From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Status Report - A COGNITIVE PRIVACY FRAMEWORK TO A SMART CITY ARCHITECTURE BASED ON PEOPLE AS SENSORS
1. A COGNITIVE PRIVACY FRAMEWORK TO A
SMART CITY ARCHITECTURE BASED ON
PEOPLE AS SENSORS
Welington Manoel da Silva
Orientação: Prof. Dr. Vinícius Cardoso Garcia (UFPE)
Co-orientação: Prof. Dr. Alexandre Álvaro (UFSCar)
Universidade Federal de Pernambuco
Centro de Informática
Pós-Graduação em Ciência da Computação
2. What is happening out there…
• The value of our digital identity
• Unlocking the value of personal data: from collection to usage
• Personal Data Management, The User's Perspective
• Midata 2012, Review and Consultation
• Big Data for All: Privacy and User Control in the Age of Analytics
• Big Data - The End of Privacy or a New Beginning
• Personal Data, The Emergence of a New Asset Class
• How does the data protection reform strengthen citizen's rights
• Regulation of the European parliament and of the council
• Attitudes on data protection and electronic identity in the EU
• How will the EU's reform adapt data protection rules to the new
technological development
• Safeguarding privacy in a connected world
2Smart Cities and Internet of Things Research Group | Recife, 2013
3. What I found out
• Digital identity: set of individual preferences,
acquired attributes and inherent
characteristics.
• Personal data: any information related to an
identifiable individual; not necessarily a
person would be explicitly identified but one
or more aspects of the data could be used to
trace it back to a specific individual
3Smart Cities and Internet of Things Research Group | Recife, 2013
4. What I found out
• Traditional data protection approach (70s)
– Suitable to silos
– User consent to data use at the time of collection
– Data deleted after use
• Too specific
• Single use
4Smart Cities and Internet of Things Research Group | Recife, 2013
5. What I found out
• Common usage:
– Process automation
– User enablement
– Personalization
– Enhanced delivery
– Personal data-driven R&D
– Monetization
5Smart Cities and Internet of Things Research Group | Recife, 2013
6. What I found out
• Most people don’t feel safe out there
• Most consumers have little idea of what
happens to their data, but when they do they
prioritize benefit (value proposition);
awareness
• Users that have control on their data are more
willing to share
6Smart Cities and Internet of Things Research Group | Recife, 2013
7. What I found out
• User consent according to data sensitivity
(control vs convenience)
– Opt-out (less sensitive)
– Opt-in (more sensitive)
• Data types, sectors, collection methods and
uses
7Smart Cities and Internet of Things Research Group | Recife, 2013
8. What I found out
• User concern do not necessarily translate into
changed behavior
• Fair relationship between users and service
providers in smart contexts:
– Benefits exceeding cost (value proposition)
– Transparency on data use
– Control
• Transparency to understanding
8Smart Cities and Internet of Things Research Group | Recife, 2013
9. What I found out
• Evolve from passive consent to engaged
individual (smart people)
• Context makes it harder
– It is private, in what context?
– Shift the focus from collection to usage
• Constant feedback
• Personal issues x societal benefits
9Smart Cities and Internet of Things Research Group | Recife, 2013
10. What I found out
• What influences sharing?
– Data type
– Service provider
– Compensation
– Sector
– Use
– Collection method
– The right to be forgotten
– Free vs paid service
10Smart Cities and Internet of Things Research Group | Recife, 2013
11. What I found out
• (Mixing with Big Data we get…) Big concerns?
– Incremental effect (opposite to right to be
forgotten)
– Predictive Analysis (Target’s case)
– Lack of access and exclusion
– Organizations must exposes their DBs and/or
decision-making criterias?
11Smart Cities and Internet of Things Research Group | Recife, 2013
12. Open issues
• Data portability
• Exposure level
• Monetizing
12Smart Cities and Internet of Things Research Group | Recife, 2013
14. Requirements (SR)
14Smart Cities and Internet of Things Research Group | Recife, 2013
• Accountability
• Data degradation
• Virtual territory
• Data disguise
• Data sensitivity
• Secure communication
• Trust with no interaction
• User interaction
minimization
• Access control
• Anonymization
• Information
type/purpose
• Interaction history
• Multiple identity
• Interests match
• Adaptable controls
• Policy enforcement
• Data minimization
• User feedback/control
• Preferences specification
15. Now what?
• How to validate the proposal?
15Smart Cities and Internet of Things Research Group | Recife, 2013