the intersection of eu data protection law reform and
play

The intersection of EU Data Protection Law Reform and everyday - PowerPoint PPT Presentation

Nov 30, 2022 •239 likes •384 views

The intersection of EU Data Protection Law Reform and everyday ambient computing design: challenges and opportunities Lachlan Urquhart Co-Authors: Prof Tom Rodden and Dr Ewa Luger Mixed Reality Lab APSN 4th International Conference - July

  1. The intersection of EU Data Protection Law Reform and everyday ambient computing design: challenges and opportunities Lachlan Urquhart Co-Authors: Prof Tom Rodden and Dr Ewa Luger Mixed Reality Lab � APSN 4th International Conference - July 2014 Meiji University, Tokyo 1

  2. Outline Legal Challenges (or opportunities?) - Ubicomp – ‘out of the lab’ & ‘into the wild’ - Consent - Informed, Explicit - Data Protection by Design - Consent, preserving human agency & accountability as opportunities for designers to address - DP compliance as requirement of good HCI/system design e.g. alongside usability, intuitiveness

  3. Ubicomp ‘in the wild’ • Ubicomp? • “ Computers that weave themselves into the fabric of everyday life until they are indistinguishable from it ” (Weiser 1991) − Embedded in daily routine − Seamless interactions between computer & human post-PC HCI • “ Unremarkable ” & “ invisible in use ” (Tolmie et al 2002) • Ambient data collection of human data - for contextually aware services

  4. Examples: Public and Private Setting • Home automation: - IoT - wired toasters, fridges & speaking to each other - Energy: Smart meters; NEST Learning thermostat ; Smart Grid - Agent based home energy management - Public Lighting; smart billboards - Quantified Self -Smart scales / Fitbit Ubicomp 2.0 • – Greater agency – Embedded/wearable – ‘knowing’ by inference – linked up communication

  5. Designing for Consent in Europe 
 Current: Article 2 EU Data Protection Directive 1995 ‘freely given’, ‘specific’ and ‘informed’ indication to processing – ‘explicit’ if sensitive personal data. Future: Article 4(8) EU General Data Protection Reform – explicit, via a ‘statement’ or ‘clear affirmative action’ Issue: Collection across public and private contexts – digital and physical space – intimate spaces – bathroom, bedrooms etc - How frequently, duration of consent, when best to ask?

  6. Issues • Design - How to notify/ask? – Sale + service contract with T&Cs does not work – New models… Pop ups on screens? Tailored videos (to knowledge leveL)? Alert sounds? voice feedback? Gaze recognition? Explicit gestures like waves? ** NEST Protect UI problem - waving • Challenges: – Increased agency/ autonomy - consent to all unexpected actions? – Communication between devices - authorise for each device? – Maintaining invisibility/seamless system interactions + obtaining explicit consent = how?

  7. Purpose Limitation and Profiling • Article 6 DPD – ‘purpose limitation principle’ • Use not incompatible with original ‘specified, explicit and legitimate’ purposes of collection • A29 Working Party Opinion 3/2013 - Big data analytics/targeted advertising in mind. • If direct impact on individuals, need: • a) opt-in consent • b) data subject access to profiles being used to target them • c) access to the decision making criteria used in developing the profiles

  8. Issues • Increase transparency of system: • Allow users to interrogate functionality & become more informed - ‘black box’ not sustainable • Design for provenance of data in decision- making e.g. accountability via metadata – Useful for ‘subject access rights’ or future DP rights to deletion/portability • How can ubicomp systems support users to opt in to specific purposes and not others?

  9. Ubicomp in the real world • Sustainable growth? • Lack of public trust?

  10. Data Protection By Design • Cavoukian’s principles including: – privacy embedded into design – visibility & transparency – privacy as default • Article 23 GDPR – ‘state of the art’ – ‘cost of implementation’ – ‘appropriate technical and organisational measures • Who decides limits of these? Different stakeholders, different interests…

  11. Future Work (1) – Opportunities for a priori design solutions • Earlier in innovation process… unlike ex poste PIA’s • ‘Value sensitive design’ (Friedman 1996) and user centered design/HCI • Social values – cultural suitability, psychological well-being, environmental sustainability

  12. Future Work (2) Responsible Innovation Framework (EPSRC) • − Societal impact of technology, ethical implications • Exploring the interface of HCI & DP Law • Usability, intuitiveness, reliability of system… DP compliance? • Empirical studies with different stakeholders - u b i c o m p s y s t e m d e s i g n e r s / u s e r s e g envisioning cards

  13. Thanks for listening Feedback & Questions? � Contact: � Email: lachlan.urquhart@nottingham.ac.uk Twitter: @mooseabyte

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Data Protection Reform preparing for the General Data Protection Regulation By Philip Brining

Data Protection Reform preparing for the General Data Protection Regulation By Philip Brining

Data Protection Reform preparing for the General Data Protection Regulation By Philip Brining Data Protection People 18 th April 2016 Agenda Introduction Current Rules (DPA 98 & PECR) Overview of GDPR Business-wide impact Practical

479 views • 28 slides
what the future holds Zach Thornton, External Affairs Manager, DMA EU Data Protection reform

what the future holds Zach Thornton, External Affairs Manager, DMA EU Data Protection reform

@DMA_UK #dma General Data Protection Regulation what the future holds Zach Thornton, External Affairs Manager, DMA EU Data Protection reform where are we? Dec 2015 Political agreement reached on text Apr 2016 Justice and Home

752 views • 33 slides
Complete Reform of European Data Protection Law: How Will This Impact Your Business? April 19,

Complete Reform of European Data Protection Law: How Will This Impact Your Business? April 19,

Complete Reform of European Data Protection Law: How Will This Impact Your Business? April 19, 2012 Mark Prinsley, Partner Oliver Yaros, Senior Associate Isabel Simon, Associate Mayer Brown is a global legal services organisation comprising

395 views • 15 slides
Reform of Act on the Protection on Personal Information in JAPAN Mitsuhiro KATO Patent Attorney,

Reform of Act on the Protection on Personal Information in JAPAN Mitsuhiro KATO Patent Attorney,

October 6, 2014 Reform of Act on the Protection on Personal Information in JAPAN Mitsuhiro KATO Patent Attorney, Attorney at Law Patent and Law Firm JuJu TOPICS 1. Data Protection in JAPAN - Evaluation based on LAWASIA Privacy Principle 2.

168 views • 12 slides
Intersection Safety Intersection Safety Intersection Safety Intersections Intersections

Intersection Safety Intersection Safety Intersection Safety Intersections Intersections

Intersection Safety Intersection Safety Intersection Safety Intersections Intersections Among the most hazardous components of the highway system for all users (planned points of conflict) Complex speed-distance judgments under time

601 views • 24 slides
5 THINGS HR MUST DO IN THE ROLE OF THE DATA PROTECTION OFFICER GILLIAN ACHESON DATA PROTECTION

5 THINGS HR MUST DO IN THE ROLE OF THE DATA PROTECTION OFFICER GILLIAN ACHESON DATA PROTECTION

5 THINGS HR MUST DO IN THE ROLE OF THE DATA PROTECTION OFFICER GILLIAN ACHESON DATA PROTECTION DEIRDRE ALLISON RECORDS MANAGEMENT YEARN2LEARN TRAINING GENERAL DATA PROTECTION REGULATION What is it? GDPR represents the most significant

172 views • 14 slides
The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data

The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data

The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data Protection regulations across Europe Current regulations & guidance European Directives 95/46/EC (Data Protection) and 2002/58/EC

440 views • 19 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

622 views • 17 slides
Data Protection & Availability Kaushal Devater Data Protection & Availability Discipline

Data Protection & Availability Kaushal Devater Data Protection & Availability Discipline

Plan & Deploy Data Protection & Availability Kaushal Devater Data Protection & Availability Discipline Lead - RDC Planning & Deploy Data Protection & Availability Industry Typical Data Retention Requirements Patient

662 views • 9 slides
INTERSECTION LINKUK CONFIDENTIAL 3 3 INTERSECTION LINKUK CONFIDENTIAL 4 Not drawn to scale

INTERSECTION LINKUK CONFIDENTIAL 3 3 INTERSECTION LINKUK CONFIDENTIAL 4 Not drawn to scale

INTERSECTION LINKUK CONFIDENTIAL 3 3 INTERSECTION LINKUK CONFIDENTIAL 4 Not drawn to scale INTERSECTION LINKUK CONFIDENTIAL 5 INTERSECTION LINKUK CONFIDENTIAL 6 ? 1993 1995 2005 2008 2015 2016+ # Dimension Comparisons: Link

639 views • 14 slides
Data protection in the EU Area of Data protection in the EU Area of ection tection freedom,

Data protection in the EU Area of Data protection in the EU Area of ection tection freedom,

isor visor Superv Super Data protection in the EU Area of Data protection in the EU Area of ection tection freedom, security and justice under the Lisbon Treaty d th Li b T t ta Prot ta Pro ean Da an Da Bndicte Havelange

739 views • 10 slides
Ray-triangle intersection In this handout, we explore the steps needed to compute the intersection

Ray-triangle intersection In this handout, we explore the steps needed to compute the intersection

Computer Graphics Prof. Brian Curless CSE 457 Spring 2004 Ray-triangle intersection In this handout, we explore the steps needed to compute the intersection of a ray with a triangle. First, we consider the geometry of such an intersection: C

403 views • 4 slides
STUDY INTERSECTION NOT TO SCALE DATA COLLECTION ATR Count Period: Sep 3 Sep 6, 2019 TMC

STUDY INTERSECTION NOT TO SCALE DATA COLLECTION ATR Count Period: Sep 3 Sep 6, 2019 TMC

STUDY INTERSECTION NOT TO SCALE DATA COLLECTION ATR Count Period: Sep 3 Sep 6, 2019 TMC Count Dates: Wednesday Sep 4, 2019 Thursday Sep 5, 2019 Intersection Count Periods: 7 am to 10 am 4 pm to 7 pm Peak Hours: AM PM WED: 7:45 to

588 views • 29 slides
Dodd-Frank Wall Street Reform and Consumer Protection Act Preliminary Assessment of Provisions

Dodd-Frank Wall Street Reform and Consumer Protection Act Preliminary Assessment of Provisions

July 21, 2010 CLIENT MEMORANDUM Dodd-Frank Wall Street Reform and Consumer Protection Act Preliminary Assessment of Provisions Effective Immediately or Very Soon After Enactment Today, President Obama signed the Dodd-Frank Wall Street Reform

388 views • 7 slides
Introduction to Data Protection and the General Data Protection Regulation Address: Contact: 11

Introduction to Data Protection and the General Data Protection Regulation Address: Contact: 11

Introduction to Data Protection and the General Data Protection Regulation Address: Contact: 11 Staple Inn Tel: +44 (0)20 7209 2000 London Fax: +44 (0)20 7209 2001 WC1V 7QH DX 0001 London Chancery Lane Myth Busting GDPR doesnt apply to

657 views • 8 slides
DATA PROTECTION and SCRA www.scra.gov.uk Data Protection Act 1998 (DPA) DPA is the main

DATA PROTECTION and SCRA www.scra.gov.uk Data Protection Act 1998 (DPA) DPA is the main

DATA PROTECTION and SCRA www.scra.gov.uk Data Protection Act 1998 (DPA) DPA is the main legislation in the UK governing information on individuals. It places obligations on organisations that hold and use information on

518 views • 37 slides
Smart Space Orchestration Orchestration The Internet of Things Cyber-Physical Systems Pervasive

Smart Space Orchestration Orchestration The Internet of Things Cyber-Physical Systems Pervasive

System Smart Space Orchestration Orchestration The Internet of Things Cyber-Physical Systems Pervasive Computing 2pace Marc-Oliver Pahl Distributed Smart ds2os.org/ System Overview Orchestration Part I: Flavours of Computing 2pace

380 views • 20 slides
Simple homogeneous structures Vera Koponen Department of Mathematics Uppsala University

Simple homogeneous structures Vera Koponen Department of Mathematics Uppsala University

Simple homogeneous structures Vera Koponen Department of Mathematics Uppsala University Scandinavian Logic Symposium 2014 25-27 August in Tampere Vera Koponen Simple homogeneous structures Introduction Homogeneous structures have interesting

672 views • 42 slides
Detecting Network Attachment (dna) 66th IETF - Montreal, Quebec, Canada THURSDAY, July 13, 2006

Detecting Network Attachment (dna) 66th IETF - Montreal, Quebec, Canada THURSDAY, July 13, 2006

Detecting Network Attachment (dna) 66th IETF - Montreal, Quebec, Canada THURSDAY, July 13, 2006 1510-1610 AGENDA 05 mins Agenda Bashing 10 mins Document Status 40 mins Combined DNA draft discussion 05 mins New milestone

357 views • 10 slides
Automorphism Groups and Ramsey Properties of Sparse Graphs Jan Hubi cka Computer Science

Automorphism Groups and Ramsey Properties of Sparse Graphs Jan Hubi cka Computer Science

Structural Ramsey Hrushovski construction Orientations Ramsey property Expansion property EPPA C F Automorphism Groups and Ramsey Properties of Sparse Graphs Jan Hubi cka Computer Science Institute of Charles University Charles

1.26k views • 115 slides
MSc Curriculum in Resilient Computing* Luca Simoncini University of Pisa, Italy * Co-operative

MSc Curriculum in Resilient Computing* Luca Simoncini University of Pisa, Italy * Co-operative

MSc Curriculum in Resilient Computing* Luca Simoncini University of Pisa, Italy * Co-operative work in the frame of EU NoE ReSIST http://www.resist-noe.org/

321 views • 20 slides
Juan Bicarregui Head of e- -Information Information Head of e Rutherford Appleton Laboratory

Juan Bicarregui Head of e- -Information Information Head of e Rutherford Appleton Laboratory

Information Systems Research and Development at CCLRC Accelerating Innovation Through Technology Transfer Juan Bicarregui Head of e- -Information Information Head of e Rutherford Appleton Laboratory Rutherford Appleton Laboratory

703 views • 46 slides
MARGE Overview ACMES/MARGE 2 Middleware for Ambient Computing Services Analysis Decision

MARGE Overview ACMES/MARGE 2 Middleware for Ambient Computing Services Analysis Decision

MARGE Middleware for Autonomous distRibuted applications with context manaGEment Contact: Chantal Taconet Chantal.Taconet@telecom-sudparis.eu Web: http://www-inf.it-sudparis.eu/MARGE/ Part of the ACMES team (Context Awareness MiddlewarE and

310 views • 16 slides
02234 Current Topics In System Security Nicola Dragoni Embedded Systems Engineering Section DTU

02234 Current Topics In System Security Nicola Dragoni Embedded Systems Engineering Section DTU

DTU Informatics Department of Informatics and Mathematical Modelling 02234 Current Topics In System Security Nicola Dragoni Embedded Systems Engineering Section DTU Informatics Technical University of Denmark DTU Informatics Department of

210 views • 9 slides

More recommend