Data Protection in the Age of Big Data
-
Upload
arthit-suriyawongkul -
Category
Government & Nonprofit
-
view
79 -
download
2
Transcript of Data Protection in the Age of Big Data
MORE THAN COMMUNICATION SURVEILLANCE:DATA PROTECTIONIN THE AGE OF BIG DATAFrontiers Learning Series: Next Generation Technologies for Empowering People — 14 November 2016, Bangkok
@bactArthit Suriyawongkul
INFORMATION SECURITY & PRIVACY
➤ Information Security
➤ Confidentiality
➤ Integrity
➤ Availability
➤ Information Privacy — the situation where we (the owner of the data) can control those C, I, and A — we have power over our own data (and our own life)
OPPORTUNITIES AND CHALLENGES
Data
Network(go across national borders)
Computation
Net neutrality (which activities are
prioritised?)
Infrastructure ownership (who can get connected?)
Sensory citizenship
(whose ‘votes’ got counted?)
Big Data (Volume, Variety,
Velocity)
LinkabilityIdentity (do/how you exist?)
Citizen science
Metadata
Bias / Discrimination
“Precrime”(Predictive crime control, systemic prejudgement,
algorithmic bias)
Anonymity
Peer-to-peer network
Cloud storage
Cloud computing
Consumer rights as Civil rights
Media convergence
Behavior
Re-identification
InterfaceAccessibility
Multicultural environment
VIOLATIONS OVER PERSONAL DATA + PROTECTION MEASURES
➤ Identity theft
➤ Computer-crime prevention, fraud detection
➤ Data breach
➤ Information and network security (cybersecurity)
➤ Re-identification, de-anonymization
➤ Personal data protection
➤ Engineering (compute code)
➤ Policy (legal code)
PROTECTION MECHANISM
User Access Control
Algorithm auditing
OversightBoard
Design for Clarity+Consent
Privacy ImpactAssessment
Software validationand verification
Social engineering prevention
Cryptography
FirewallHardening
Physical Security
ObfuscationTransparency Report
INITIATIVES TO MAKE CONSUMERS/CITIZENS MORE INFORMED
➤ Transparency Report / Law Enforcement Requests Report
➤ Ranking Digital Rights — Corporate Accountability Index
INITIATIVES
➤ Thai Netizen Network studies on privacy policy and technological security measures of 45 websites in 2014
REFERENCES
➤ A Privacy-Preserving eHealth Protocol compliant with the Belgian Healthcare SystemDe Decker, B. et al. Fifth European PKI Workshop. June 16-17, 2008. http://www.item.ntnu.no/europki08/presentations/europki08-layouni.pdf
➤ Advanced Applications for e-ID Cards in Flanders.De Decker, B. et al. ADAPID Deliverable D6. E-Health I. 2007. https://www.cosic.esat.kuleuven.be/adapid/docs/adapid-d6.pdf
➤ Simple Demographics Often Identify People Uniquely.Sweeney, L. Carnegie Mellon University, Data Privacy Working Paper 3. Pittsburgh 2000. http://dataprivacylab.org/projects/identifiability/
➤ De-anonymizing South Korean Resident Registration Numbers Shared in Prescription Data.Sweeney L and Yoo J. Technology Science, 2015092901. September 29, 2015. http://techscience.org/a/2015092901/
➤ Ranking Digital Rights https://rankingdigitalrights.org/
➤ Thai Netizen Privacy Report https://thainetizen.org/privacy-report-2014/
FOLLOW @THAINETIZENThai Netizen Network
Foundation for Internet and Civic Culture
This presentation by Thai Netizen Network is licensed under the Creative Commons Attribution 4.0 International License.