Related papers: Personal Data Processing for Behavioural Targeting…
EU Directive 95/46/EC and the upcoming EU General Data Protection Regulation grant Europeans the right of access to data pertaining to them. Consumers can approach their service providers to obtain all personal data stored and processed…
In the EU, the General Data Protection Regulation and the ePrivacy Directive mandate consent for the use of personal data for the purpose of behavioural advertising and tracking technologies. However, the ubiquity of consent banners has led…
The question we raise through this paper is: Is it economically feasible to trade consumer personal information with their formal consent (permission) and in return provide them incentives (monetary or otherwise)?. In view of (a) the…
While companies increasingly rely on data, especially when it comes to targeted advertising, adapting content to users, selling data and training machine learning models, the collection of data raises privacy concerns. One way of collecting…
Cookie paywalls allow visitors of a website to access its content only after they make a choice between paying a fee or accept tracking. European Data Protection Authorities (DPAs) recently issued guidelines and decisions on paywalls…
A firm seeks to analyze a dataset and to release the results. The dataset contains information about individual people, and the firm is subject to some regulation that forbids the release of the dataset itself. The regulation also imposes…
The GDPR, or the Datenschutz Grundverordnung (DSGVO) in German, is an EU Law which addresses the subject of safeguarding privacy of personal data of the citizens of the EU and EEA. It also specifies how data the collected data might be…
We summarize the potential impact that the European Union's new General Data Protection Regulation will have on the routine use of machine learning algorithms. Slated to take effect as law across the EU in 2018, it will restrict automated…
In the European Union, the General Data Protection Regulation (GDPR) provides comprehensive rules for the processing of personal data. In addition, the EU lawmaker intends to adopt specific rules to protect confidentiality of…
The European Union's Artificial Intelligence Act aims to regulate manipulative and harmful uses of AI, but lacks precise definitions for key concepts. This paper provides technical recommendations to improve the Act's conceptual clarity and…
This paper focuses on some shortcomings in current privacy and data protection regulations' ability to adequately address the ramifications of AI-driven data processing practices, in particular where data sets are combined and processed by…
In our data-centric world, most services rely on collecting and using personal data. The EU's General Data Protection Regulation (GDPR) aims to enhance individuals' control over their data, but its practical impact is not well understood.…
The upcoming European General Data Protection Regulation (GDPR) prohibits the processing and exploitation of some categories of personal data (health, political orientation, sexual preferences, religious beliefs, ethnic origin, etc.) due to…
The European General Data Protection Regulation (GDPR) brings new challenges for companies who must ensure they have an appropriate legal basis for processing personal data and must provide transparency with respect to personal data…
The General Data Protection Regulation (GDPR) requires an organisation that suffers a data breach to notify the competent Data Protection Authority. The organisation must also inform the relevant individuals, when a data breach threatens…
The EU GDPR is a landmark regulation that introduced several rights for individuals to obtain information and control how their personal data is being processed, as well as receive a copy of it. However, there are gaps in the effective use…
This paper aims to stir debate about a disconcerting privacy issue on web browsing that could easily emerge because of unethical practices and uncontrolled use of technology. We demonstrate how straightforward is to capture behavioral data…
Our behavior (the way we talk, walk, act or think) is unique and can be used as a biometric trait. It also correlates with sensitive attributes like emotions and health conditions. Hence, techniques to protect individuals privacy against…
Data mining is not an invasion of privacy because access to data is only by machines, not by people: this is the argument that is investigated here. The current importance of this problem is developed in a case study of data mining in the…
Ample research has demonstrated that compliance with data protection principles remains limited on the web and mobile. For example, almost none of the apps on the Google Play Store fulfil the minimum requirements regarding consent under EU…