The huge potential in future connected services has as a precondition that privacy and security needs are dealt with in order for new services to be accepted. This is in particular an issue with private data and sharing of private data – both at company and at individual level.
In the EU, the General Data Protection Regulation (GDPR) has been introduced with the aim to protect citizens' right to privacy. The focus of the GDPR is to build and increase trust in EU citizens in using digital services by providing trustworthy infrastructure supported by regulation.
The implementation of the GDPR still leaves several challenges. This workshop will address issues in relation to industry verticals and future connected services, e.g., privacy and security by design and data centric business models.
The workshop provides a platform for academia, industry and government organizations to discuss technical and regulatory solutions to privacy and security as well as user' right to privacy with regards to collection, retention, analysis and transfer of personal data.
Papers and presentations could relate to the following research areas:
Design and implementation of novel Privacy Enhancing Tools (PET) to provide users with the functionality they require without exposing any more information than necessary, and without losing control over their data, to any third parties. In order to realize that, security mechanisms like attribute based encryption, and authentication mechanisms are also part of the research.
Realizing user centric and data centric 5G technologies based on user trust in data privacy further requires viable business models. Today personal data has become an economic asset belonging to the service providers whose business case often includes and is dependent on the use and selling of such data to third parties. This type of business case is increasingly disputed both from a privacy and from an economic ownership perspective.
The workshop welcomes research, work in progress, industry views or completed papers that address the above-mentioned theme.
Topics of interest include, but are not limited to:
- GDPR Compliance
- Implementation challenges
- How SME’s tackle implementation and the economic side of that
- Impact on service industry in relation to customer consent
- Consent and the withdrawal of consent
- Data controller and Data processor obligations.
- Data breach notifications to users
- Fair processing
- Economics of Privacy
- Business Potentials and Business Models of GDPR
- Privacy and privacy policies
- User privacy and design
- Usable privacy and security
Samant Khajuria, Senior Specialist, Cyber Security, Terma
Peter Lindgren, Professor, Aarhus University,
Knud Erik Skouby, Professor emeritus, Aalborg University, CMI
Lene Sørensen, Associate Professor, Aalborg University, CMI
Date: 25 November 2022
Venue: Aalborg University, Copenhagen
Extended abstract 15 September
Acceptance for presentation 1 October
Full paper for publication in NBICT*) 1 November
Acceptance for publication 15 November