Legal Proceedings

Author

Nnawuchi, Uchenna, George, Carlisle, Kammueller, Florian, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Santos, Manuel Filipe, editor, Machado, José, editor, Novais, Paulo, editor, Cortez, Paulo, editor, and Moreira, Pedro Miguel, editor

Published
2025
Full Text
View/download PDF

27. Designing Secure and Privacy-Aware IoT Services in the Health Sector

Author

Lambrinoudakis, Costas, Kalloniatis, Christos, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Pitropakis, Nikolaos, editor, and Katsikas, Sokratis, editor

Published
2025
Full Text
View/download PDF

28. Conceptual Framework for Designing Hippocratic APIs

Author

Rezayat, Sarmad, Burmester, Gerrit, Ma, Hui, Hartmann, Sven, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Maass, Wolfgang, editor, Han, Hyoil, editor, Yasar, Hasan, editor, and Multari, Nick, editor

Published
2025
Full Text
View/download PDF

29. Resignifying Compliance Between Ontologies and Epistemologies of Law (Invited Paper)

Author

Buffa, Matteo, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Saeki, Motoshi, editor, Wong, Leah, editor, Araujo, João, editor, Ayora, Clara, editor, Bernasconi, Anna, editor, Buffa, Matteo, editor, Castano, Silvana, editor, Fettke, Peter, editor, Fill, Hans-Georg, editor, García S., Alberto, editor, Goulão, Miguel, editor, Griffo, Cristine, editor, Jung, Jin-Taek, editor, Köpke, Julius, editor, Marín, Beatriz, editor, Montanelli, Stefano, editor, Rohrer, Edelweis, editor, and Román, José F. Reyes, editor

Published
2025
Full Text
View/download PDF

30. Legal Overview of Latest Developments in the Energy Sector Regarding Data Protection and Cybersecurity

Author

Mortensen, Bent Ole Gram, Hjerrild, Lisa, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Jørgensen, Bo Nørregaard, editor, Ma, Zheng Grace, editor, Wijaya, Fransisco Danang, editor, Irnawan, Roni, editor, and Sarjiya, Sarjiya, editor

Published
2025
Full Text
View/download PDF

32. The General Data Protection Regulation in Plain Language

Author

van der Sloot, Bart

Subjects
GDPR, General Data Protection Regulation, privacy, privacy law, privacy legislation, european legislation, Law, Privacy and data protection
Abstract

The General Data Protection Regulation in Plain Language is a guide for anyone interested in the much-discussed rules of the GDPR. In this legislation, which came into force in 2018, the European Union meticulously describes what you can and cannot do with data about other people. Violating these rules can lead to a fine of up to 20 million euros. This book sets out the most important obligations of individuals and organisations that process data about others. These include taking technical security measures, carrying out an impact assessment and registering all data-processing procedures within an organisation. It also discusses the rights of citizens whose data are processed, such as the right to be forgotten, the right to information and the right to data portability.

Published
2025

34. The Early Impact of GDPR Compliance on Display Advertising: The Case of an Ad Publisher.

Author

Wang, Pengyuan, Jiang, Li, and Yang, Jian

Subjects
GENERAL Data Protection Regulation, 2016, REGULATORY compliance, INTERNET advertising, DATA protection, PERSONALLY identifiable information, CONSUMER behavior
Abstract

The European Union's General Data Protection Regulation (GDPR), with its explicit consent requirement, may restrict the use of personal data and shake the foundations of online advertising. The ad industry has predicted drastic loss of revenue from GDPR compliance and has been seeking alternative ways of targeting. Taking advantage of an event created by an ad publisher's request for explicit consent from users with European Union IP addresses, the authors find that for a publisher that uses a pay-per-click model, has the capacity to leverage both user behavior and web page content information for advertising, and observes high consent rates, GDPR compliance leads to modest negative effects on ad performance, bid prices, and ad revenue. The changes in ad metrics can be explained by temporal variations in consent rates. The impact is most pronounced for travel and financial services advertisers and least pronounced for retail and consumer packaged goods advertisers. The authors further find that web page context can compensate for the loss of access to users' personal data, as the GDPR's negative impact is less pronounced when ads are posted on web pages presenting relevant content. The results suggest that publishers and advertisers should leverage targeting based on web page content after the GDPR's rollout. [ABSTRACT FROM AUTHOR]

Published
2024
Full Text
View/download PDF

35. HIPAA: A Demand to Modernize Health Legislation

Author

Sadri, Mehri

Subjects
Health Insurance Portability and Accountability Act, HIPAA, data privacy, data security, The Security Rule, The Privacy Rule, General Data Protection Regulation, GDPR, cybersecurity risk, healthcare data breach, Vigil v. Muir Medical Group IPA, Inc
Abstract

In the 21st-century digital age, health data privacy remains a crucial concern. This paper evaluates the effectiveness of the Health Insurance Portability and Accountability Act, known as HIPAA. More specifically, it demonstrates a need for a unified federal framework in the U.S. that aligns with General Data Protection Regulation’s protections to address modern-day cybersecurity threats better. This article argues that in an era of increased globalization, the United States should confront the task of reforming its healthcare data protection law to align with current cybersecurity risks. We begin by examining landmark legislation across American states to reveal inconsistencies between state and federal protective rulings. Later, we uncover the reactive nature of HIPAA, in contrast to GDPR’s proactive and citizen-centric approach. Through evaluating past lawsuits related to patient protection noncompliance, this paper depicts significant differences in the purpose, coverage, and execution of data protection laws between the United States and the European Union. It highlights GDPR’s effectiveness in granting individuals greater control over their data. Furthermore, this article proposes the adoption of newfound systems for standardized risk analysis and enhanced security across healthcare providers.As healthcare becomes more accessible to the American public, the amount of data in this system increases. This nationwide surge in data underscores the critical need to assess whether privacy laws established in the 1990s remain sufficient. Therefore, updates to healthcare legislation are essential to establishing stringent patient protections in response to the significant rise in data breach incidents within the healthcare network.

Published
2024

36. 'Convergence of competing powers: EU competition law and privacy in the digital era – scenarios and impacts'.

Author

Gorecka, Arletta

Subjects
*RIGHT of privacy, *DATA privacy, *DIGITAL technology, *ANTITRUST law, *DATA protection laws
Abstract

The debate on the intersection of competition law and privacy constitutes a major challenge for the existing competition law framework. This article considers the intersection between competition law and privacy and argues that it is possible to recognise a positive relation between these legal areas. However, with the rise of digital platforms that provide free products and services to consumers while generating revenue through data collection, the discussion has intensified regarding whether non-price elements, such as privacy, should be considered as a factor in competition law analysis. The author argues that it is possible to demonstrate a dogmatic link between these legal sources, as a coherent and consistent interpretation of competition law and data protection is adequate. The article finds that dogmatic approach corresponds to recent development in competition law enforcement. [ABSTRACT FROM AUTHOR]

Published
2025
Full Text
View/download PDF

37. Cascade genetic testing in hereditary cancer: exploring the boundaries of the Italian legal framework.

Author

Varesco, Liliana, Di Tano, Francesco, Monducci, Juri, Sciallero, Stefania, Turchetti, Daniela, Bighin, Claudia, Buzzatti, Giulia, Giannubilo, Irene, Trevisan, Lucia, and Battistuzzi, Linda

Abstract

Despite its clinical value, cascade genetic testing (CGT) in hereditary cancer syndromes remains underutilized for a number of reasons, including ineffective family communication of genetic risk information. Therefore, alternative strategies are being explored to improve CGT uptake rates; one such strategy is direct contact with at-risk relatives by healthcare professionals with proband consent. It is unclear how Italian laws and regulations pertaining to CGT—including the EU General Data Protection Regulation (GDPR)—should be understood and implemented in the context of such alternative strategies. The authors constructed a hypothetical case about CGT, reviewed laws and regulations on informed consent, privacy, and the right not to know, and analyzed how those laws and regulations might apply to different communicative strategies relevant to the case and aimed at supporting CGT. A constitutionally consistent reading of Italian law and of the GDPR, an integral part of the Italian privacy framework, suggests that multiple communicative approaches may be legally permissible in Italy to support the CGT process. This includes direct contact by healthcare professionals with proband consent, provided certain conditions are met. Understanding the effectiveness of such approaches in improving CGT uptake will require further research efforts. [ABSTRACT FROM AUTHOR]

Published
2025
Full Text
View/download PDF

38. In Brussels we trust? Exploring corporate resistance in platform regulation.

Author

Weigl, Linda and Guzik, Aleksandra

Abstract

Can European regulators be trusted with the enforcement of the new Digital Services Act package? Recent developments show that designated companies are increasingly pursuing legal action against EU institutions. In a comparative analysis of litigation in the context of the GDPR, the DMA and the DSA, we find that the accumulation of digital legislation over time provides some explanatory potential for this legal obstructionism. Moreover, compared to the GDPR, the DMA and the DSA have a stronger impact on platforms’ business models. While GDPR provisions impose rules on obtaining a lawful basis for data processing on all data processing entities, they do not fundamentally alter how a subset of designated platforms directly generate profit. Although the Commission stands steadfast in its enforcement actions, the rise in legal disputes could be seen as a warning sign, questioning the platforms’ true willingness to adhere and requiring regulatory entities to be particularly vigilant. [ABSTRACT FROM AUTHOR]

Published
2025
Full Text
View/download PDF

39. No harm no foul: how harms caused by dark patterns are conceptualised and tackled under EU data protection, consumer and competition laws.

Author

Santos, Cristiana, Morozovaite, Viktorija, and De Conca, Silvia

Subjects
*ANTITRUST law, *DATA protection, *CONSUMER law, *SCHOLARLY method, *GENERAL Data Protection Regulation, 2016
Abstract

Although several Human–Computer Interaction (HCI) studies have empirically investigated the harms caused by dark patterns, with policymakers and regulators regarding these harms significant, they have yet to be examined from a legal perspective. This paper identifies the individual, collective, material and non-material harms deriving from dark patterns, dissecting the role that harms play in the emerging European ‘dark patterns acquis’, comprising the Digital Services Act, Digital Markets Act, AI Act and Data Act. In particular, it systematises the body of knowledge of dark patterns’ harms from HCI scholarship and proposes a dark pattern harm taxonomy. Ultimately, the paper reconciled the debate concerning dark patterns’ harms in HCI with the legal requirements for assessing harms, in light of the remedies mechanisms offered by European data protection, consumer law and competition law. [ABSTRACT FROM AUTHOR]

Published
2025
Full Text
View/download PDF

40. Crumbled Cookies: Exploring E-commerce Websites' Cookie Policies with Data Protection Regulations.

Author

Singh, Nivedita, Do, Yejin, Yu, Yongsang, Fouad, Imane, Kim, Jungrae, and Kim, Hyoungshick

Subjects
GENERAL Data Protection Regulation, 2016, COOKIES (Computer science), SECURITY systems, DATA protection, WEBSITES
Abstract

Despite stringent data protection regulations, such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other country-specific laws, numerous websites continue to use cookies to track user activities, raising significant privacy concerns. This study aims to investigate the compliance of e-commerce websites with these regulations from a cookie perspective and explore potential variations in cookie policies across different countries. We conducted a comprehensive analysis of 360 popular e-commerce websites (44,323 cookies) across multiple countries, examining cookie attributes and their potential links to privacy and security breaches. Our findings revealed that 73% of third-party cookies function as tracker cookies, with around 40% breaching lifecycle regulations. Additionally, 85% are vulnerable to potential cross-site scripting (XSS) attacks, while only 349 out of 44,323 adhere to robust measures aimed at combating cross-site request forgery (CSRF) attacks. We also discovered instances of masquerading cookies, where third-party cookies disguise themselves as first-party cookies, enabling unauthorized user tracking without consent. To the best of our knowledge, this study is the first to comprehensively analyze the compliance of e-commerce websites with the GDPR, CCPA, and country-specific regulations concerning cookie policies across different jurisdictions. Our findings highlight the urgent need for uniform and consistent cookie policies across websites and jurisdictions, as well as robust enforcement mechanisms and increased transparency to ensure compliance with data protection regulations. This research contributes to the ongoing discourse on privacy protection and underscores the importance of addressing the challenges posed by insecure cookie practices in the e-commerce sector. [ABSTRACT FROM AUTHOR]

Published
2025
Full Text
View/download PDF

42. Patient-centric information management in blockchain and interplanetary storage.

Author

Dewangan, Narendra and Chandrakar, Preeti

Abstract

In the healthcare sector, the protection of patient information is an essential factor in terms of secrecy and privacy. This information is very useful for industrial and research purposes. Electronic medical records (EMR) hold data related to patients and their treatments. According to GDPR (general data protection regulation), patient information should be anonymous. There should not be any disclosure of patients private information during data transfer. For hiding patients private information, encryption is required. For developing countries, the treatment cost is also a matter for health services. Blockchain technology provides facilities like distributed and immutable data storage and peer-to-peer data transfer. We need cheaper blockchain-based solutions for the healthcare sector. IPFS provides a secure way to store the content of the files in a decentralized manner by using the Merkle tree. By using IPFS with blockchain, we can counter the use of fake medical records or the forge of EMR. In this paper, the interplanetary file system (IPFS) is used to store EMR in compliance with GDPR. We work on the treatment cycle of patients with a blockchain-maintained hospital and doctor. Our proposed system enhances the security and transparency of patients' treatment information. We compared our proposed system with previously developed systems and provided analytical results in terms of security, privacy, and cost. We implemented our proposed system on a Python-customized blockchain with a customized consensus algorithm. [ABSTRACT FROM AUTHOR]

Published
2025
Full Text
View/download PDF

43. Will the EU AI Regulations Give Rise to Another 'Brussels Effect'? Lessons from the GDPR.

Author

Tarafder, Agnidipto and Vadlamani, Aniruddh

Abstract

The pre-eminence of the European Union (EU) General Data Protection Regulation (GDPR) in regulating the business of data collection, processing and transfer cannot be understated. It has come to serve as the model for laws in several non-EU jurisdictions who share in the EU's concerns about citizens' data being harnessed by Big Tech in particular. This article explores the GDPR's outsized impact in the sphere of data regulation, the conflict between the contrasting models of regulation adopted by the EU and the United States and comments on the possibility of the AI regulations becoming what the GDPR is for data. It further delves into the possibility of this approach being followed by countries like India, where government efforts to integrate AI-based innovation and entrepreneurship have led to the possibility of newer regulatory approaches being adopted. [ABSTRACT FROM AUTHOR]

Published
2025
Full Text
View/download PDF

44. A comparative analysis: health data protection laws in Malaysia, Saudi Arabia and EU General Data Protection Regulation (GDPR).

Author

Sarabdeen, Jawahitha and Mohamed Ishak, Mohamed Mazahir

Subjects
DATA privacy, GENERAL Data Protection Regulation, 2016, DATA protection, DATA protection laws, PUBLIC sector, PERSONALLY identifiable information
Abstract

Purpose: General Data Protection Regulation (GDPR) of the European Union (EU) was passed to protect data privacy. Though the GDPR intended to address issues related to data privacy in the EU, it created an extra-territorial effect through Articles 3, 45 and 46. Extra-territorial effect refers to the application or the effect of local laws and regulations in another country. Lawmakers around the globe passed or intensified their efforts to pass laws to have personal data privacy covered so that they meet the adequacy requirement under Articles 45–46 of GDPR while providing comprehensive legislation locally. This study aims to analyze the Malaysian and Saudi Arabian legislation on health data privacy and their adequacy in meeting GDPR data privacy protection requirements. Design/methodology/approach: The research used a systematic literature review, legal content analysis and comparative analysis to critically analyze the health data protection in Malaysia and Saudi Arabia in comparison with GDPR and to see the adequacy of health data protection that could meet the requirement of EU data transfer requirement. Findings: The finding suggested that the private sector is better regulated in Malaysia than the public sector. Saudi Arabia has some general laws to cover health data privacy in both public and private sector organizations until the newly passed data protection law is implemented in 2024. The finding also suggested that the Personal Data Protection Act 2010 of Malaysia and the Personal Data Protection Law 2022 of Saudi Arabia could be considered "adequate" under GDPR. Originality/value: The research would be able to identify the key principles that could identify the adequacy of the laws about health data in Malaysia and Saudi Arabia as there is a dearth of literature in this area. This will help to propose suggestions to improve the laws concerning health data protection so that various stakeholders can benefit from it. [ABSTRACT FROM AUTHOR]

Published
2025
Full Text
View/download PDF

45. مقا یسه قوان ین حفاظت از دادههای شخ صی: مقررات عمومی منحصر به فرد تحت مقررات 1(و قوانین ا یالات متحده GDPR(حفاظت از دادههای عمومی اتحادیه اروپا

Author

مرتضي محمودي پرچيني, لادن رياضي, and عليرضا پور ابراهيمي

Subjects
DATA protection, DATA protection laws, GENERAL Data Protection Regulation, 2016, AMERICAN law, STATE laws
Abstract

Objective: This research provides a comparative analysis of the General Data Protection Regulation (GDPR) of the European Union and the data protection laws of the United States, aiming to offer suggestions for improving data protection laws in Iran. Methods: The study employs a mixed-methods approach, using both qualitative and quantitative techniques for data collection and analysis. Data were gathered through library research, questionnaires, and semi-structured interviews, and were analyzed using SPSS software. Results: The findings revealed that the GDPR includes a comprehensive and unified framework for the protection of personal data, emphasizing transparency, consent, and notification. In contrast, the United States lacks a comprehensive federal law and relies on a collection of sectoral and state laws. Additionally, the implementation of the GDPR has led to increased transparency and accountability for businesses, whereas U.S. laws have resulted in greater complexity. Conclusions:The recommendations for improving data protection laws in Iran include drafting a comprehensive and unified law similar to the GDPR, creating effective enforcement mechanisms, increasing public awareness and education, utilizing successful experiences from other countries, adapting laws to the specific needs of Iranian society and its legal system, strengthening the role of regulatory bodies, encouraging the use of new technologies in data protection, and fostering collaboration between public and private sectors. [ABSTRACT FROM AUTHOR]

Published
2025
Full Text
View/download PDF

46. Optimization of cyber security through the implementation of AI technologies

Author

Nawaf Liqaa and Bentotahewa Vibhushinie

Subjects
optimization, cyberspace, cyber threat, ai, iot, security, privacy, gdpr, covid-19, Science, Electronic computers. Computer science, QA75.5-76.95
Abstract

Identification of cyber threats is crucial and significant for determining substantial security techniques and approaches. This research illustrates a brief discussion of cyberspace challenges and threats in a disruptive era alongside comprehensive approaches in mitigating the risk of cyber threats. Additionally, the aim of this research is to provide beneficial approaches on how to handle cyber threats in detail. For example, threats and attacks may be caused in the absence of legislation, ethical standardization, support system, and lack of access control. The governance system, therefore, will put a lot of effort into communicating, identifying, and enforcing the principles of security to moderate risk. The Metaheuristic algorithms are stimulated by the human brain, so implementing Artificial Intelligence (AI) that assists the Neural Network to mimic the behaviour of the human brain is important to predict significant outcomes. In this study, the author investigates and analyses the rapid growth of cyber threats to outline the solutions. The aim of this study is to contribute to cyber security optimization through implementing AI methodologies.

Published
2025
Full Text
View/download PDF

47. From Technical Prerequisites to Improved Care: Distributed Edge AI for Tomographic Imaging

Author

Bilgehan Akdemir, Hafiz Faheem Shahid, Mikael A. K. Brix, Juho Laakkola, Johirul Islam, Tanesh Kumar, Jarmo Reponen, Miika T. Nieminen, and Erkki Harjula

Subjects
CBCT, distributed AI, edge computing, edge cloud continuum, GDPR, medical imaging, Electrical engineering. Electronics. Nuclear engineering, TK1-9971
Abstract

Recent years have seen a surge in AI-driven medical image processing, leading to significant improvements in diagnostic performance. However, medical imaging technologies tend to create staggering volumes of medical data, necessitating high-performance computing. Cloud systems with robust GPUs and resource capacity are optimal choices for DL-based medical image processing. However, transferring data to the cloud for processing strains communication links, introduces high communication latency, and raises privacy and security concerns. Consequently, despite the undisputed benefits of cloud computing, dedicated standalone local computers are still used for image reconstruction in today’s systems. This localized strategy uses expensive hardware inefficiently and falls short of scalability and maintainability. Edge computing emerges as an innovative concept by bringing cloud processing capabilities closer to data sources. A continuum of computing including local, edge, and cloud tiers would offer a promising solution for medical image processing. According to literature survey, there are no significant works on utilizing edge cloud continuum for CBCT imaging. To fill this gap, we introduce novel 3-TECC architectural concept, specifically designed for CBCT data reconstruction in medical imaging. This article explores the evolving synergy among medical imaging, distributed AI, containerized solutions, and edge-cloud continuum technologies, highlighting their clinical implications and illuminating the potential for transformative patient care. We uncover challenges and opportunities this convergence provides with the CBCT image reconstruction use case, while aligning with regulatory compliance. The proposed 3-TECC architecture advocates a decentralized data processing paradigm, reducing reliance on the centralized approach and emphasizing the role of local-edge computing.

Published
2025
Full Text
View/download PDF

48. Assessing Privacy Policies and App Settings for User Data Protection: A Data Subject‐Centered Framework Analysis of TikTok in the U.S. and Europe (2023–2024).

Author

Kim, Hyowon and Bratt, Sarah

Subjects
*DATA protection, *MOBILE apps, *DATA management
Abstract

This study examines the extent to which TikTok's privacy policies and app settings in the U.S. and Europe protect the rights entailed in the data subject‐centered framework. Using a case study approach, we analyze current policy documents and app settings to identify the alignment of TikTok's policies with the GDPR perspective. Our findings reveal that current policies and settings fall short in key areas. First, TikTok policies lack details related to managing and protecting sensitive data. Second, the policies neglect to discuss the responsibilities of social media companies when such data is utilized by unspecified third parties. Furthermore, there is a noticeable deficiency in the U.S. regarding detailed in‐app privacy notices and setting options, especially in terms of managing location data and advertisements. Additionally, there is a need for explanations on how specific settings impact users. Lastly, a critical demand exists for default settings, including those for advertisements, to enhance data protection. [ABSTRACT FROM AUTHOR]

Published
2024
Full Text
View/download PDF

49. Discrimination in the automated targeting of job advertising: The role of the General Data Protection Regulation.

Author

Parodi, Elisa

Abstract

Recently, companies have increasingly been using AI to attract potential candidates through targeted job advertising, whose delivery is then algorithmically optimised. By excluding certain groups from job opportunities, these practices can discriminate in access to work, in relation to grounds protected by EU equality law. This article investigates the possible role of GDPR (Reg. n. 2016/679) in litigating discrimination in targeted and optimised job advertising. It firstly analyses whether and how the data access right under Art. 15(1)(h) can be exercised to gather the prima facie discrimination evidence necessary to bring a discrimination claim against the employer. It then deepens the potential use of Art. 80(2) to address the challenges relating to litigating these discriminatory practices, particularly the victims' lack of awareness and their difficulty in coordinating. [ABSTRACT FROM AUTHOR]

Published
2025
Full Text
View/download PDF

50. Dark Sides of Data Transparency: Organized Immaturity After GDPR?

Author

Schade, Frederik

Subjects
DIGITAL technology, GENERAL Data Protection Regulation, 2016, DATA protection, SOCIOTECHNICAL systems, PERSONALLY identifiable information, ELECTRONIC data processing
Abstract

Organized immaturity refers to the capacity of widely institutionalized sociotechnical systems to challenge qualities of human enlightenment, autonomy, and self-determination. In the context of surveillance capitalism, where these qualities are continuously put at risk, data transparency is increasingly proposed as a means of restoring human maturity by allowing individuals insight and choice vis-à-vis corporate data processing. In this article, however, I draw on research on General Data Protection Regulation–mandated data transparency practices to argue that transparency—while potentially fostering maturity—itself risks producing new forms of organized immaturity by facilitating user ignorance, manipulation, and loss of control of personal data. Considering data transparency's relative "successes" and "failures" regarding the cultivation of maturity, I outline a set of possible remedies while arguing for a general need to develop more sophisticated ethical appreciations of transparency's complex and potentially problematic implications for organized (im)maturity in the digital age. [ABSTRACT FROM AUTHOR]

Published
2023
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results