Logo des Repositoriums

Auflistung nach Schlagwort "privacy"

1 - 10 von 41
  • Textdokument
    Anonymization Is Dead – Long Live Privacy
    (Open Identity Summit 2019, 2019) Zibuschka, Jan; Kurowski, Sebastian; Roßnagel, Heiko; Schunck, Christian H.; Zimmermann, Christian
    Privacy is a multi-faceted, interdisciplinary concept, with varying meaning to different people and disciplines. To most researchers, anonymity ist he “holy grail” of privacy research, as it suggests that it may be possible to avoid personal information altogether. However, time and time again, anonymization has been shown to be infeasible. Even de-facto anonymity is hardly achievable using state-of-the-art cryptographic anonymization techniques. Furthermore, as there are inherent tensions between the privacy protection goals of confidentiality, availability, integrity, transparency, intervenability and unlinkability, failed attempts to achieve full anonymization may make it impossible to provide data-subjects with transparency and intervenability. This is highly problematic as such mechanisms are required by regulation such as the General Data Protection Regulation (GDPR). Therefore, we argue for a paradigm shift away from anonymization towards transparency, accountability, and intervenability.
  • Zeitschriftenartikel
    Categorizing Social Robots with Respect to Dimensions Relevant to Ethical, Social and Legal Implications
    (i-com: Vol. 19, No. 1, 2020) Störzinger, Tobias; Carros, Felix; Wierling, Anne; Misselhorn, Catrin; Wieching, Rainer
    The aim of this paper is to suggest a framework for categorizing social robots with respect to four dimensions relevant to an ethical, legal and social evaluation. We argue that by categorizing them thusly, we can circumvent problematic evaluations of social robots that are often based on overly broad and abstract considerations. Instead of questioning, for example, whether social robots are ethically good or bad in general, we instead propose that different configurations of (and combinations thereof) the suggested dimensions entail different paradigmatic challenges with respect to ethical, legal and social issues (ELSI). We therefore encourage practitioners to consider these paradigmatic challenges when designing social robots to find creative design solutions.
  • Report
    Compatibility of Support and Autonomy in Personalized HCI
    (2020) Fietkau, Julian; Balthasar, Mandy
    Developers and designers of interactive digital systems are faced with many chal-lenges, some less visible than others. One of these more subtle balancing acts is be-tween personalized user support and unrestricted user autonomy. It raises the ques-tion how a supportive design that takes a user’s needs and preferences into account can be implemented within a technical system while at the same time allowing the user to make decisions freely without restrictions. How can autonomy by design be incorporated into the process? In this paper we describe the breadth of choice heu-ristic, which can show where the support of the user by the system stops and a re-striction of the user’s autonomy begins. To this end, we reference existing literature on similar issues, develop our own conclusions and apply them to our work in a pro-ject on IT for elderly people.
  • Zeitschriftenartikel
    Compliance-Monitor zur Frühwarnung vor Risiken
    (Wirtschaftsinformatik: Vol. 50, No. 5, 2008) Accorsi, Rafael; Sato MSc., Yoshinori; Kai MSc., Satoshi
    Der Beitrag befasst sich mit der Entwicklung eines Frühwarnsystems zur vorzeitigen Entdeckung von Verletzungen der Privatsphäre in „Business Compliance“ und zeigt die Anwendbarkeit dieses Verfahrens am Beispiel der Anonymität. Hierzu wird ein Referenzmonitor vorgestellt, der das Risiko, ausgedrückt als Eintrittswahrscheinlichkeit, einer zukünftigen Regelverletzung vor ihrem Eintritt automatisch berechnet und warnt, wenn die Ausführung als gefährlich eingestuft wird.AbstractThe paper reports on a reference monitor for early warning risk determination for privacy violations in the context of business compliance and demonstrates its applicability in the particular case of anonymity. To this end, the monitor detects system executions that potentially lead to incompliant states before the actual violation by determining the risk they pose to compliance goals and warning officers responsible for compliance about risky executions. In doing so, the presented monitor is a novel technique to automate some of the tasks involved in guaranteeing compliance.
  • Konferenzbeitrag
    Data Protection Impact Assessment in Identity Control Management with a Focus on Biometrics
    (Open Identity Summit 2020, 2020) Bisztray, Tamas; Gruschka, Nils; Mavroeidis, Vasileios; Fritsch, Lothar
    Privacy issues concerning biometric identification are becoming increasingly relevant due to their proliferation in various fields, including identity and access control management (IAM). The General Data Protection Regulation (GDPR) requires the implementation of a data protection impact assessment for privacy critical systems. In this paper, we analyse the usefulness of two different privacy impact assessment frameworks in the context of biometric data protection. We use experiences from the SWAN project that processes four different biometric characteristics for authentication purposes. The results of this comparison elucidate how useful these frameworks are in identifying sector-specific privacy risks related to IAM and biometric identification.
  • Konferenzbeitrag
    Decentralized Identities for Self-sovereign End-users (DISSENS)
    (Open Identity Summit 2021, 2021) Schanzenbach,Martin; Grothoff, Christian; Wenger, Hansjürg; Kaul, Maximilian
    This paper describes a comprehensive architecture and reference implementation for privacy-preserving identity management that bucks the trend towards centralization present in contemporary proposals. DISSENS integrates a technology stack which combines privacy-friendly online payments with self-sovereign personal data management using a decentralized directory service. This enables users to be in complete control of their digital identity and personal information while at the same time being able to selectively share information necessary to easily use commercial services. Our pilot demonstrates the viability of a sustainable, user-centric, standards-compliant and accessible use case for public service employees and students in the domain of retail e-commerce. We leverage innovative technologies including self-sovereign identity, privacy credentials, and privacy-friendly digital payments in combination with established standards to provide easy-to-adapt templates for the integration of various scenarios and use cases.
  • Konferenzbeitrag
    Design Considerations for Usable Authentication in Smart Homes
    (Mensch und Computer 2021 - Tagungsband, 2021) Prange, Sarah; George, Ceenu; Alt, Florian
    Smart home devices are on the rise. To provide their rich variety of features, they collect, store and process a considerable amount of (potentially sensitive) user data. However, authentication mechanisms on such devices a) have limited usability or b) are nonexisting. To close this gap, we investigated, on one hand, users’ perspectives towards potential privacy and security risks as well as how they imagine usable authentication mechanisms in future smart homes. On the other hand, we considered security experts’ perspectives on authentication for smart homes. In particular, we conducted semi-structured interviews (N=20) with potential smart home users using the story completion method and a focus group with security experts (N=10). We found what kind of devices users would choose and why, potential challenges regarding privacy and security, and potential solutions. We discussed and verified these with security experts. We derive and reflect on a set of design implications for usable authentication mechanisms for smart homes and suggest directions for future research. Our work can assist designers and practitioners when implementing appropriate security mechanisms for smart homes.
  • Zeitschriftenartikel
    Digital natives aren’t concerned much about privacy, or are they?
    (i-com: Vol. 22, No. 1, 2023) Maier, Edith; Doerk, Michael; Reimer, Ulrich; Baldauf, Matthias
    Voice assistants have become embedded in people’s private spaces and domestic lives where they gather enormous amounts of personal information which is why they evoke serious privacy concerns. The paper reports the findings from a mixed-method study with 65 digital natives, their attitudes to privacy and actual and intended behaviour in privacy-sensitive situations and contexts. It also presents their recommendations to governments or organisations with regard to protecting their data. The results show that the majority are concerned about privacy but are willing to disclose personal data if the benefits outweigh the risks. The prevailing attitude is one characterised by uncertainty about what happens with their data, powerlessness about controlling their use, mistrust in big tech companies and uneasiness about the lack of transparency. Few take steps to self-manage their privacy, but rely on the government to take measures at the political and regulatory level. The respondents, however, show scant awareness of existing or planned legislation such as the GDPR and the Digital Services Act, respectively. A few participants are anxious to defend the analogue world and limit digitalization in general which in their opinion only opens the gate to surveillance and misuse.
  • Konferenzbeitrag
    Emerging biometric modalities and their use: Loopholes in the terminology of the GDPR and resulting privacy risks
    (BIOSIG 2021 - Proceedings of the 20th International Conference of the Biometrics Special Interest Group, 2021) Bisztray, Tamás; Gruschka, Nils; Bourlai, Thirimachos; Fritsch, Lothar
    Technological advancements allow biometric applications to be more omnipresent than in any other time before. This paper argues that in the current EU data protection regulation, classification applications using biometric data receive less protection compared to biometric recognition. We analyse preconditions in the regulatory language and explore how this has the potential to be the source of unique privacy risks for processing operations classifying individuals based on soft traits like emotions. This can have high impact on personal freedoms and human rights and, therefore, should be subject to data protection impact assessment.
  • Textdokument
    Enabling SMEs to comply with the complex new EU data protection regulation
    (Open Identity Summit 2019, 2019) Fähnrich, Nicolas; Kubach, Michael
    The European General Data Protection Regulation (GDPR) introduces privacy requirements that pose a complex challenge especially for small and medium sized enterprises (SMEs). In this paper, we present a software-supported process model developed by us that helps SMEs to establish processes ensuring the rights of the data subjects and prepare the documentation that is necessary to comply with the GDPR. Three small case studies illustrate the work with the process model and lessons learned from these practical applications of our tool give further insights into the topic.