Privacy by Design in EUs GDPR Botjan Brumen University of Maribor - - PowerPoint PPT Presentation
Privacy by Design in EUs GDPR Botjan Brumen University of Maribor - - PowerPoint PPT Presentation
Privacy by Design in EUs GDPR Botjan Brumen University of Maribor Faculty of Electrical Engineering and Computer Science Slovenia Background Respect for privacy: Not a new phenomenon: the polis (gr. ): the public area of
EJC 2020 2
Background
Respect for privacy:
Not a new phenomenon:
the polis (gr. πολις): the public area of politics and political activity the oikos (gr. οίκος), the private one of the family „Whatever I see or hear in the lives of my patients, whether in connection with my professional practice or not, which ought not to be spoken of outside, I will keep secret, as considering all such things to be private. …“ Hippocratic Oath, circa AD 275
WEIRD world (Western, Educated, Industrialized, Rich, Democratic): a big issue
Samuel Warren, Loius Brandeis, „The right of Privacy“, Harv. Law R.1890
- Constitution provides for protection of privacy
William Proser: Privacy, Calif. Law R., 1960
EJC 2020 3
Background
Privacy:
FAST FORWARD: Cambridge Analytica, Facebook & U.S. presidential elections
2013: M. Zukerberg: „…The privacy controls were centered at Facebook’s core at all times…“ 2018: M. Zukerberg: „I’m sorry we didn’t do more at the time. We’re now taking steps to ensure this doesn’t happen again…“
Privacy by Design 7 principles:
EJC 2020 4
Objective and Methods
Research Question:
How the GDPR directive is addressing the privacy by using the Privacy by Design principles?
Method:
Using automated text similarities approach and the Universal Sentence Encoder
text paragraphs → high dimensional vectors
EJC 2020 5
Results
Heatmap of similarities
Most similar: Principle 2 (“Privacy as the Default”) followed by principles 6 (“Visibility and Transparency”), 1 (“Proactive not Reactive; Preventative not Remedial”) and 5 (“End-to- End Security – Lifecycle Protection”) Least similar: 7 (“Respect for User Privacy”), 3 (“Privacy Embedded into Design”) and 4 (“Full Functionality – Positive- Sum, not Zero-Sum”).
EJC 2020 6
Conclusions
Automated text similarities can discover interesting links between legal texts and underlying principles Weak spots can be uncovered in early phases of preparation of legal texts, both paragraph-wise and principle-wise Legal texts have little impact on implementation of privacy principles and issues remain
„A road to hell is paved with good intentions“ → to be discussed at next EJC 2021