Abstract Background IoT and smart devices have become extremely popular in the last few years. With their capabilities to collect data, it is reasonable to have concerns about the protection of ...users’ personal information and privacy in general. Objectives Comparing existing regulations on data protection and information security rules with the new capabilities provided by IoT and smart devices. Methods/approach This paper will analyse information on data collected by IoT and smart devices and the corresponding legal framework to explore whether the legal framework also covers these new devices and their functionalities. Results Various IoT and smart devices pose a high risk to an individual's privacy. The General Data Protection Regulation, although a relatively recent law, may not adequately regulate all instances and uses of this technology. Also, due to inadequate technological protection, abuse of such devices by unauthorized persons is possible and even likely. Conclusions The number of IoT and smart devices is rapidly increasing. The number of IoT and smart home device security incidents is on the rise. The regulatory framework to ensure data controller and processor compliance needs to be improved in order to create a safer environment for new innovative IoT services and products without jeopardizing the rights and freedoms of data subjects. Also, it is important to increase awareness of homeowners about potential security threats when using IoT and smart devices and services.
Purpose
The purpose of this paper is to examine the relationship between the legal obligation of European libraries to ensure the transparent personal data processing and respect for user privacy. ...This paper will examine how libraries use privacy notices on websites to communicate with patrons about the processing of personal data and in what manner have libraries been guided by applicable transparency guidelines.
Design/methodology/approach
The method used is the analysis of privacy policies and other privacy documents found on the websites of national libraries. The analysis sample includes documents of 45 European national libraries, 28 out of those being national libraries of European Union (EU) Member States. The elements for this analysis are derived from the mandatory elements of the General Data Protection Regulation and the recommendations of the WP29/EDPB Transparency Guidelines.
Findings
The findings suggest that European national libraries largely adhere to EU data protection standards. In total, 60% libraries use a separate privacy page, and 53% of the EU Member State national libraries websites managed to comply with publishing all necessary data protection information in a way recommended by the Guidelines, compared to 47% of non-Member State national libraries.
Originality/value
The research contributes to the understanding of the importance of the principle of transparency and its operationalization.
Protection of computer programs through copyright is marked with distinctive limitations and exceptions compared to other categories of works. The nature of computer programs differs from other works ...protected by copyright. Its utilitarian nature and the role it plays in the information revolution offers insights into the long lasting struggle of intellectual property versus competition regulation. An examination of the formative moments of the development of copyright protection for computer programs reveals an opportunity to refine the status of software. Potential for misuse and endangerment of privacy call for open access to the source code and decompilation right as a recognized copyright limitation. Adapted from the source document.
Towards the Trustworthy AI Katulić, Tihomir
Medijska istraživanja,
01/2020, Letnik:
26, Številka:
2
Journal Article, Paper
Recenzirano
Odprti dostop
After decades of theoretical deliberations, the rapid development of advanced
information technology has allowed machine learning as a first practical step
towards artificial intelligence to enter ...widespread commercial and government
use. The transition into a post-industrial, information society has revealed the
value of data as an important resource whose processing is the basis of the new
innovative information society services. The European Union has enacted several important regulations and directives in the recent past to protect the recognized fundamental rights of individuals and to regulate the obligations of service providers to ensure safe and secure processing. The Charter of Fundamental Rights as the legal basis of the European system of human rights contains significant checks and limitations to the effect and purpose of future EU AI regulation. Whenever and however this regulation is adopted, it will need to comply with and contain existing European legal standards regarding the fundamental rights of individuals in the EU. The European Commission’s ethical guidelines establish ethical principles based on the recognized fundamental rights that future AI systems need to adhere to in order to be recognized as trustworthy. The purpose of this paper is to present and analyse the mechanisms present in existing European regulations in the fields of data protection and information security and in the European Union documents regarding the future
artificial intelligence regulation and to offer suggestions for future regulations.
The research methodology includes a comparative analysis of available regulations and policy documents of the European Union, national laws, legal literature, and other sources.
Razvoj naprednih informacijskih tehnologija omogućio je da nakon desetljeća
teorijskih razmatranja u praktičnu primjenu uđu prvi oblici strojnog učenja kao
koraka prema razvoju umjetne inteligencije. Tranzicija u postindustrijsko,
informacijsko društvo otkrila je važnost podataka kao važnog resursa na čijoj se
obradi temelje nove inovativne informacijske usluge. Europski je zakonodavac
u prethodnom razdoblju usvojio niz važnih zakona kojima je cilj zaštititi prava
pojedinca i regulirati obveze davatelja takvih usluga kako bi se osigurala sigurna
obrada podataka. Povelja o temeljnim pravima Europske unije, jedan od temelja suvremenoga europskog sustava ljudskih prava, sadrži značajne kontrole i ograničenja koja će utjecati na razvoj i svrhu buduće regulacije umjetne inteligencije na području Europske unije. Budući propisi trebat će sadržavati i pridržavati se usvojenih europskih pravnih standarda oko zaštite temeljnih prava pojedinaca u Uniji. Etičke smjernice Europske komisije predstavljaju korak prema usvajanju etičkih
principa, temeljenih na prepoznatim temeljnim pravima, koji će biti obvezujući
za informacijske sustave zasnovane na umjetnoj inteligenciji. Cilj je ovog rada
istražiti i analizirati rješenja postojećih europskih propisa iz područja zaštite
osobnih podataka i informacijske sigurnosti kao i dosad objavljenih dokumenata
Europske unije o budućoj regulaciji umjetne inteligencije te ponuditi rješenja
de lege ferenda. Rad se zasniva na komparativnom prikazu i analizi odabranih
izvora i odredbi europskog i nacionalnog zakonodavstva, pravne književnosti i
drugih znanstvenih izvora.
According to the EU Charter of Fundamental Rights, both the right to privacy and the right to the protection of personal information are different, emancipated rights that are complementary to one ...another. The high level of data protection was further improved by the General Data Protection Regulation. Open data is information that may be used for commercial or non-commercial purposes and is made accessible to the public in an open and machinereadable manner. It is anticipated that open data would increase public sector openness while also fostering the (data) economy and data-driven innovations, particularly with regard to the IT services sector and SMEs. The Open Data Directive has established rules for the release of open data and the re-use of public sector information in the EU. The new European data strategy from 2020 has underlined the necessity for open data, even outside of the data owned by the public sector. According to this strategy, the EUs single market for data will be strengthened by using more open data. Consequently, the EU has adopted the new Data Governance Act as a crosssectoral instrument that tries to increase data accessibility by regulating the reuse of protected data held by public sector, promoting the sharing of data for altruistic purposes and regulating data intermediaries as a novel approach to fostering open data economy.1
Tajni nadzor komunikacija koji se rabi za potrebe nacionalne sigurnosti i u svrhu provođenja policijskih istražnih radnji vrijedno je tehničko sredstvo i koristan alat tijela policijskog, pravosudnog ...i sigurnosnog sustava. U tehničkim aspektima, ovo polje bilježi značajne pomake u posljednjem desetljeću gdje su dostupni softver i platforme za provođenje tajnog nadzora proširene mogućnostima nadzora širokog spektra različitih komunikacijskih kanala. Funkcija tajnog nadzora komunikacija u suštini predstavlja ograničenje temeljnih prava pojedinaca na području Europske unije i država članica. Svrha ovog rada kao priloga raspravi o mehanizmima tajnog nadzora jest izložiti osobine modela naprednog softvera razvijenog u svrhu tajnog nadzora, usporedba s najčešćim modelima tajnog nadzora i analiza softverske arhitekture definirane od strane Europskog instituta za telekomunikacijske norme (ETSI) kao dominantne norme u ovom području. Iako se ovaj model arhitekture tajnog nadzora razvio inicijalno za nadzor glasovnih komunikacija, može ga se uspješno primijeniti i za tajni nadzor komunikacija koje koriste internet protokol (IP). Konačno, članak pruža komparativni pregled različitog softvera tajnog nadzora u skladu s regulativom funkcije tajnog nadzora.
Uvodno autor govori o ključnoj ulozi elektroničkog potpisa u pravnoj regulaciji elektroničke trgovine kao brzorastuće grane gospodarstva koja podrazumijeva brojna pravna pitanja vezana uz utjecaj ...informacijske tehnologije na društvo i pravo. Počevši od ispitivanja važnosti vlastoručnog potpisa kao sredstva autentikacije autora dokumenta preko potvrđivanja sadržaja dokumenta prezentiraju se uvjeti koje elektronički potpis treba ispuniti kako bi zauzeo mjesto vlastoručnog potpisa u pravnom prometu. U nastavku, prikazuje se intenzivna zakonodavna aktivnost na području regulacije elektroničkog potpisa, od prvih zakona iz sredine devedesetih godina prošlog stoljeća do danas. Unatoč kratkom vremenskom okviru
od samo petnaest godina, u bogatoj poredbenoj praksi moguće je razlikovati nekoliko različitih pristupa kojim su razna zakonodavstva širom svijeta pokušala regulirati elektronički potpis i srodna pitanja kako bi omogućili kvalitetnu razinu pravne sigurnosti elektroničkoj trgovini i drugim pravnim odnosima koji se
odvijaju putem elektroničke komunikacije. Autor razlikuje nekoliko zakonodavnih etapa karakteriziranih različitim teorijskim i praktičnim stavovima o karakteru regulacije elektroničkog potpisa. U prvoj etapi problematizira se odnos dva suprotna pristupa pitanju potrebe specifikacije tehnološke osnovice elektroničkog potpisa, dok se u drugoj ispituje priroda sustava dvostrukog kolosjeka i na njemu
zasnovanog pravnog okvira koji dominira u europskom pravnom krugu. Na osnovama iskustava iz poredbenog prava autor zatim analizira izabrane odredbe iz Zakona o elektroničkom potpisu, uz osvrt na utjecaj koji isti zakon ima na druge zakone, osobito Zakon o elektroničkoj ispravi. U posljednjem dijelu rada autor iznosi kritiku instituta elektroničke isprave, te zaključuje osvrtom na dosadašnju primjenu elektroničkog potpisa u hrvatskoj pravnoj praksi.
U radu autori istražuju hrvatski zakonodavni okvir koji se odnosi na elektroničko poslovanje te ga stavljaju u kontekst sličnog zakonodavnoga okvira u zemljama Europske unije. Zbog boljeg ...razumijevanja problema koji se pojavljuju u rješenjima hrvatskoga zakonodavca autori identificiraju ključne elemente infrastrukture javnoga ključa (PKI) koji su značajni za elektroničko poslovanje. Autori tumače pojmove infrastruktura javnog ključa, digitalni certifikat, kvalificirani certifikat, certifikacijska služba, registracijski autoritet, neporecivost, pouzdana arhivska služba, vremenski žig, pouzdani vremenski žig, elektronički potpis, napredni elektronički potpis, te PDF/A. Potom analiziraju postojeća zakonodavna ograničenja u Hrvatskoj koja sprječavaju širu primjenu elektroničkoga poslovanja u praksi. Pritom provode komparativnu analizu s Direktivom 1999/93/EC, identificiraju problematične segmente postojećih zakona te predlažu njihova konkretna poboljšanja. Konačno, autori se osvrću ulogu arhivista u dugoročnom očuvanju elektronički potpisanih dokumenata.
Permanent information revolution implies continued development of sophisticated information systems. Software development continues to be one of the fastest evolving aspects of information ...technology. Developing ever more complex software presents not only technical and economical but also considerable legal difficulties. Through self-regulation industry specific contracts and standards have emerged with the goal to define legal aspects of developing complex software. The GNU GPL license agreement is a broadly accepted standard with important repercussions for both the users as well as software developers. PUBLICATION ABSTRACT
Due to the rapid development of technology, in the last ten years digital marketing has given rise to sophisticated automated models for successfully affecting the behaviour of consumers whose ...fundamental rights, such as the right to privacy and the right to the protection of personal data, have often been violated because of the discrepancy between the regulations and the actual use of personal data.
The possibility of targeting has been brought to an enviable level – a precise targeting of an identified individual and his or her personal data, as well as their complete demographic, sociographic and psychographic profile – thus opening the doors to the possibility of making precise predictive analyses and the placement of behavioural strategies by combining various digital channels in creating communication messages of inducement to purchase and continuous monitoring of the individual and their habits.
Information security, on the other side, is a term which all parties in the marketing world involved in the provision of technological services directed towards automated use for marketing purposes, i.e. third-party-side tools with the goal of collecting data, shy away from.
The goal of the General Data Protection Regulation is the protection of personal data, primarily the right to privacy in the digital age and the Regulation will strongly influence the current modalities of using digital marketing.
This study was carried out by the authors on 233 small and medium entrepreneurs in the Republic of Croatia on the use of marketing modalities and tools to collect data about targeted individuals. It has shown that through digital marketing, the companies collect not only the information about their consumers’ preferences, but their a priori goal is the concrete identification of an individual for the purpose of reducing the costs of marketing activities, directing customized communication to a targeted individual and creating a quick return on a marketing investment by raising sales – at the same time without any special sensitivity regarding the protection of the individual’s rights and their personal data.
The goal of the paper is the identification of the most frequent methods and tactics of digital marketing and their non-compliance with the General Data Protection Regulation which comes into force at the end of May this year.