SlideShare une entreprise Scribd logo

Privacy through Anonymisation in Large-scale Socio-technical Systems: The BISON Approach

Andrea Omicini
Andrea Omicini

Large-scale socio-technical systems (STS) inextricably inter-connect individual – e.g., the right to privacy –, social – e.g., the effectiveness of organisational processes –, and technology issues —e.g., the software engineering process. As a result, the design of the complex software infrastructure involves also non-technological aspects such as the legal ones—so that, e.g., law-abidingness can be ensured since the early stages of the software engineering process. By focussing on contact centres (CC) as relevant examples of knowledge-intensive STS, we elaborate on the articulate aspects of anonymisation: there, individual and organisational needs clash, so that only an accurate balancing between legal and technical aspects could possibly ensure the system efficiency while preserving the individual right to privacy. We discuss first the overall legal framework, then the general theme of anonymisation in CC. Finally we overview the technical process developed in the context of the BISON project. Project presentation @ DMI, Università di Catania, Italy, 25 July 2016

Sciences
1  sur  38
Télécharger pour lire hors ligne
Privacy through Anonymisation in Large-scale Socio-technical Systems The BISON Approach Claudia Cevenini Enrico Denti Andrea Omicini Italo Cerno {claudia.cevenini, enrico.denti, andrea.omicini, italo.cerno}@unibo.it Dipartimento di Informatica – Scienza e Ingegneria (DISI) Alma Mater Studiorum – Universit`a di Bologna DMI, Universit`a di Catania Catania, Italy, 25 July 2016 Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 1 / 38
Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 2 / 38
Scope & Goals Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 3 / 38
Scope & Goals Context & Motivation Scope and Purpose the research focusses on contact centres (CC) as relevant examples of knowledge-intensive sociotechnical systems (STS) we discuss the articulate aspects of anonymisation individual and organisational needs clash only an accurate balancing between legal and technical aspects could possibly ensure the system efficiency while preserving the individual right to privacy we discuss first the overall legal framework, then the general theme of anonymisation in CC we overview the technical process developed in the context of the BISON project Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 4 / 38
Scope & Goals Context & Motivation Contact Centres as STS Typical technology issues of CC as STS basic speech data mining technologies with multi-language capabilities business outcome mining from speech CC support systems integrating both speech and business outcome mining in user-friendly way Scaling up to big data processing clearly scales up also the privacy and data protection issues Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 5 / 38
Scope & Goals Context & Motivation Goal of the Research to assess how complex legal issues at both national and international level can be dealt with while building a complex software infrastructure for CC—both in the development and in the subsequent business phases to investigate how complex software infrastructures for CC may be developed and marketed in the full respect of the data protection legal framework to focus on anonymisation as a fundamental concept and tool to deal with the potential conflict between opposite rights and needs, especially in the research and development phase of a large-scale, knowledge intensive STS Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 6 / 38
Scope & Goals Context & Motivation Law and IT: A Focal Point Privacy vs. efficiency the need for a suitable compromise between law-abidingness and privacy and system / process efficiency is a relevant goal not just for the legal analysis but for the whole engineering process that leads to the construction of the CC infrastructure a potential conflict of interests should become composition of interests the requirement of legal compliance can be exploited as a success factor instead of a source of delays and overheads an issue going well beyond the CC case study Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 7 / 38
Legal Framework Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 8 / 38
Legal Framework Data Protection Directive (DPD) DPD the EU Data Protection Directive (Dir 1999/95/EC) [DPD95] sets key principles for the fair and lawful processing of personal data and the technical and organisational security measures designed to guarantee that all personal data are safe from destruction, loss, alteration, unauthorised disclosure, or access, during the entire data processing period data processing requires even more care when it involves large amounts of personal and/or sensitive data in particular, people should be able to manage the flow of their data across massive, third-party analytical systems, so as to have a transparent view of how information data will be used, or sold data transfer from and outside the EU and cloud services is also a particularly hot topic, since non-EU countries might provide an insufficient level of protection to personal data. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 9 / 38
Legal Framework Personal Data What is personal data? any information relating to a natural person, who can be identified, either directly or indirectly, by reference to one or more factors specific to his/her physical, physiological, mental, economic, cultural, or social identity if the link between an individual and personal data never occurred or is somehow broken and cannot be rebuilt in any way (such as with anonymised data), the DPD rules no longer apply Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 10 / 38
Legal Framework Roles in Personal Data Processing Data controller vs. data processor the data controller is in charge of personal data processing and takes any related decision e.g., selection of data to be processed, purposes and means of processing, technical and organisational security, . . . the data processor is a legally separate entity that processes personal data on behalf of a controller, in force of a written agreement and following specific instructions in other words, the controller processes data on its own behalf, while the processor always acts on behalf of a controller, from whom it derives its power and range of activity for instance, a company acts as a controller in processing its own customers data, whereas the CC entrusted with the same processing acts as a processor on behalf of the company Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 11 / 38
Legal Framework How to Process Personal Data According to the DPD Processing personal data Personal data must be processed fairly and lawfully collected for specified, explicit, and legitimate purposes and not further processed in a way incompatible with those purpose further processing of data for historical, statistical or scientific purposes may not be considered as incompatible, with appropriate safeguards adequate, relevant and not excessive in relation to the purposes accurate and, where necessary, kept up to date; inaccurate or incomplete data should be erased or rectified kept in a form which permits identification of data subjects for no longer than is necessary for the purposes. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 12 / 38
Legal Framework Accountability According to the accountability principle data controllers must implement adequate technical and organisational measures to promote and safeguard data protection in their processing activities controllers are responsible for the compliance of their processing operations with data protection law and should be able to demonstrate compliance with data protection provisions at any time. They should also ensure that such measures are effective in case of larger, more complex, or high-risk data processing, the effectiveness of the measures adopted should be verified regularly, through monitoring, internal and external audits, etc. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 13 / 38
Legal Framework Security Measures Technical and organisational security measures should be adopted to protect personal data during all the processing period against the risks related to the integrity and confidentiality of data The level of data security requested by the law is determined by different elements, such as the nature (sensitive/non-sensitive) of the collected data the concrete availability in the market of adequate security measures at the current state of the art their costwhich should not be “disproportionate” with respect to the necessity Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 14 / 38
Legal Framework Big Speech Data Issues I Speech A large-scale STS infrastructure involves speech recordings, i.e. it processes biometric data (tone, pitch, cadence, and frequency of a persons voice) to determine the identity of a person. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 15 / 38
Legal Framework Big Speech Data Issues II from a data protection perspective, biometrics is linked to physical, physiological, behavioural, or even psychological characteristics of an individual, some of which may be used to reveal sensitive data biometric data may also enable automated tracking, tracing, or profiling of persons: as such, their potential impact on privacy is high biometric data are by nature irrevocable → the processing of biometric data is not only subject to the informed consent of the data subject, but may also imply authorisations/notifications from/vs. Data Protection Authorities and is submitted to strict rules on security measures that must be adopted to protect data Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 16 / 38
Legal Framework Big Speech Data Issues III Big Data big data analytics can involve the repurposing of personal data if an organisation has collected personal data for one purpose and then decides to start analysing it for another one (or to make it available for others to do so), data subjects need to be informed and a new, specific consent is needed big data may in themselves contrast with the principle of data minimisation and relevancy the challenge for organisations is to focus on what they expect to learn or be able to do by processing big data before the beginning of processing operations, thus verifying that these serve the purpose(s) they are to be collected for, and, at the same time, that they are relevant and not excessive in relation to such aim(s) Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 17 / 38
Socio-Legal-Technical Analysis Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 18 / 38
Socio-Legal-Technical Analysis Relevant Principles I the current legal framework foresees a set of essential principles that should inspire the design and development of any law-abiding information system processing personal data while some of such principles directly derive from the DPD – namely, from the “Principles relating to data quality” –, others concern the security measures that should be adopted, particularly with reference to the “Security of processing” these principles are further strengthened and detailed in the “General Data Protection Regulation” (GDPR) [GDP16] Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 19 / 38
Socio-Legal-Technical Analysis Relevant Principles II Categories for principles (a) principles about data processing (b) principles about security measures (c) other relevant principles Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 20 / 38
Socio-Legal-Technical Analysis Principles of Data Processing 1 principle of lawfulness and fairness 2 principle of relevance and non-excessive use 3 principle of purpose 4 principle of accuracy 5 principle of data retention Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 21 / 38
Socio-Legal-Technical Analysis Principles of Security Measures 1 principle of privacy by design 2 principle of appropriateness of the security measures 3 principle of privacy by default Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 22 / 38
Socio-Legal-Technical Analysis Other Relevant Principles 1 principle of least privilege 2 principle of intentionality in performing any critical action Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 23 / 38
Socio-Legal-Technical Analysis Technological Requirements for Anonymisation Resulting requirements personal data may be processed only to the extent they are needed to achieve specific purposes: whenever identifying data are not necessary, only anonymous data should be used the DPD does not apply to data rendered anonymous such that the data subject is no longer identifiable: it does not set any prescriptive standard, nor does it describe the de-identification processjust its outcome, which is a reasonably-impossible re-identification Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 24 / 38
Anonymisation Process Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 25 / 38
Anonymisation Process How Should Data be Anonymised? the DPD does not apply to data made anonymous in such a way that the data subject is no longer identifiable however, it is difficult to create a truly anonymous dataset, and at the same time to retain all the data required for a specific (organisational) task on the other hand, irreversibly-preventing identification requires data controllers to consider all the means which may likely reasonably be used for identification, either by the controller or by a third party Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 26 / 38
Anonymisation Process Article 29 Working Party the Article 29 Working Party – Opinion on Anonymisation Techniques (Art. 29 WP henceforth) [Dir14] is an important reference for compliance in anonymisation issues the criteria on which Art. 29 WP grounds its opinion on robustness focus on the possibility of singling out an individual linking records relating to an individual inferring information concerning an individual. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 27 / 38
Anonymisation Process in BISON Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 28 / 38
Anonymisation Process in BISON Anonymisation in BISON Fundamental distinction research phase — when software and technologies are being developed and tested, but are not yet in actual production business phase — the subsequent, foreseeable, when they actually deal with real customers data anonymisation is seen as the fundamental tool to set the industrial research phase free from the complex requirements imposed by the Data Protection rules, given that the DPD does not apply to anonymised data at the same time, in the business phase that will follow the research project, the tool will have to deal with real user data, in compliance with applicable laws Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 29 / 38
Anonymisation Process in BISON The BISON Anonymisation Process: General Overview Figure: Anonymisation during the Start-up stage and Research stage in BISON Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 30 / 38
Anonymisation Process in BISON The BISON Anonymisation Process: Stages in the first stage of the BISON research, anonymisation is performed mostly with manual procedures, because of the limited data size and of the initial lack of automatic tools in the second stage, huge amounts of speech data need to be processed: automatic transcription – for all the supported languages – has to be put in place automatic anonymisation is performed on the original audio file and may not be 100% effective any effort should be made to reduce these errors to the minimum: the automatic anonymiser should be designed, trained, and tested according to the best available practices the subsequent feature extraction helps to deal with this issue, because the extracted statistics make it (mostly) impossible to reconstruct the original audio file. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 31 / 38
Anonymisation Process in BISON Technological Requirements the BISON tool should adhere to strict security requirements: users roles, rights, and restrictions should be tuneable on a fine-grain basis, and be further detailed case-by-case based both on the actual needs and the applicable national legal framework. on-the-fly anonymisation should be available to deal with the case that some unexpected personal data are heard by the CC agent in the final state of the system (ready-to-market), users will need to be enabled to anonymise personal data whenever not needed for the specific purposes of the processingand they should be able to do so in a highly customisable way the key challenge from this viewpoint is also to make anonymisation future-proof both with respect to a continuously-evolving legal scenario, as well as to the technology improvement, evolving even faster Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 32 / 38
Conclusion & Further Work Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 33 / 38
Conclusion & Further Work Conclusions I the practices of contemporary software engineering have to be extended to include non-computational issues such as normative, organisational, and societal aspects this holds in particular for large-scale STS: for instance, the law-abidingness of complex software systems including both human and software agents is quite an intricate issue, to be faced in the requirement stage of any reliable software engineering process in this work we have specifically addressed the anonymisation of speech data in CC, discussing the need for an accurate balancing between legal and technical aspects in order to ensure the system efficiency while preserving the individual right to privacy, and showing how the legal framework can actually translate into requirements for the software engineering process Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 34 / 38
Conclusion & Further Work Conclusions II by discussing the BISON approach, we show how the anonymisation process can be structured during the industrial research phase to enable the resulting system to deal with the amount of data actually required in the business operation phase Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 35 / 38
References References I Article 29 Data Protection Working Party – Opinion 05/2014 on anonymisation techniques. http://ec.europa.eu/justice/data-protection/article-29/, 18 April 2014. 0829/14/EN WP216. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities, 38(L 281):31–50, 23 November 1995. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (text with EEA relevance). Official Journal of the European Communities, 59(L 119):1–88, 4 May 2016. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 36 / 38
Extras URLs Slides on APICe → http://apice.unibo.it/xwiki/bin/view/Talks/BisonCatania2016 on SlideShare → http://www.slideshare.net/andreaomicini/ privacy-through-anonymisation Related paper on APICe → http://apice.unibo.it/xwiki/bin/view/Publications/BisonInsci2016 on Springer → ? Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 37 / 38
Privacy through Anonymisation in Large-scale Socio-technical Systems The BISON Approach Claudia Cevenini Enrico Denti Andrea Omicini Italo Cerno {claudia.cevenini, enrico.denti, andrea.omicini, italo.cerno}@unibo.it Dipartimento di Informatica – Scienza e Ingegneria (DISI) Alma Mater Studiorum – Universit`a di Bologna DMI, Universit`a di Catania Catania, Italy, 25 July 2016 Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 38 / 38

Recommandé

"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...Cédric Laurant
 
Information governance a_necessity_in_to
Information governance a_necessity_in_toInformation governance a_necessity_in_to
Information governance a_necessity_in_toAnne ndolo
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technologyEzraGray1
 
Research on Legal Protection of Data Rights of E Commerce Platform Operators
Research on Legal Protection of Data Rights of E Commerce Platform OperatorsResearch on Legal Protection of Data Rights of E Commerce Platform Operators
Research on Legal Protection of Data Rights of E Commerce Platform OperatorsYogeshIJTSRD
 
KLL4328
KLL4328 KLL4328
KLL4328 KLIBEL
 
Research on Electronic Commerce Platform Consumer Data Rights and Legal Prote...
Research on Electronic Commerce Platform Consumer Data Rights and Legal Prote...Research on Electronic Commerce Platform Consumer Data Rights and Legal Prote...
Research on Electronic Commerce Platform Consumer Data Rights and Legal Prote...YogeshIJTSRD
 
LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)Wolfgang Greller
 
Research on Legal Protection of Personal Data Privacy of E Commerce Platform ...
Research on Legal Protection of Personal Data Privacy of E Commerce Platform ...Research on Legal Protection of Personal Data Privacy of E Commerce Platform ...
Research on Legal Protection of Personal Data Privacy of E Commerce Platform ...YogeshIJTSRD
 

Recommandé

"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...Cédric Laurant
 
Information governance a_necessity_in_to
Information governance a_necessity_in_toInformation governance a_necessity_in_to
Information governance a_necessity_in_toAnne ndolo
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technologyEzraGray1
 
Research on Legal Protection of Data Rights of E Commerce Platform Operators
Research on Legal Protection of Data Rights of E Commerce Platform OperatorsResearch on Legal Protection of Data Rights of E Commerce Platform Operators
Research on Legal Protection of Data Rights of E Commerce Platform OperatorsYogeshIJTSRD
 
KLL4328
KLL4328 KLL4328
KLL4328 KLIBEL
 
Research on Electronic Commerce Platform Consumer Data Rights and Legal Prote...
Research on Electronic Commerce Platform Consumer Data Rights and Legal Prote...Research on Electronic Commerce Platform Consumer Data Rights and Legal Prote...
Research on Electronic Commerce Platform Consumer Data Rights and Legal Prote...YogeshIJTSRD
 
LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)Wolfgang Greller
 
Research on Legal Protection of Personal Data Privacy of E Commerce Platform ...
Research on Legal Protection of Personal Data Privacy of E Commerce Platform ...Research on Legal Protection of Personal Data Privacy of E Commerce Platform ...
Research on Legal Protection of Personal Data Privacy of E Commerce Platform ...YogeshIJTSRD
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalDr. Donald Macfarlane
 
E Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal ProtectionE Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal Protectionijtsrd
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Ashish vishal
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationcaniceconsulting
 
Technology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformationTechnology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformationat MicroFocus Italy ❖✔
 
Artificial Intelligence and Machine Learning
Artificial Intelligence and Machine LearningArtificial Intelligence and Machine Learning
Artificial Intelligence and Machine LearningPolsinelli PC
 
Protecting Patient Health Information in the HITECH Era
Protecting Patient Health Information in the HITECH EraProtecting Patient Health Information in the HITECH Era
Protecting Patient Health Information in the HITECH EraRapid7
 
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...Konstantinos Demertzis
 
IT Security in Higher Education
IT Security in Higher EducationIT Security in Higher Education
IT Security in Higher EducationRapid7
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingJes Breslaw
 
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceBest Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceRapid7
 
Biometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesBiometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesGiannisBasa
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill Komal Gadia
 
Rapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data PrivacyWilmerHale
 
How to Protect Your Data
How to Protect Your DataHow to Protect Your Data
How to Protect Your DataNeopost Mailing Solutions, Digital Communications and Shipping Services
 
Data privacy Legislation in India
Data privacy Legislation in IndiaData privacy Legislation in India
Data privacy Legislation in IndiaLATHA H C
 
Data protection for Lend.io - legal analysis by Bird and Bird
Data protection for Lend.io - legal analysis by Bird and BirdData protection for Lend.io - legal analysis by Bird and Bird
Data protection for Lend.io - legal analysis by Bird and BirdCoadec
 
Governing the Chaos
Governing the ChaosGoverning the Chaos
Governing the ChaosJohn Hansen
 
Privacy trends 2011
Privacy trends 2011Privacy trends 2011
Privacy trends 2011Vladimir Matviychuk
 
ABMS in m-Health Self-Management
ABMS in m-Health Self-ManagementABMS in m-Health Self-Management
ABMS in m-Health Self-ManagementAndrea Omicini
 
Game Engines to Model MAS: A Research Roadmap
Game Engines to Model MAS: A Research RoadmapGame Engines to Model MAS: A Research Roadmap
Game Engines to Model MAS: A Research RoadmapAndrea Omicini
 

Contenu connexe

Tendances

Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalDr. Donald Macfarlane
 
E Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal ProtectionE Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal Protectionijtsrd
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Ashish vishal
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationcaniceconsulting
 
Technology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformationTechnology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformationat MicroFocus Italy ❖✔
 
Artificial Intelligence and Machine Learning
Artificial Intelligence and Machine LearningArtificial Intelligence and Machine Learning
Artificial Intelligence and Machine LearningPolsinelli PC
 
Protecting Patient Health Information in the HITECH Era
Protecting Patient Health Information in the HITECH EraProtecting Patient Health Information in the HITECH Era
Protecting Patient Health Information in the HITECH EraRapid7
 
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...Konstantinos Demertzis
 
IT Security in Higher Education
IT Security in Higher EducationIT Security in Higher Education
IT Security in Higher EducationRapid7
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingJes Breslaw
 
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceBest Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceRapid7
 
Biometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesBiometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesGiannisBasa
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill Komal Gadia
 
Rapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data PrivacyWilmerHale
 
Data privacy Legislation in India
Data privacy Legislation in IndiaData privacy Legislation in India
Data privacy Legislation in IndiaLATHA H C
 
Data protection for Lend.io - legal analysis by Bird and Bird
Data protection for Lend.io - legal analysis by Bird and BirdData protection for Lend.io - legal analysis by Bird and Bird
Data protection for Lend.io - legal analysis by Bird and BirdCoadec
 
Governing the Chaos
Governing the ChaosGoverning the Chaos
Governing the ChaosJohn Hansen
 

Tendances (20)

Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
 
E Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal ProtectionE Commerce Platform Data Ownership and Legal Protection
E Commerce Platform Data Ownership and Legal Protection
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislation
 
Technology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformationTechnology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformation
 
Artificial Intelligence and Machine Learning
Artificial Intelligence and Machine LearningArtificial Intelligence and Machine Learning
Artificial Intelligence and Machine Learning
 
Protecting Patient Health Information in the HITECH Era
Protecting Patient Health Information in the HITECH EraProtecting Patient Health Information in the HITECH Era
Protecting Patient Health Information in the HITECH Era
 
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
 
IT Security in Higher Education
IT Security in Higher EducationIT Security in Higher Education
IT Security in Higher Education
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-masking
 
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceBest Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
 
Biometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesBiometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization Issues
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill
 
Rapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government Sector
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data Privacy
 
How to Protect Your Data
How to Protect Your DataHow to Protect Your Data
How to Protect Your Data
 
Data privacy Legislation in India
Data privacy Legislation in IndiaData privacy Legislation in India
Data privacy Legislation in India
 
Data protection for Lend.io - legal analysis by Bird and Bird
Data protection for Lend.io - legal analysis by Bird and BirdData protection for Lend.io - legal analysis by Bird and Bird
Data protection for Lend.io - legal analysis by Bird and Bird
 
Governing the Chaos
Governing the ChaosGoverning the Chaos
Governing the Chaos
 
Privacy trends 2011
Privacy trends 2011Privacy trends 2011
Privacy trends 2011
 

En vedette

ABMS in m-Health Self-Management
ABMS in m-Health Self-ManagementABMS in m-Health Self-Management
ABMS in m-Health Self-ManagementAndrea Omicini
 
Game Engines to Model MAS: A Research Roadmap
Game Engines to Model MAS: A Research RoadmapGame Engines to Model MAS: A Research Roadmap
Game Engines to Model MAS: A Research RoadmapAndrea Omicini
 
Smart Augmented Fields for Emergency Operations
Smart Augmented Fields for Emergency OperationsSmart Augmented Fields for Emergency Operations
Smart Augmented Fields for Emergency OperationsUniversity of Bologna
 
Self-organisation of Knowledge in Socio-technical Systems: A Coordination Per...
Self-organisation of Knowledge in Socio-technical Systems: A Coordination Per...Self-organisation of Knowledge in Socio-technical Systems: A Coordination Per...
Self-organisation of Knowledge in Socio-technical Systems: A Coordination Per...Andrea Omicini
 
The TuCSoN Coordination Model & Technology. A Guide
The TuCSoN Coordination Model & Technology. A GuideThe TuCSoN Coordination Model & Technology. A Guide
The TuCSoN Coordination Model & Technology. A GuideAndrea Omicini
 
Cartesian Perspectives - What does the future hold for the MVNO market?
Cartesian Perspectives - What does the future hold for the MVNO market? Cartesian Perspectives - What does the future hold for the MVNO market?
Cartesian Perspectives - What does the future hold for the MVNO market? Cartesian
 
Big-Data in Health Care: Patient data analyses has great potential and risks
Big-Data in Health Care: Patient data analyses has great potential and risksBig-Data in Health Care: Patient data analyses has great potential and risks
Big-Data in Health Care: Patient data analyses has great potential and risksDr. Jonathan Mall
 
IoT = device + cloud. how to architect an iot solution slideshare
IoT = device + cloud. how to architect an iot solution slideshareIoT = device + cloud. how to architect an iot solution slideshare
IoT = device + cloud. how to architect an iot solution slideshareGuy Vinograd ☁
 
Report out: IoT-based Healthcare Services
Report out: IoT-based Healthcare Services Report out: IoT-based Healthcare Services
Report out: IoT-based Healthcare Services US-Ignite
 
Medical & Healthcare IoT M2M Solutions
Medical & Healthcare IoT M2M SolutionsMedical & Healthcare IoT M2M Solutions
Medical & Healthcare IoT M2M SolutionsEurotech
 
25 Most Interesting Medical MEMS and Sensors Projects
25 Most Interesting Medical MEMS and Sensors Projects25 Most Interesting Medical MEMS and Sensors Projects
25 Most Interesting Medical MEMS and Sensors ProjectsMEMS Journal, Inc.
 
[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?InterQuest Group
 

En vedette (16)

ABMS in m-Health Self-Management
ABMS in m-Health Self-ManagementABMS in m-Health Self-Management
ABMS in m-Health Self-Management
 
Game Engines to Model MAS: A Research Roadmap
Game Engines to Model MAS: A Research RoadmapGame Engines to Model MAS: A Research Roadmap
Game Engines to Model MAS: A Research Roadmap
 
Smart Augmented Fields for Emergency Operations
Smart Augmented Fields for Emergency OperationsSmart Augmented Fields for Emergency Operations
Smart Augmented Fields for Emergency Operations
 
Self-organisation of Knowledge in Socio-technical Systems: A Coordination Per...
Self-organisation of Knowledge in Socio-technical Systems: A Coordination Per...Self-organisation of Knowledge in Socio-technical Systems: A Coordination Per...
Self-organisation of Knowledge in Socio-technical Systems: A Coordination Per...
 
The TuCSoN Coordination Model & Technology. A Guide
The TuCSoN Coordination Model & Technology. A GuideThe TuCSoN Coordination Model & Technology. A Guide
The TuCSoN Coordination Model & Technology. A Guide
 
MedM_Overview
MedM_OverviewMedM_Overview
MedM_Overview
 
Cartesian Perspectives - What does the future hold for the MVNO market?
Cartesian Perspectives - What does the future hold for the MVNO market? Cartesian Perspectives - What does the future hold for the MVNO market?
Cartesian Perspectives - What does the future hold for the MVNO market?
 
Big-Data in Health Care: Patient data analyses has great potential and risks
Big-Data in Health Care: Patient data analyses has great potential and risksBig-Data in Health Care: Patient data analyses has great potential and risks
Big-Data in Health Care: Patient data analyses has great potential and risks
 
IoT = device + cloud. how to architect an iot solution slideshare
IoT = device + cloud. how to architect an iot solution slideshareIoT = device + cloud. how to architect an iot solution slideshare
IoT = device + cloud. how to architect an iot solution slideshare
 
Report out: IoT-based Healthcare Services
Report out: IoT-based Healthcare Services Report out: IoT-based Healthcare Services
Report out: IoT-based Healthcare Services
 
Smart sensor technology in healthcare & protection
Smart sensor technology in healthcare & protectionSmart sensor technology in healthcare & protection
Smart sensor technology in healthcare & protection
 
Medical & Healthcare IoT M2M Solutions
Medical & Healthcare IoT M2M SolutionsMedical & Healthcare IoT M2M Solutions
Medical & Healthcare IoT M2M Solutions
 
IoT in Healthcare
IoT in HealthcareIoT in Healthcare
IoT in Healthcare
 
25 Most Interesting Medical MEMS and Sensors Projects
25 Most Interesting Medical MEMS and Sensors Projects25 Most Interesting Medical MEMS and Sensors Projects
25 Most Interesting Medical MEMS and Sensors Projects
 
IoT + MVNO + Health = Profit
IoT + MVNO + Health = ProfitIoT + MVNO + Health = Profit
IoT + MVNO + Health = Profit
 
[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?
 

Similaire à Privacy through Anonymisation in Large-scale Socio-technical Systems: The BISON Approach

Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-l...
Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-l...Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-l...
Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-l...Enrico Denti
 
Jan 2017 Submission to AG Re: Metadata use in civil proceedings
Jan 2017 Submission to AG Re: Metadata use in civil proceedingsJan 2017 Submission to AG Re: Metadata use in civil proceedings
Jan 2017 Submission to AG Re: Metadata use in civil proceedingsTimothy Holborn
 
Governance compliance
Governance complianceGovernance compliance
Governance complianceAndy Petrella
 
An ethical approach to data privacy protection
An ethical approach to data privacy protectionAn ethical approach to data privacy protection
An ethical approach to data privacy protectionNicha Tatsaneeyapan
 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard
 
Meeting the challenges of big data
Meeting the challenges of big dataMeeting the challenges of big data
Meeting the challenges of big dataAntoine Vigneron
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...Symantec
 
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Ted Myerson
 
Access to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaAccess to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaOECD Governance
 
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTIONETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTIONPranav Godse
 
Anonos NTIA Comment Letter letter on ''Big Data'' Developments and How They I...
Anonos NTIA Comment Letter letter on ''Big Data'' Developments and How They I...Anonos NTIA Comment Letter letter on ''Big Data'' Developments and How They I...
Anonos NTIA Comment Letter letter on ''Big Data'' Developments and How They I...Ted Myerson
 
Data Privacy and Protection in the Digital Age - pdf.pdf
Data Privacy and Protection in the Digital Age - pdf.pdfData Privacy and Protection in the Digital Age - pdf.pdf
Data Privacy and Protection in the Digital Age - pdf.pdfKarpagam Institute
 
Anonos PR Newswire Press Release 07-09-15
Anonos PR Newswire Press Release 07-09-15Anonos PR Newswire Press Release 07-09-15
Anonos PR Newswire Press Release 07-09-15Ted Myerson
 
TIK_4. pengelolaan informasi_20161__rev
TIK_4. pengelolaan informasi_20161__revTIK_4. pengelolaan informasi_20161__rev
TIK_4. pengelolaan informasi_20161__revjackpopo
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSInteraktiv
 
Social, political and technological considerations for national identity mana...
Social, political and technological considerations for national identity mana...Social, political and technological considerations for national identity mana...
Social, political and technological considerations for national identity mana...Ravinder (Ravi) Singh
 
Privacy protecting fitness trackers
Privacy protecting fitness trackersPrivacy protecting fitness trackers
Privacy protecting fitness trackersiwhhu
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obamaLilian Edwards
 

Similaire à Privacy through Anonymisation in Large-scale Socio-technical Systems: The BISON Approach (20)

Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-l...
Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-l...Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-l...
Privacy through Anonymisation in Large-scale Socio-technical Systems: Multi-l...
 
Jan 2017 Submission to AG Re: Metadata use in civil proceedings
Jan 2017 Submission to AG Re: Metadata use in civil proceedingsJan 2017 Submission to AG Re: Metadata use in civil proceedings
Jan 2017 Submission to AG Re: Metadata use in civil proceedings
 
Governance compliance
Governance complianceGovernance compliance
Governance compliance
 
An ethical approach to data privacy protection
An ethical approach to data privacy protectionAn ethical approach to data privacy protection
An ethical approach to data privacy protection
 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
 
Meeting the challenges of big data
Meeting the challenges of big dataMeeting the challenges of big data
Meeting the challenges of big data
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
 
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
 
Access to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaAccess to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela Piana
 
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTIONETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
 
Anonos NTIA Comment Letter letter on ''Big Data'' Developments and How They I...
Anonos NTIA Comment Letter letter on ''Big Data'' Developments and How They I...Anonos NTIA Comment Letter letter on ''Big Data'' Developments and How They I...
Anonos NTIA Comment Letter letter on ''Big Data'' Developments and How They I...
 
Data Privacy and Protection in the Digital Age - pdf.pdf
Data Privacy and Protection in the Digital Age - pdf.pdfData Privacy and Protection in the Digital Age - pdf.pdf
Data Privacy and Protection in the Digital Age - pdf.pdf
 
Anonos PR Newswire Press Release 07-09-15
Anonos PR Newswire Press Release 07-09-15Anonos PR Newswire Press Release 07-09-15
Anonos PR Newswire Press Release 07-09-15
 
Big Data technology
Big Data technologyBig Data technology
Big Data technology
 
TIK_4. pengelolaan informasi_20161__rev
TIK_4. pengelolaan informasi_20161__revTIK_4. pengelolaan informasi_20161__rev
TIK_4. pengelolaan informasi_20161__rev
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM Tyszka
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMS
 
Social, political and technological considerations for national identity mana...
Social, political and technological considerations for national identity mana...Social, political and technological considerations for national identity mana...
Social, political and technological considerations for national identity mana...
 
Privacy protecting fitness trackers
Privacy protecting fitness trackersPrivacy protecting fitness trackers
Privacy protecting fitness trackers
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obama
 

Plus de Andrea Omicini

Measuring Trustworthiness in Neuro-Symbolic Integration
Measuring Trustworthiness in Neuro-Symbolic IntegrationMeasuring Trustworthiness in Neuro-Symbolic Integration
Measuring Trustworthiness in Neuro-Symbolic IntegrationAndrea Omicini
 
Explainable Pervasive Intelligence with Self-explaining Agents
Explainable Pervasive Intelligence with Self-explaining AgentsExplainable Pervasive Intelligence with Self-explaining Agents
Explainable Pervasive Intelligence with Self-explaining AgentsAndrea Omicini
 
On the Integration of Symbolic and Sub-symbolic – Explaining by Design
On the Integration of Symbolic and Sub-symbolic – Explaining by DesignOn the Integration of Symbolic and Sub-symbolic – Explaining by Design
On the Integration of Symbolic and Sub-symbolic – Explaining by DesignAndrea Omicini
 
Not just for humans: Explanation for agent-to-agent communication
Not just for humans: Explanation for agent-to-agent communicationNot just for humans: Explanation for agent-to-agent communication
Not just for humans: Explanation for agent-to-agent communicationAndrea Omicini
 
Blockchain for Intelligent Systems: Research Perspectives
Blockchain for Intelligent Systems: Research PerspectivesBlockchain for Intelligent Systems: Research Perspectives
Blockchain for Intelligent Systems: Research PerspectivesAndrea Omicini
 
Injecting (Micro)Intelligence in the IoT: Logic-based Approaches for (M)MAS
Injecting (Micro)Intelligence in the IoT: Logic-based Approaches for (M)MASInjecting (Micro)Intelligence in the IoT: Logic-based Approaches for (M)MAS
Injecting (Micro)Intelligence in the IoT: Logic-based Approaches for (M)MASAndrea Omicini
 
Conversational Informatics: From Conversational Systems to Communication Inte...
Conversational Informatics: From Conversational Systems to Communication Inte...Conversational Informatics: From Conversational Systems to Communication Inte...
Conversational Informatics: From Conversational Systems to Communication Inte...Andrea Omicini
 
Complexity in computational systems: the coordination perspective
Complexity in computational systems: the coordination perspectiveComplexity in computational systems: the coordination perspective
Complexity in computational systems: the coordination perspectiveAndrea Omicini
 
Nature-inspired Coordination: Current Status and Research Trends
Nature-inspired Coordination: Current Status and Research TrendsNature-inspired Coordination: Current Status and Research Trends
Nature-inspired Coordination: Current Status and Research TrendsAndrea Omicini
 
Novel Opportunities for Tuple-based Coordination: XPath, the Blockchain, and ...
Novel Opportunities for Tuple-based Coordination: XPath, the Blockchain, and ...Novel Opportunities for Tuple-based Coordination: XPath, the Blockchain, and ...
Novel Opportunities for Tuple-based Coordination: XPath, the Blockchain, and ...Andrea Omicini
 
Micro-intelligence for the IoT: Teaching the Old Logic Dog New Programming Tr...
Micro-intelligence for the IoT: Teaching the Old Logic Dog New Programming Tr...Micro-intelligence for the IoT: Teaching the Old Logic Dog New Programming Tr...
Micro-intelligence for the IoT: Teaching the Old Logic Dog New Programming Tr...Andrea Omicini
 
Logic Programming as a Service (LPaaS): Intelligence for the IoT
Logic Programming as a Service (LPaaS): Intelligence for the IoTLogic Programming as a Service (LPaaS): Intelligence for the IoT
Logic Programming as a Service (LPaaS): Intelligence for the IoTAndrea Omicini
 
Multi-paradigm Coordination for MAS
Multi-paradigm Coordination for MASMulti-paradigm Coordination for MAS
Multi-paradigm Coordination for MASAndrea Omicini
 
Towards Logic Programming as a Service: Experiments in tuProlog
Towards Logic Programming as a Service: Experiments in tuPrologTowards Logic Programming as a Service: Experiments in tuProlog
Towards Logic Programming as a Service: Experiments in tuPrologAndrea Omicini
 
Spatial Multi-Agent Systems
Spatial Multi-Agent SystemsSpatial Multi-Agent Systems
Spatial Multi-Agent SystemsAndrea Omicini
 
Foundations of Multi-Agent Systems
Foundations of Multi-Agent SystemsFoundations of Multi-Agent Systems
Foundations of Multi-Agent SystemsAndrea Omicini
 
Academic Publishing in the Digital Era: A Couple of Issues (Open Access—Well,...
Academic Publishing in the Digital Era: A Couple of Issues (Open Access—Well,...Academic Publishing in the Digital Era: A Couple of Issues (Open Access—Well,...
Academic Publishing in the Digital Era: A Couple of Issues (Open Access—Well,...Andrea Omicini
 
Anticipatory Coordination in Socio-technical Knowledge-intensive Environments...
Anticipatory Coordination in Socio-technical Knowledge-intensive Environments...Anticipatory Coordination in Socio-technical Knowledge-intensive Environments...
Anticipatory Coordination in Socio-technical Knowledge-intensive Environments...Andrea Omicini
 
Blending Event-Based and Multi-Agent Systems around Coordination Abstractions
Blending Event-Based and Multi-Agent Systems around Coordination AbstractionsBlending Event-Based and Multi-Agent Systems around Coordination Abstractions
Blending Event-Based and Multi-Agent Systems around Coordination AbstractionsAndrea Omicini
 
Event-Based vs. Multi-Agent Systems: Towards a Unified Conceptual Framework
Event-Based vs. Multi-Agent Systems: Towards a Unified Conceptual FrameworkEvent-Based vs. Multi-Agent Systems: Towards a Unified Conceptual Framework
Event-Based vs. Multi-Agent Systems: Towards a Unified Conceptual FrameworkAndrea Omicini
 

Plus de Andrea Omicini (20)

Measuring Trustworthiness in Neuro-Symbolic Integration
Measuring Trustworthiness in Neuro-Symbolic IntegrationMeasuring Trustworthiness in Neuro-Symbolic Integration
Measuring Trustworthiness in Neuro-Symbolic Integration
 
Explainable Pervasive Intelligence with Self-explaining Agents
Explainable Pervasive Intelligence with Self-explaining AgentsExplainable Pervasive Intelligence with Self-explaining Agents
Explainable Pervasive Intelligence with Self-explaining Agents
 
On the Integration of Symbolic and Sub-symbolic – Explaining by Design
On the Integration of Symbolic and Sub-symbolic – Explaining by DesignOn the Integration of Symbolic and Sub-symbolic – Explaining by Design
On the Integration of Symbolic and Sub-symbolic – Explaining by Design
 
Not just for humans: Explanation for agent-to-agent communication
Not just for humans: Explanation for agent-to-agent communicationNot just for humans: Explanation for agent-to-agent communication
Not just for humans: Explanation for agent-to-agent communication
 
Blockchain for Intelligent Systems: Research Perspectives
Blockchain for Intelligent Systems: Research PerspectivesBlockchain for Intelligent Systems: Research Perspectives
Blockchain for Intelligent Systems: Research Perspectives
 
Injecting (Micro)Intelligence in the IoT: Logic-based Approaches for (M)MAS
Injecting (Micro)Intelligence in the IoT: Logic-based Approaches for (M)MASInjecting (Micro)Intelligence in the IoT: Logic-based Approaches for (M)MAS
Injecting (Micro)Intelligence in the IoT: Logic-based Approaches for (M)MAS
 
Conversational Informatics: From Conversational Systems to Communication Inte...
Conversational Informatics: From Conversational Systems to Communication Inte...Conversational Informatics: From Conversational Systems to Communication Inte...
Conversational Informatics: From Conversational Systems to Communication Inte...
 
Complexity in computational systems: the coordination perspective
Complexity in computational systems: the coordination perspectiveComplexity in computational systems: the coordination perspective
Complexity in computational systems: the coordination perspective
 
Nature-inspired Coordination: Current Status and Research Trends
Nature-inspired Coordination: Current Status and Research TrendsNature-inspired Coordination: Current Status and Research Trends
Nature-inspired Coordination: Current Status and Research Trends
 
Novel Opportunities for Tuple-based Coordination: XPath, the Blockchain, and ...
Novel Opportunities for Tuple-based Coordination: XPath, the Blockchain, and ...Novel Opportunities for Tuple-based Coordination: XPath, the Blockchain, and ...
Novel Opportunities for Tuple-based Coordination: XPath, the Blockchain, and ...
 
Micro-intelligence for the IoT: Teaching the Old Logic Dog New Programming Tr...
Micro-intelligence for the IoT: Teaching the Old Logic Dog New Programming Tr...Micro-intelligence for the IoT: Teaching the Old Logic Dog New Programming Tr...
Micro-intelligence for the IoT: Teaching the Old Logic Dog New Programming Tr...
 
Logic Programming as a Service (LPaaS): Intelligence for the IoT
Logic Programming as a Service (LPaaS): Intelligence for the IoTLogic Programming as a Service (LPaaS): Intelligence for the IoT
Logic Programming as a Service (LPaaS): Intelligence for the IoT
 
Multi-paradigm Coordination for MAS
Multi-paradigm Coordination for MASMulti-paradigm Coordination for MAS
Multi-paradigm Coordination for MAS
 
Towards Logic Programming as a Service: Experiments in tuProlog
Towards Logic Programming as a Service: Experiments in tuPrologTowards Logic Programming as a Service: Experiments in tuProlog
Towards Logic Programming as a Service: Experiments in tuProlog
 
Spatial Multi-Agent Systems
Spatial Multi-Agent SystemsSpatial Multi-Agent Systems
Spatial Multi-Agent Systems
 
Foundations of Multi-Agent Systems
Foundations of Multi-Agent SystemsFoundations of Multi-Agent Systems
Foundations of Multi-Agent Systems
 
Academic Publishing in the Digital Era: A Couple of Issues (Open Access—Well,...
Academic Publishing in the Digital Era: A Couple of Issues (Open Access—Well,...Academic Publishing in the Digital Era: A Couple of Issues (Open Access—Well,...
Academic Publishing in the Digital Era: A Couple of Issues (Open Access—Well,...
 
Anticipatory Coordination in Socio-technical Knowledge-intensive Environments...
Anticipatory Coordination in Socio-technical Knowledge-intensive Environments...Anticipatory Coordination in Socio-technical Knowledge-intensive Environments...
Anticipatory Coordination in Socio-technical Knowledge-intensive Environments...
 
Blending Event-Based and Multi-Agent Systems around Coordination Abstractions
Blending Event-Based and Multi-Agent Systems around Coordination AbstractionsBlending Event-Based and Multi-Agent Systems around Coordination Abstractions
Blending Event-Based and Multi-Agent Systems around Coordination Abstractions
 
Event-Based vs. Multi-Agent Systems: Towards a Unified Conceptual Framework
Event-Based vs. Multi-Agent Systems: Towards a Unified Conceptual FrameworkEvent-Based vs. Multi-Agent Systems: Towards a Unified Conceptual Framework
Event-Based vs. Multi-Agent Systems: Towards a Unified Conceptual Framework
 

Dernier

Biological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdfBiological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdfmuntazimhurra
 
Artificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PArtificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PPRINCE C P
 
Broad bean, Lima Bean, Jack bean, Ullucus.pptx
Broad bean, Lima Bean, Jack bean, Ullucus.pptxBroad bean, Lima Bean, Jack bean, Ullucus.pptx
Broad bean, Lima Bean, Jack bean, Ullucus.pptxjana861314
 
Call Us ≽ 9953322196 ≼ Call Girls In Mukherjee Nagar(Delhi) |
Call Us ≽ 9953322196 ≼ Call Girls In Mukherjee Nagar(Delhi) |Call Us ≽ 9953322196 ≼ Call Girls In Mukherjee Nagar(Delhi) |
Call Us ≽ 9953322196 ≼ Call Girls In Mukherjee Nagar(Delhi) |aasikanpl
 
Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )aarthirajkumar25
 
Botany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfBotany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfSumit Kumar yadav
 
Presentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptxPresentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptxgindu3009
 
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡anilsa9823
 
Botany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdfBotany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdfSumit Kumar yadav
 
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPirithiRaju
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)PraveenaKalaiselvan1
 
Cultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptxCultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptxpradhanghanshyam7136
 
GFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptxGFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptxAleenaTreesaSaji
 
Chemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfChemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfSumit Kumar yadav
 
Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Patrick Diehl
 
Orientation, design and principles of polyhouse
Orientation, design and principles of polyhouseOrientation, design and principles of polyhouse
Orientation, design and principles of polyhousejana861314
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...RohitNehra6
 
Botany krishna series 2nd semester Only Mcq type questions
Botany krishna series 2nd semester Only Mcq type questionsBotany krishna series 2nd semester Only Mcq type questions
Botany krishna series 2nd semester Only Mcq type questionsSumit Kumar yadav
 
Formation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disksFormation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disksSérgio Sacani
 

Dernier (20)

Biological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdfBiological Classification BioHack (3).pdf
Biological Classification BioHack (3).pdf
 
Artificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PArtificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C P
 
Broad bean, Lima Bean, Jack bean, Ullucus.pptx
Broad bean, Lima Bean, Jack bean, Ullucus.pptxBroad bean, Lima Bean, Jack bean, Ullucus.pptx
Broad bean, Lima Bean, Jack bean, Ullucus.pptx
 
Call Us ≽ 9953322196 ≼ Call Girls In Mukherjee Nagar(Delhi) |
Call Us ≽ 9953322196 ≼ Call Girls In Mukherjee Nagar(Delhi) |Call Us ≽ 9953322196 ≼ Call Girls In Mukherjee Nagar(Delhi) |
Call Us ≽ 9953322196 ≼ Call Girls In Mukherjee Nagar(Delhi) |
 
Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )
 
Botany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfBotany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdf
 
CELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdfCELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdf
 
Presentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptxPresentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptx
 
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
 
Botany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdfBotany 4th semester series (krishna).pdf
Botany 4th semester series (krishna).pdf
 
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)
 
Cultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptxCultivation of KODO MILLET . made by Ghanshyam pptx
Cultivation of KODO MILLET . made by Ghanshyam pptx
 
GFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptxGFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptx
 
Chemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfChemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdf
 
Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?
 
Orientation, design and principles of polyhouse
Orientation, design and principles of polyhouseOrientation, design and principles of polyhouse
Orientation, design and principles of polyhouse
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...
 
Botany krishna series 2nd semester Only Mcq type questions
Botany krishna series 2nd semester Only Mcq type questionsBotany krishna series 2nd semester Only Mcq type questions
Botany krishna series 2nd semester Only Mcq type questions
 
Formation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disksFormation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disks
 

Privacy through Anonymisation in Large-scale Socio-technical Systems: The BISON Approach

  • 1. Privacy through Anonymisation in Large-scale Socio-technical Systems The BISON Approach Claudia Cevenini Enrico Denti Andrea Omicini Italo Cerno {claudia.cevenini, enrico.denti, andrea.omicini, italo.cerno}@unibo.it Dipartimento di Informatica – Scienza e Ingegneria (DISI) Alma Mater Studiorum – Universit`a di Bologna DMI, Universit`a di Catania Catania, Italy, 25 July 2016 Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 1 / 38
  • 2. Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 2 / 38
  • 3. Scope & Goals Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 3 / 38
  • 4. Scope & Goals Context & Motivation Scope and Purpose the research focusses on contact centres (CC) as relevant examples of knowledge-intensive sociotechnical systems (STS) we discuss the articulate aspects of anonymisation individual and organisational needs clash only an accurate balancing between legal and technical aspects could possibly ensure the system efficiency while preserving the individual right to privacy we discuss first the overall legal framework, then the general theme of anonymisation in CC we overview the technical process developed in the context of the BISON project Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 4 / 38
  • 5. Scope & Goals Context & Motivation Contact Centres as STS Typical technology issues of CC as STS basic speech data mining technologies with multi-language capabilities business outcome mining from speech CC support systems integrating both speech and business outcome mining in user-friendly way Scaling up to big data processing clearly scales up also the privacy and data protection issues Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 5 / 38
  • 6. Scope & Goals Context & Motivation Goal of the Research to assess how complex legal issues at both national and international level can be dealt with while building a complex software infrastructure for CC—both in the development and in the subsequent business phases to investigate how complex software infrastructures for CC may be developed and marketed in the full respect of the data protection legal framework to focus on anonymisation as a fundamental concept and tool to deal with the potential conflict between opposite rights and needs, especially in the research and development phase of a large-scale, knowledge intensive STS Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 6 / 38
  • 7. Scope & Goals Context & Motivation Law and IT: A Focal Point Privacy vs. efficiency the need for a suitable compromise between law-abidingness and privacy and system / process efficiency is a relevant goal not just for the legal analysis but for the whole engineering process that leads to the construction of the CC infrastructure a potential conflict of interests should become composition of interests the requirement of legal compliance can be exploited as a success factor instead of a source of delays and overheads an issue going well beyond the CC case study Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 7 / 38
  • 8. Legal Framework Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 8 / 38
  • 9. Legal Framework Data Protection Directive (DPD) DPD the EU Data Protection Directive (Dir 1999/95/EC) [DPD95] sets key principles for the fair and lawful processing of personal data and the technical and organisational security measures designed to guarantee that all personal data are safe from destruction, loss, alteration, unauthorised disclosure, or access, during the entire data processing period data processing requires even more care when it involves large amounts of personal and/or sensitive data in particular, people should be able to manage the flow of their data across massive, third-party analytical systems, so as to have a transparent view of how information data will be used, or sold data transfer from and outside the EU and cloud services is also a particularly hot topic, since non-EU countries might provide an insufficient level of protection to personal data. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 9 / 38
  • 10. Legal Framework Personal Data What is personal data? any information relating to a natural person, who can be identified, either directly or indirectly, by reference to one or more factors specific to his/her physical, physiological, mental, economic, cultural, or social identity if the link between an individual and personal data never occurred or is somehow broken and cannot be rebuilt in any way (such as with anonymised data), the DPD rules no longer apply Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 10 / 38
  • 11. Legal Framework Roles in Personal Data Processing Data controller vs. data processor the data controller is in charge of personal data processing and takes any related decision e.g., selection of data to be processed, purposes and means of processing, technical and organisational security, . . . the data processor is a legally separate entity that processes personal data on behalf of a controller, in force of a written agreement and following specific instructions in other words, the controller processes data on its own behalf, while the processor always acts on behalf of a controller, from whom it derives its power and range of activity for instance, a company acts as a controller in processing its own customers data, whereas the CC entrusted with the same processing acts as a processor on behalf of the company Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 11 / 38
  • 12. Legal Framework How to Process Personal Data According to the DPD Processing personal data Personal data must be processed fairly and lawfully collected for specified, explicit, and legitimate purposes and not further processed in a way incompatible with those purpose further processing of data for historical, statistical or scientific purposes may not be considered as incompatible, with appropriate safeguards adequate, relevant and not excessive in relation to the purposes accurate and, where necessary, kept up to date; inaccurate or incomplete data should be erased or rectified kept in a form which permits identification of data subjects for no longer than is necessary for the purposes. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 12 / 38
  • 13. Legal Framework Accountability According to the accountability principle data controllers must implement adequate technical and organisational measures to promote and safeguard data protection in their processing activities controllers are responsible for the compliance of their processing operations with data protection law and should be able to demonstrate compliance with data protection provisions at any time. They should also ensure that such measures are effective in case of larger, more complex, or high-risk data processing, the effectiveness of the measures adopted should be verified regularly, through monitoring, internal and external audits, etc. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 13 / 38
  • 14. Legal Framework Security Measures Technical and organisational security measures should be adopted to protect personal data during all the processing period against the risks related to the integrity and confidentiality of data The level of data security requested by the law is determined by different elements, such as the nature (sensitive/non-sensitive) of the collected data the concrete availability in the market of adequate security measures at the current state of the art their costwhich should not be “disproportionate” with respect to the necessity Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 14 / 38
  • 15. Legal Framework Big Speech Data Issues I Speech A large-scale STS infrastructure involves speech recordings, i.e. it processes biometric data (tone, pitch, cadence, and frequency of a persons voice) to determine the identity of a person. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 15 / 38
  • 16. Legal Framework Big Speech Data Issues II from a data protection perspective, biometrics is linked to physical, physiological, behavioural, or even psychological characteristics of an individual, some of which may be used to reveal sensitive data biometric data may also enable automated tracking, tracing, or profiling of persons: as such, their potential impact on privacy is high biometric data are by nature irrevocable → the processing of biometric data is not only subject to the informed consent of the data subject, but may also imply authorisations/notifications from/vs. Data Protection Authorities and is submitted to strict rules on security measures that must be adopted to protect data Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 16 / 38
  • 17. Legal Framework Big Speech Data Issues III Big Data big data analytics can involve the repurposing of personal data if an organisation has collected personal data for one purpose and then decides to start analysing it for another one (or to make it available for others to do so), data subjects need to be informed and a new, specific consent is needed big data may in themselves contrast with the principle of data minimisation and relevancy the challenge for organisations is to focus on what they expect to learn or be able to do by processing big data before the beginning of processing operations, thus verifying that these serve the purpose(s) they are to be collected for, and, at the same time, that they are relevant and not excessive in relation to such aim(s) Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 17 / 38
  • 18. Socio-Legal-Technical Analysis Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 18 / 38
  • 19. Socio-Legal-Technical Analysis Relevant Principles I the current legal framework foresees a set of essential principles that should inspire the design and development of any law-abiding information system processing personal data while some of such principles directly derive from the DPD – namely, from the “Principles relating to data quality” –, others concern the security measures that should be adopted, particularly with reference to the “Security of processing” these principles are further strengthened and detailed in the “General Data Protection Regulation” (GDPR) [GDP16] Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 19 / 38
  • 20. Socio-Legal-Technical Analysis Relevant Principles II Categories for principles (a) principles about data processing (b) principles about security measures (c) other relevant principles Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 20 / 38
  • 21. Socio-Legal-Technical Analysis Principles of Data Processing 1 principle of lawfulness and fairness 2 principle of relevance and non-excessive use 3 principle of purpose 4 principle of accuracy 5 principle of data retention Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 21 / 38
  • 22. Socio-Legal-Technical Analysis Principles of Security Measures 1 principle of privacy by design 2 principle of appropriateness of the security measures 3 principle of privacy by default Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 22 / 38
  • 23. Socio-Legal-Technical Analysis Other Relevant Principles 1 principle of least privilege 2 principle of intentionality in performing any critical action Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 23 / 38
  • 24. Socio-Legal-Technical Analysis Technological Requirements for Anonymisation Resulting requirements personal data may be processed only to the extent they are needed to achieve specific purposes: whenever identifying data are not necessary, only anonymous data should be used the DPD does not apply to data rendered anonymous such that the data subject is no longer identifiable: it does not set any prescriptive standard, nor does it describe the de-identification processjust its outcome, which is a reasonably-impossible re-identification Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 24 / 38
  • 25. Anonymisation Process Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 25 / 38
  • 26. Anonymisation Process How Should Data be Anonymised? the DPD does not apply to data made anonymous in such a way that the data subject is no longer identifiable however, it is difficult to create a truly anonymous dataset, and at the same time to retain all the data required for a specific (organisational) task on the other hand, irreversibly-preventing identification requires data controllers to consider all the means which may likely reasonably be used for identification, either by the controller or by a third party Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 26 / 38
  • 27. Anonymisation Process Article 29 Working Party the Article 29 Working Party – Opinion on Anonymisation Techniques (Art. 29 WP henceforth) [Dir14] is an important reference for compliance in anonymisation issues the criteria on which Art. 29 WP grounds its opinion on robustness focus on the possibility of singling out an individual linking records relating to an individual inferring information concerning an individual. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 27 / 38
  • 28. Anonymisation Process in BISON Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 28 / 38
  • 29. Anonymisation Process in BISON Anonymisation in BISON Fundamental distinction research phase — when software and technologies are being developed and tested, but are not yet in actual production business phase — the subsequent, foreseeable, when they actually deal with real customers data anonymisation is seen as the fundamental tool to set the industrial research phase free from the complex requirements imposed by the Data Protection rules, given that the DPD does not apply to anonymised data at the same time, in the business phase that will follow the research project, the tool will have to deal with real user data, in compliance with applicable laws Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 29 / 38
  • 30. Anonymisation Process in BISON The BISON Anonymisation Process: General Overview Figure: Anonymisation during the Start-up stage and Research stage in BISON Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 30 / 38
  • 31. Anonymisation Process in BISON The BISON Anonymisation Process: Stages in the first stage of the BISON research, anonymisation is performed mostly with manual procedures, because of the limited data size and of the initial lack of automatic tools in the second stage, huge amounts of speech data need to be processed: automatic transcription – for all the supported languages – has to be put in place automatic anonymisation is performed on the original audio file and may not be 100% effective any effort should be made to reduce these errors to the minimum: the automatic anonymiser should be designed, trained, and tested according to the best available practices the subsequent feature extraction helps to deal with this issue, because the extracted statistics make it (mostly) impossible to reconstruct the original audio file. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 31 / 38
  • 32. Anonymisation Process in BISON Technological Requirements the BISON tool should adhere to strict security requirements: users roles, rights, and restrictions should be tuneable on a fine-grain basis, and be further detailed case-by-case based both on the actual needs and the applicable national legal framework. on-the-fly anonymisation should be available to deal with the case that some unexpected personal data are heard by the CC agent in the final state of the system (ready-to-market), users will need to be enabled to anonymise personal data whenever not needed for the specific purposes of the processingand they should be able to do so in a highly customisable way the key challenge from this viewpoint is also to make anonymisation future-proof both with respect to a continuously-evolving legal scenario, as well as to the technology improvement, evolving even faster Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 32 / 38
  • 33. Conclusion & Further Work Outline 1 Scope & Goals 2 Legal Framework 3 Socio-Legal-Technical Analysis 4 Anonymisation Process 5 Anonymisation Process in BISON 6 Conclusion & Further Work Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 33 / 38
  • 34. Conclusion & Further Work Conclusions I the practices of contemporary software engineering have to be extended to include non-computational issues such as normative, organisational, and societal aspects this holds in particular for large-scale STS: for instance, the law-abidingness of complex software systems including both human and software agents is quite an intricate issue, to be faced in the requirement stage of any reliable software engineering process in this work we have specifically addressed the anonymisation of speech data in CC, discussing the need for an accurate balancing between legal and technical aspects in order to ensure the system efficiency while preserving the individual right to privacy, and showing how the legal framework can actually translate into requirements for the software engineering process Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 34 / 38
  • 35. Conclusion & Further Work Conclusions II by discussing the BISON approach, we show how the anonymisation process can be structured during the industrial research phase to enable the resulting system to deal with the amount of data actually required in the business operation phase Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 35 / 38
  • 36. References References I Article 29 Data Protection Working Party – Opinion 05/2014 on anonymisation techniques. http://ec.europa.eu/justice/data-protection/article-29/, 18 April 2014. 0829/14/EN WP216. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities, 38(L 281):31–50, 23 November 1995. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (text with EEA relevance). Official Journal of the European Communities, 59(L 119):1–88, 4 May 2016. Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 36 / 38
  • 37. Extras URLs Slides on APICe → http://apice.unibo.it/xwiki/bin/view/Talks/BisonCatania2016 on SlideShare → http://www.slideshare.net/andreaomicini/ privacy-through-anonymisation Related paper on APICe → http://apice.unibo.it/xwiki/bin/view/Publications/BisonInsci2016 on Springer → ? Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 37 / 38
  • 38. Privacy through Anonymisation in Large-scale Socio-technical Systems The BISON Approach Claudia Cevenini Enrico Denti Andrea Omicini Italo Cerno {claudia.cevenini, enrico.denti, andrea.omicini, italo.cerno}@unibo.it Dipartimento di Informatica – Scienza e Ingegneria (DISI) Alma Mater Studiorum – Universit`a di Bologna DMI, Universit`a di Catania Catania, Italy, 25 July 2016 Cevenini, Denti, Omicini, Cerno (UniBo) Privacy through Anonymisation DMI, Catania, 29/07/2016 38 / 38