Privacy Regulations Research Articles

Legal Regulation of Cybersecurity and Privacy on the Internet as SDG's

Objective: The article focuses on the conceptual framework for the formation and development of legal regulation of cybersecurity and privacy on the Internet. Theoretical Framework: Technological development has provided humanity with many clear benefits. However, it has also created severe challenges and threats to national security, critical infrastructure, private persons and states, as well as the international community. In Ukraine, these issues have been exacerbated by the Russian-Ukrainian war. Method: The research methodology is based on a logical and systematic presentation and analysis of the material related to the process of legal support for cybersecurity and privacy. Results and Discussion: Today, states and international organizations have to pursue two different policies: one in the virtual environment and the other in the real world. The Presidential Commission on Critical Infrastructure Protection was established in 1996 in the United States. As of today, the definition of “cybersecurity” has been determined at the legislative level. It includes 10 fundamental principles related to the development of the Internet and its impact on human life. Research Implications: The previous legislative experience of international law related to cybersecurity and privacy has been summarized. Originality/Value: In Ukraine, the process of legal support for cybersecurity and privacy on the Internet is also ongoing. Ukraine has both ratified several international documents related to this issue and has its own legislative framework.

Accelerating decarbonization digitally: Status quo and potentials of greenhouse gas emission tracking and trading

To effectively mitigate climate change, policymakers worldwide established various GHG tracking and trading systems. In the light of ambitious climate goals, stricter regulations, and increasing demand for climate action, various groups such as researchers and governmental institutions suggested additional approaches. This paper addresses the complexity that arises from the breadth of suggested approaches and implemented systems for GHG tracking and trading. By doing so, it synthesizes relevant dimensions in a way that is understandable to enterprises and policymakers, enabling them to design meaningful systems incorporating the reduction of GHG emissions and advance cleaner production. Therefore, this paper presents a first-of-its-kind taxonomy of GHG tracking and trading approaches through a systematic literature review. It illustrates ten main design and implementation dimensions with 30 corresponding characteristics. To accelerate decarbonization, this paper sets impulses for future GHG tracking in the electricity sector based on semi-structured expert interviews. Consecutively, it provides policy directions for CO2-adaptive decision-making for enterprises, formulated as a Call for Action with seven prospective questions. These include, for example, questions concerning technical aspects like data management, legal issues like the sufficiency of existing data security and privacy regulations, as well as economic topics like the calculation of an appropriate local and temporal granularity.

Enhancing Efficiency and Fine-Grained Control in Redactable Blockchains with EPBCHF

Blockchain technology has presented a promising decentralized paradigm to preclude trusted thirdparties' dominancy. It is a transparent and distributed ledger initially designed for digital cryptocurrencies whilecurrently extended to serve various industries. However, Blockchain immutability presents challenges, as it can bemisused for storing illicit content, violating privacy regulations, and limiting data management flexibility. PolicyBased Chameleon Hash Function (PBCH) has transformed blockchain rewriting contents concept via permittingmodifiers to amend certain transaction since they possessed fundamental privileges satisfying certain access policy.However, PBCHF suffers from efficiency issues due to its reliance on Chameleon Hash ephemeral Trapdoor (CHET)and Attribute-Based Encryption (ABE), significantly impacting overall efficiency. We propose the Efficient PolicyBased Chameleon (EPBCHF) construction by replacing CHET with Chameleon-Hashes by Dual Long-TermTrapdoors (CHDLTT) to address these challenges. Additionally, we introduce an enhanced encryption schemeresilient against chosen-ciphertext attacks (CCA) without compromising overall efficiency. Modelling EPBCHFproves practical instantiation accompanied by rigorous security proofs. Our construction provides a fine-grainedredactable blockchain in comparison to the currently proposed solutions. The evaluated results confirm that theproposed EPBCHF is scalable and efficient due to having the ability to handle unlimited transaction volumesadditionally, data is efficiently processed without further overhead meanwhile data size consistency reflects a robustmemory management due to predicted memory size, network bandwidth and storage requirement for future growththereby, EPBCHF is proven to be reliable and scalable.

Pass the tissue: restoring researcher access to legal human donations

The sensitivity of human tissue and previous instances of misuse have, rightfully, led to the introduction of far-reaching oversight and regulatory mechanisms for accessing, storing and sharing samples. However, these...

Advancements in brain tumor identification: Integrating synthetic GANs with federated-CNNs in medical imaging analysis

Brain tumors are a significant health concern worldwide, necessitating accurate and timely diagnosis for effective treatment planning and management. However, conventional methods for brain tumor identification through medical imaging analysis often face challenges related to accuracy, efficiency, and privacy concerns. Current approaches may struggle with limited datasets, privacy regulations hindering data sharing, and the need for specialized expertise in interpreting medical images. Accurately identifying brain tumors is pivotal in diagnosis, treatment planning, and patient prognosis. This research proposes a novel approach for advancing brain tumor identification by integrating Synthetic Generative Adversarial Networks with federated convolutional neural Networks in medical imaging analysis. Federated-CNNs are a type of neural network architecture designed for federated learning scenarios. In federated learning, model training occurs locally on data distributed across multiple devices or institutions without exchanging raw data. Federated CNNs allow collaborative model training across these distributed datasets by aggregating local model updates rather than exchanging raw data. This approach ensures that sensitive data remain localized within each participating institution, thus addressing privacy concerns in medical imaging analysis. Our methodology harnesses the power of GANs to generate synthetic brain MRI images, addressing data scarcity issues commonly encountered in medical imaging datasets. These synthetic images are then utilized in conjunction with Federated-CNNs, enabling cooperative model training between many healthcare institutions while maintaining the anonymity and privacy of data. Moreover, integrating Federated CNNs ensures that sensitive medical imaging data remain localized within participating institutions, addressing data privacy concerns and fostering collaboration among medical professionals. The research advances medical imaging analysis by introducing a novel methodology that leverages existing technologies to improve brain tumor identification accuracy. Specifically, the feature extraction phase using DenseNet121, implemented in MATLAB, achieves an outstanding accuracy of 99.82 % and outperforms Various existing methods, including Inception-V3, ResNet-18, and GoogleNet, demonstrating the efficacy of our approach in capturing discriminative features from medical imaging data. This high accuracy underscores the potential of our methodology to enhance diagnostic accuracy and clinical decision-making in neurology and oncology. The research offers a promising avenue for further exploration and innovation in medical imaging analysis, with significant implications for improving patient outcomes and advancing healthcare practices.

PrivySeC: A secure and privacy-compliant distributed framework for personal data sharing in IoT ecosystems

The contemporary era experiences an unprecedented dependence on data generated by individuals via an array of interconnected devices constituting the Internet of Things (IoT). The information amassed through IoT devices serves many objectives, including prescriptive analytics and predictive maintenance, preemptive healthcare measures, disaster mitigation, operational efficiency, and increased yield. In contrast, most applications or systems that rely on user-generated data to fulfill their business objectives face challenges in adhering to privacy protocols. Consequently, users are exposed to many privacy risks. Such infringements upon privacy provisions give rise to apprehensions regarding the authenticity of the processed data. Hence, this paper presents weaknesses and challenges in current practices and proposes “PrivySeC,” a distributed ledger technology (DLT) based framework for privacy-preserving and secure sharing of personally and non-personally identifiable information. The security analysis indicates that the proposed solution ensures data privacy by design and complies with most of the requirements mandated by various privacy regulations. Similarly, PrivySeC promises low transaction latency and provides high throughput. Although we have created a privacy-preserving solution for sharing smart farm data, it can be customized to meet the specific privacy requirements of individual applications.

Analysis of the Application of Artificial Intelligence in Computer Network Technology

The application of artificial intelligence (AI) technology in computer network technology is becoming increasingly extensive and in-depth. This paper analyzes the application of artificial intelligence in network security, network management, Internet of Things, edge computing and network services in detail. In network management, AI technology realizes network traffic optimization, automatic configuration and fault prediction, and improves the efficiency of network management. In the field of Internet of Things, AI technology helps manage and analyze a large amount of device data, supporting the development of smart homes and smart cities. In edge computing, AI technology enhances the data processing capabilities of edge nodes and reduces latency. In network services, artificial intelligence technology optimizes routing, voice recognition and personalized recommendation services. However, the application of artificial intelligence in network technology also faces challenges such as data privacy, computing resources and laws and regulations. This paper aims to provide a comprehensive reference for industry insiders to promote the application and development of artificial intelligence technology in computer networks.

Analysis of the Application of Artificial Intelligence in Computer Network Technology

The application of artificial intelligence (AI) technology in computer network technology is becoming increasingly extensive and in-depth. This paper analyzes the application of artificial intelligence in network security, network management, Internet of Things, edge computing and network services in detail. In network management, AI technology realizes network traffic optimization, automatic configuration and fault prediction, and improves the efficiency of network management. In the field of Internet of Things, AI technology helps manage and analyze a large amount of device data, supporting the development of smart homes and smart cities. In edge computing, AI technology enhances the data processing capabilities of edge nodes and reduces latency. In network services, artificial intelligence technology optimizes routing, voice recognition and personalized recommendation services. However, the application of artificial intelligence in network technology also faces challenges such as data privacy, computing resources and laws and regulations. This paper aims to provide a comprehensive reference for industry insiders to promote the application and development of artificial intelligence technology in computer networks.

Marketing Strategies in the Era of Mobile Applications: The Use of Geolocation and Contextual Advertising

"This comprehensive study embarks on an exploration of contemporary marketing strategies within the dynamic landscape of mobile applications, particularly emphasizing the utilization of geolocation and contextual advertising. The crux of this research lies in dissecting the effectiveness and inherent challenges of these cutting-edge marketing tactics. By systematically analyzing various case studies and current literature, the study unveils the substantial impact of geolocation-based marketing and contextual advertising on enhancing customer engagement and driving sales, underscoring the significant return on investment these strategies offer. However, this exploration is not without its complexities. The study investigates the technical challenges, including issues of data accuracy and platform integration, and critically examines the ethical and privacy concerns that are increasingly coming to the fore in the digital marketing domain. The research highlights the delicate balance marketers must maintain between leveraging innovative technologies and respecting consumer privacy, especially in light of stringent regulatory landscapes like GDPR and CCPA. A unique aspect of this study is its forward-looking approach, offering strategic recommendations for marketers to harness these technologies effectively. It also identifies and suggests areas for future research, particularly focusing on the evolving nature of privacy regulations and the potential impact they hold on shaping future marketing strategies. This study not only contributes to the academic discourse in digital marketing but also serves as a strategic guide for practitioners in the field, paving the way for responsible and efficient use of technology in marketing."

A Survey on Privacy of Personal and Non-Personal Data in B5G/6G Networks

The upcoming Beyond 5G (B5G) and 6G networks are expected to provide enhanced capabilities such as ultra-high data rates, dense connectivity, and high scalability. It opens many possibilities for a new generation of services driven by Artificial Intelligence (AI) and billions of interconnected smart devices. However, with this expected massive upgrade, the privacy of people, organisations, and states is becoming a rising concern. The recent introduction of privacy laws and regulations for personal and non-personal data signals that global awareness is emerging in the current privacy landscape. Yet, many gaps need to be identified in the case of two data types. If not detected, then they can lead to significant privacy leakages and attacks that will affect billions of people and organisations who utilise B5G/6G. This survey is a comprehensive study of personal and non-personal data privacy in B5G/6G to identify the current progress and future directions to ensure data privacy. We provide a detailed comparison of the two data types and a set of related privacy goals for B5G/6G. Next, we bring data privacy issues with possible solutions. This article also provides future directions to preserve personal and non-personal data privacy in future networks.

“Whispers from the Wrist”: Wearable Health Monitoring Devices and Privacy Regulations in the U.S.: The Loopholes, the Challenges, and the Opportunities

The growth of wearable technology has enabled the collection of even more personalized information on individuals. New health-related devices marketed to consumers collect health information that might not fall under the traditional category of Protected Health Information, and thus, HIPAA protections do not fully apply. Meaning, commercial wearable health devices do not fall under FDA oversight, and data not paired with a doctor–patient relationship do not fall under HIPAA privacy protection; thus, much of the gathered health-related metrics are left without regulation and open to be sold to data brokers. As such, these data can be leveraged by health insurance, law enforcement, and employers, to name a few. This manuscript explores the loopholes in current regulations and suggests a framework that categorizes wearable data and addresses challenges in data transfer. Furthermore, taking a user perspective, the suggested framework offers solutions that aim to guide users and policymakers in navigating privacy issues in wearable technology.

Privacy-Preserving Byzantine-Resilient Swarm Learning for E-Healthcare

An automatic medical diagnosis service based on deep learning has been introduced in e-healthcare, bringing great convenience to human life. However, due to privacy regulations, insufficient data sharing among medical centers has led to many severe challenges for automated medical diagnostic services, including diagnostic accuracy. To solve such problems, swarm learning (SL), a blockchain-based federated learning (BCFL), has been proposed. Although SL avoids single-point-of-failure attacks and offers an incentive mechanism, it still faces privacy breaches and poisoning attacks. In this paper, we propose a new privacy-preserving Byzantine-resilient swarm learning (PBSL) that is resistant to poisoning attacks while protecting data privacy. Specifically, we adopt threshold fully homomorphic encryption (TFHE) to protect data privacy and provide secure aggregation. And the cosine similarity is used to judge the malicious gradient uploaded by malicious medical centers. Through security analysis, PBSL is able to defend against a variety of known security attacks. Finally, PBSL is implemented by uniting deep learning with blockchain-based smart contract platforms. Experiments based on different datasets show that the PBSL algorithm is practical and efficient.

CCSI: Continual Class-Specific Impression for data-free class incremental learning

In real-world clinical settings, traditional deep learning-based classification methods struggle with diagnosing newly introduced disease types because they require samples from all disease classes for offline training. Class incremental learning offers a promising solution by adapting a deep network trained on specific disease classes to handle new diseases. However, catastrophic forgetting occurs, decreasing the performance of earlier classes when adapting the model to new data. Prior proposed methodologies to overcome this require perpetual storage of previous samples, posing potential practical concerns regarding privacy and storage regulations in healthcare. To this end, we propose a novel data-free class incremental learning framework that utilizes data synthesis on learned classes instead of data storage from previous classes. Our key contributions include acquiring synthetic data known as Continual Class-Specific Impression (CCSI) for previously inaccessible trained classes and presenting a methodology to effectively utilize this data for updating networks when introducing new classes. We obtain CCSI by employing data inversion over gradients of the trained classification model on previous classes starting from the mean image of each class inspired by common landmarks shared among medical images and utilizing continual normalization layers statistics as a regularizer in this pixel-wise optimization process. Subsequently, we update the network by combining the synthesized data with new class data and incorporate several losses, including an intra-domain contrastive loss to generalize the deep network trained on the synthesized data to real data, a margin loss to increase separation among previous classes and new ones, and a cosine-normalized cross-entropy loss to alleviate the adverse effects of imbalanced distributions in training data. Extensive experiments show that the proposed framework achieves state-of-the-art performance on four of the public MedMNIST datasets and in-house echocardiography cine series, with an improvement in classification accuracy of up to 51% compared to baseline data-free methods. Our code is available at https://github.com/ubc-tea/Continual-Impression-CCSI.

Privacy decision‐making and the effects of privacy choice architecture: Experiments toward the design of behaviorally‐aware privacy regulation

AbstractThe current notice and choice privacy framework fails to empower individuals in effectively making their own privacy choices. In this Article we offer evidence from three novel experiments showing that at the core of this failure is a cognitive error. Notice and choice caters to a heuristic that people employ to make privacy decisions. This heuristic is meant to distinguish between a party's good or bad intent in face‐to‐face‐situations. In the online context, it distorts privacy decision‐making and leaves potential disclosers vulnerable to exploitation.From our experimental evidence exploring the heuristic's effect, we conclude that privacy law must become more behaviorally aware. Specifically, privacy law must be redesigned to intervene in the cognitive mechanisms that keep individuals from making better privacy decisions. A behaviorally‐aware privacy regime must centralize, standardize and simplify the framework for making privacy choices.To achieve these goals, we propose a master privacy template which requires consumers to define their privacy preferences in advance—doing so avoids presenting the consumer with a concrete counterparty, and this, in turn, prevents them from applying the intent heuristic and reduces many other biases that affect privacy decision‐making. Our data show that blocking the heuristic enables consumers to consider relevant privacy cues and be considerate of externalities their privacy decisions cause.The master privacy template provides a much more effective platform for regulation. Through the master template the regulator can set the standard for automated communication between user clients and website interfaces, a facility which we expect to enhance enforcement and competition about privacy terms.

Legal Regulation of Cybersecurity and Privacy on the Internet

Objective: This article examines the conceptual framework for forming and developing legal regulation of cybersecurity and privacy on the Internet. Theoretical Framework: The article aims to highlight the evolution and future prospects of legal regulation concerning cybersecurity and privacy in both Ukraine and globally. Method: The methodological principles include impartiality and unbiasedness and a comprehensive study of the legislative framework and its specifics in the context of cybersecurity and privacy. Results and Discussion: The legislative experiences of international law on cybersecurity and privacy have been summarized. In Ukraine, the legal support process for cybersecurity and privacy continues, with the country ratifying several international documents and developing its own legislative framework. Research Implications: The term "cybersecurity" has been legislatively defined, encompassing 10 fundamental principles regarding the Internet's development and impact on human life. Originality/Value: The terms "cybersecurity," "cybercrime," and "privacy in the virtual space" require further refinement. A methodology that facilitates the interaction and coexistence of legal norms and netiquette is needed.

Impact of the General Data Protection Regulation on the Global Mobile App Market: Digital Trade Implications of Data Protection and Privacy Regulations

Impact of the General Data Protection Regulation on the Global Mobile App Market: Digital Trade Implications of Data Protection and Privacy Regulations

Analysis of GDPR Compliance in Utilizing Personal Data for Public Health Purposes in Romania.

The General Data Protection Regulation (GDPR), which became effective on May 25, 2016, underscored the significance of confidentiality across various economic and social domains. Within the medical sector, confidentiality of patient health information is meticulously governed by laws, e.g., no. 95/2006 and no. 46/2003. While these laws address numerous privacy aspects within the doctor-patient relationship, it becomes necessary to update them to align with the latest advancements in emerging technologies, particularly in the context of telemedicine. Upon reviewing the overview of rules pertaining to health data processing in Romania, as published by the European Data Protection Board (EDPB) in 2021, and comparing it with the current public health and research laws in Romania, it becomes apparent that there is a regulatory gap concerning the secondary use of health data. This gap is particularly notable in terms of planning, managing and enhancing the healthcare system, as well as utilizing such data for scientific and historical research purposes, leading to the necessity of developing and regulating the European Health Data Space. Although steps have been taken to align the GDPR legislation in Romania, there is still a disproportionality in the regulation of privacy and cyber security with the implementation of new technologies that will collect, process and store sensitive medical data.

Latest Computational Methods of Data Wrangling in Applied Linguistics

Data wrangling, the process of cleaning, transforming, and mapping raw data into a usable format, is a fundamental step in linguistic research. With the exponential growth of digital text and spoken language data, computational methods have become essential for managing and analyzing large datasets. This paper explores the latest computational techniques in data wrangling for linguistics, highlighting advancements in machine learning, natural language processing (NLP), and automated data cleaning technologies. These innovations enhance the efficiency and accuracy of data processing, enabling researchers to uncover patterns and generate insights previously unattainable. Additionally, the paper addresses the challenges inherent in data wrangling, including the integration of diverse data sources, the complexity of real-time data processing, and the importance of maintaining data quality and compliance with privacy regulations. Through a detailed examination of current methodologies and emerging trends, this research underscores the critical role of data wrangling in advancing linguistic studies and offers practical solutions for overcoming common obstacles in the field. The findings suggest that continued advancements in AI-driven tools and automated solutions will significantly impact the future of linguistic data analysis, making it more accessible and effective.

Price customization and targeting in matching markets

AbstractWe introduce a model of (platform‐mediated) many‐to‐many matching in which agents' preferences are both vertically and horizontally differentiated. We first show how the model can be used to derive the profit‐maximizing matching plans under customized pricing. We then investigate the implications for targeting and welfare of uniform pricing (be it explicitly mandated or induced by privacy regulation), preventing the platform from conditioning prices on agents' profiles. The model can be applied to study ad exchanges, online retailing, and media markets.

Navigating the Regulatory Labyrinth: Compliance Dilemmas and Lead User Innovation in the Fintech Sector

Abstract This research article deals with the lead user innovation difficulties in the Kenyan financial technology sector, specifying the regulatory compliance challenges. The flourishing of fintech firms in diverse aspects and sectors have faced numerous dilemmas, particularly in intellectual property, privacy and consumer safety regulations which may lead to lack of adherence. The consequences of non-compliance can be severe, including legal penalties and reputational damage. Despite the importance of innovation in fintech companies, the dilemmas innovators face in navigating regulatory compliance is not yet fully investigated. This research adopts and employs a sequential mixed-method approach that allows complex connection of lead users and regulators in terms of compliance. Survey data from 321 lead users and in-depth interviews with 36 lead users and five regulators revealed a range of compliance challenges. Intellectual property laws scored the least adherence, with the plethora of regulations and overseeing bodies contributing to increased non-compliance. The outcomes highlight the pressing compliance issues faced by lead users and underscore the potential of regulatory bodies to bolster adherence. The outcomes indicate the need for a different approach to regulatory compliance by lead users. This paper underscores the necessity of cooperative engagement between innovators and regulators to effectively maneuver through the dynamic compliance landscape of the financial technology industry.