CIS-2005 : Xi’an - China 1 A New Conceptual Framework within Information Privacy: Meta Privacy Mr. Geoff Skinner Dr Song Han Prof. Elizabeth Chang Curtin.

Slides:



Advertisements
Similar presentations
The Public Health Conceptual Data Model HL7 RIM Harmonization May 2000.
Advertisements

Database Systems: Design, Implementation, and Management Tenth Edition
Criteria For Approval 45 CFR CFR Minimized risks Reasonable risk/benefit ratio Equitable subject selection Informed consent process Informed.
<<Date>><<SDLC Phase>>
Dr Gordon Russell, Napier University Unit Data Dictionary 1 Data Dictionary Unit 5.3.
On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.
Chapter 3 Preparing and Evaluating a Research Plan Gay and Airasian
Methodology Conceptual Database Design
Gurpreet Dhillon Virginia Commonwealth University
Demonstration of the Software Prototypes PRIME PROJECT 17 December 2004.
MPEG-21 : Overview MUMT 611 Doug Van Nort. Introduction Rather than audiovisual content, purpose is set of standards to deliver multimedia in secure environment.
Centro de Estudos e Sistemas Avançados do Recife PMBOK - Chapter 4 Project Integration Management.
Model For Effective Self-Regulation November 2002 Daniel M. Sibears Senior Vice President & Deputy Member Regulation, NASD.
Survey on Privacy-Related Technologies Presented by Richard Lin Zhou.
Privacy Engineering for Digital Rights Management Systems By XiaoYu Chen.
Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.
Database Environment Chapter 2. Data Independence Sometimes the way data are physically organized depends on the requirements of the application. Result:
Prof. Adrie J.M. Beulens 2004Slide1 An Ontological Framework for Structuring Process Knowledge for the Process of Model-Based Problem Solving. Reference:
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
1 PARCC Data Privacy & Security Policy December 2013.
Approved for Public Release. Distribution Unlimited. 1 Government Privacy Rick Newbold, JD, MBA, CIPP/G Futures Branch 28.
HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.
1 Copyright © International Security, Trust & Privacy Alliance -All Rights Reserved Making Privacy Operational International Security, Trust.
Privacy rules over JPEG images Jaime Delgado DMAG UPC BarcelonaTECH October 2015.
APEC Engineers Workshop Legal Considerations - Central Register Sept 2015 Angela Frawley, General Counsel.
Protection of Personal Information Act An Analysis on the impact.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Regulation models addressing data protection issues in the EU concerning RFID technology Ioannis Iglezakis Assistant Professor in Computers & Law Faculty.
Jim Loter Director of Information Technology
Brussels Privacy Symposium on Identifiability
POST APPROVAL CHANGE MANAGEMENT PROTOCOLS IN THE EUROPEAN UNION
Principles of Good Governance
Design Rules for NBD – Network Based Defence
View Controllers In the Model-View-Controller (MVC) design pattern, a controller object provides the custom logic needed to bridge the application’s data.
ITEC 3220A Using and Designing Database Systems
Opening Gateways: A Practical Toolkit for Designing Information Access Programs Sharon S. Dawes.
Improving Community Safety through procurement practice and process Tim Oakley Head of Consultancy Trusted procurement for better buildings and homes.
Project Integration Management
Manajemen Data (2) PTI Pertemuan 6.
Working with Sensitive or Confidential Data John Southall Bodleian Data Librarian Subject Consultant for Economics, Sociology, Social Policy and.
TechStambha PMP Certification Training
UNIT V QUALITY SYSTEMS.
APP entities (organisations)
GDPR Security: How to do IT? IT reediness for competitive advantage
Assist. Prof. Magy Mohamed Kandil
Chapter 2 Database Environment Pearson Education © 2009.
ETHICAL CONSIDERATIONS IN THE CONDUCT OF HEALTH SCIENCES RESEARCH
Chapter 19: Building Systems with Assurance
Ethical questions on the use of big data in official statistics
Dr. Awad Khalil Computer Science Department AUC
IEEE-SA and GDPR Implementation
Metadata in the modernization of statistical production at Statistics Canada Carmen Greenough June 2, 2014.
Data base management system dbms
Privacy and Transparency Interoperability, Standards and Vocabularies
2. An overview of SDMX (What is SDMX? Part I)
Canadian Auditing Standards (CAS)
Healthcare Privacy: The Perspective of a Privacy Advocate
HingX Project Overview
WG 2.9 Best Practices in River Basin Planning
IAPP TRUSTe SYMPOSIUM 9-11 JUNE 2004
The Impact of Digitization on Global Alignment of Product Safety Regulations ICPHSO International Symposium November 12, 2018.
Chapter 2 Database Environment Pearson Education © 2014.
Dr. Awad Khalil Computer Science Department AUC
An overview of Internal Controls Structure & Mechanism
Versioning in Adaptive Hypermedia
Inclusion and Ethics Professor Simon Rogerson
SOFE CDS – Monday, July 16th, 2018
Introduction to reference metadata and quality reporting
Definition IPPF Audit Standard 2120 – Risk Management
Presentation transcript:

CIS-2005 : Xi’an - China 1 A New Conceptual Framework within Information Privacy: Meta Privacy Mr. Geoff Skinner Dr Song Han Prof. Elizabeth Chang Curtin University of Technology Perth, WA, Australia.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 2 Overview Introduction Information Privacy Metadata and Meta-Structure Meta Privacy Definition Meta Privacy Principles Meta Privacy Components Meta Privacy Protection Conclusion Questions

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 3 Introduction The need for excessive and increasing data collection habits is a cause for concern. Management of metadata and metastructure information involves serious privacy considerations. Entities are not given a reasonable spectrum of choices for what information you provide in order to use a service.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 4 What is Privacy? – The right to be left alone. – The maintenance of personal space. – Subjective, context and environmentally specific.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 5 What is Privacy? Privacy has a number of dimensions [Clarke]: – Privacy of the person: medical conditions, etc. – Privacy of personal behaviour: religion, sex, etc. – Privacy of personal communication. – Privacy of personal data.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 6 Privacy and Security Information Privacy: ‘is the interest an individual has in controlling, or at least significantly influencing, the handling of data about themselves’ [Clarke]. Data / Information Security IS NOT Data / Information Privacy. Rather Information Security is a tool that can be used to facilitate Information Privacy.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 7 Privacy and Security The concepts of Information Security, Privacy, and Trust are closely inter-related and often inter-dependant. PET’s : Privacy Enhancing Technologies. Include encryption, filters, anonymizers, cookie cutters, etc.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 8 Metadata and Meta-Structure Metadata provides information about, or documentation of, other data managed within an application, system, or environment. Metadata can also provide descriptive information about an organizations data, data activities, systems, and holdings.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 9 Meta-Structure The Metastructure components are composed of the data concerned with the functioning and structural details of the information systems and their many components. This may include: – information on the access controls used in the systems – the system and policy frameworks which supplies rules regarding the relationships within the systems and policies – other information about the system and component structures.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 10 Understanding Meta Privacy Current privacy protection approaches unable to provide protection across a broad spectrum of information privacy issues. Solutions applied in an ad-hoc fashion resulting in a piecemeal approach to privacy protection. Need system privacy controls designed and integrated into the system that entities are unable to circumvent.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 11 Meta Privacy - Definition Meta Privacy means ensuring the security and privacy of data about privacy and personal data. Meta privacy is concerned with the security and privacy of the information used to support other system services and processors that may impact upon an entities privacy. This encompasses the protection of metadata and metastructure information that may reveal an entities identity and other personal information.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 12 Meta Privacy - Definition Entity may be an individual, group, or organization. Individual represents a singular entity, most often a human being. A group is defined as a ‘non-committed’ informal relationship between entities. An organization is defined as a committed formal relationship between entities. The members of an groups and organization may be individuals, groups, and other organizations.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 13 Meta Privacy

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 14 Meta Privacy Practices Proper Meta Privacy practises would ensure that none of the personal information contained in the metadata and metastructure is used for any purpose other than that specially agreed upon by the personal information owner. Also metadata is not provided to any third party not authorized to access the data without the owners express permission.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 15 MPR and MPB Meta-information and processes making use of metadata and metastructure information can be classified as either: – Meta Privacy Risks (MPR) – Meta Privacy Benefits (MPB).

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 16 Meta Privacy Risks Where metadata provides information about the content, quality, condition, and other characteristics of entity data it can be classified as being in a Meta Privacy Risks (MPR) category.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 17 Meta Privacy Benefits The use of meta-information for privacy protection. Meta privacy tags and metadata can be used for entity privacy policy preferences representation and enforcement. The use of metadata and metastructure information in this way is classified as Meta Privacy Benefits (MPB).

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 18 Meta Privacy Benefits The leading example of use of metadata for representing privacy preferences is P3P. Other approaches have been proposed that use metadata and metastructure information to protect personal data and privacy in a number of alternate operational settings. E.G.: associating and storing metadata for representing individual items of personally identifiable information (PII).

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 19 Meta Privacy Components Meta Privacy therefore encompasses both Meta Privacy Risk and Meta Privacy Benefit categories. Where metadata and metastructure information contains details that reflect some level of knowledge pertaining to an individual’s identity or other forms of personal information They are a potential risk to privacy.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 20

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 21 Meta Privacy Protection Metadata and metastructure information has to be protected by the same levels of security used to protect personal information. System owners and the entities providing their personal information need to be aware of metadata generation and usage. Should be subjected to the same privacy policy guidelines selected by an entity to protect their personal data.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 22 Meta Privacy Protection Unlinkability Unobservability Use of Pseudo-Anonymous and Anonymous Data Requires same levels of protection provided to personal data and PII.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 23 Concluding Remarks Have formally defined Meta Privacy. Meta Privacy has two main elements: – Meta Privacy Benefits – Meta Privacy Risks Have shown that meta-data and meta-structural information must be afforded to the same levels of privacy and security protection given to personal data and PII. Highlighted the need to understand and give due consideration to meta privacy protection.

CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 24 Questions ? ??

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.