- Analysis of different privacy policies.
Ryan Amos, Gunes Acar, Eli Lucherini, Mihir Kshirsagar, Arvind Narayanan, and Jonathan Mayer. 2021. Privacy Policies over Time: Curation and Analysis of a Million-Document Dataset. In Proceedings of the Web Conference 2021 (WWW ’21). Association for Computing Machinery, New York, NY, USA, 2165–2176. https://doi.org/10.1145/3442381.3450048
Nudging Developers to Implement Privacy Preserving Solutions
Unfortunately, privacy-friendly implementation is not yet sufficiently present in the final products. This can have several causes. One reason may be the software developer who has not had sufficient training in the privacy theme complex. However, in order for developers to use privacy-friendly settings and implementations, they can be used. One way to do this in development environments is to make developers aware that they are collecting personal data with a certain function, and thus make the software developer aware of this. We want to identify and evaluate further possibilities here.
Tianshi Li, Yuvraj Agarwal, and Jason I. Hong. 2018. Coconut: An IDE Plugin for Developing Privacy-Friendly Apps. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol. 2, 4, Article 178 (December 2018), 35 pages. https://doi.org/10.1145/3287056
Alessandro Acquisti, Idris Adjerid, Rebecca Balebako, Laura Brandimarte, Lorrie Faith Cranor, Saranga Komanduri, Pedro Giovanni Leon, Norman Sadeh, Florian Schaub, Manya Sleeper, Yang Wang, and Shomir Wilson. 2017. Nudges for Privacy and Security: Understanding and Assisting Users’ Choices Online. ACM Comput. Surv. 50, 3, Article 44 (May 2018), 41 pages. https://doi.org/10.1145/3054926
Analysing Privacy Impact Assessments Methodologies
Data Protection Impact Assessments (DPIA) are required under the General Data Protection Regulation if the processing of personal data entails a high risk for the rights and freedoms of natural persons. Various actors offer methodologies for carrying out such assessments. Currently, DPIA do not work ideally. We want to investigate the reasons for this. Several aspects may be relevant here:
- Evaluation of different DPIA
- Software tools to support individual steps of a DPIA
- Evaluation of existing tools
Roger Clarke, An evaluation of privacy impact assessment guidance documents, International Data Privacy Law, Volume 1, Issue 2, May 2011, Pages 111–120 https://doi.org/10.1093/idpl/ipr002
Puijenbroek, Jeroen van and Jaap-Henk Hoepman. “Privacy Impact Assessments in Practice: Outcome of a Descriptive Field Research in the Netherlands.” IWPE@SP (2017).
J. Coles, S. Faily and D. Ki-Aries, „Tool-Supporting Data Protection Impact Assessments with CAIRIS,“ 2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE), Banff, AB, Canada, 2018, pp. 21-27, doi: 10.1109/ESPRE.2018.00010.
If you have a topic related to the ones mentioned above or in the field of ONLINE PRIVACY / DATA PROTECTION / PRIVACY IMPLEMENTATION do not hesitate to write me.