Linked e-resources
Details
Table of Contents
Intro
Preface
Organization
Executive Commitee
Steering Committee
Program Commitee
Additional Referees
Sponsoring Institutions
Contents
Part I Privacy Friendly Data Usage
1 An Overview of the Secondary Use of Health Data Within the European Union: EU-Driven Possibilities and Civil Society Initiatives
1 Introduction: The Potential of the Secondary Use of Data for Health and Care in the European Union
2 The Legal Framework in the European Union
2.1 The Secondary Use of Health Data Within the General Data Protection Regulation (GDPR)
2.2 The Data Governance Act: A Debated First Approach to the Secondary Use of Data
2.3 Artificial Intelligence and Personal Data in the EU Framework
3 Initiatives Towards the Use of Data Within Healthcare Research
3.1 Policymaker Initiatives
3.2 Civil Society Initiatives
4 Discussion
5 Conclusions
References
2 Multi-Party Computation in the GDPR
1 Introduction
2 Multi-Party Computation
2.1 Introduction
2.2 Private Set Intersection
2.3 Security
3 GDPR: Personal Data
3.1 Absolute Approach
3.2 Relative Approach
3.3 Risk-Based Approach
3.4 Conclusion
4 GDPR: Data Protection by Design
4.1 Article 25
4.2 Privacy Engineering
4.2.1 Privacy-Enhancing Technologies
4.3 EDPB Guidelines
4.4 Conclusion
5 MPC in the GDPR
5.1 Related Work
5.2 Test
5.2.1 Absolute vs. Relative
5.2.2 Input Data
5.2.3 Output Data
5.2.4 Data Minimization
5.3 Security Model and Trust Assumption
5.3.1 GDPR Avoidance
5.3.2 Data Protection by Design
6 Scenarios
6.1 Private Set Intersection
6.1.1 Solution 1
6.1.2 Solution 2
6.1.3 Solution 3
6.2 Outsourcing
6.2.1 Solution
6.2.2 Variant
7 Conclusion
References
3 A Critique of the Google Apple Exposure Notification (GAEN) Framework
1 Introduction
2 How Contact Tracing and Exposure Notification Works
3 The GAEN Framework
4 How the GAEN Framework Differs from a Purely App-Based Approach
5 A Critique of the GAEN Framework
5.1 GAEN Creates a Dormant Mass Surveillance Tool
5.2 Google and Apple Control the Exposure Notification Microdata
5.3 Distributed Can Be Made Centralised
5.4 Google and Apple Dictate How Contact Tracing Works
5.5 Function Creep
6 Conclusion
References
Part II Implications of Regulatory Framework in the European Union
4 Global Data Processing Identifiers and Registry (DP-ID)
1 Introduction
2 Global Data Processing Identifier Registry Concept
3 Facilitating GDPR Compliance
3.1 Obligation to Inform Art. 12, 13, 14
3.2 Data Protection by Design and Default Art. 25
4 Data Processing-Identified Requirements
5 DP-ID Implementation
6 Data Processing Identifier Format
7 Enabling Data Processing Mapping
8 Demonstrating Integrability and Portability
9 Demonstrating Interoperability
Preface
Organization
Executive Commitee
Steering Committee
Program Commitee
Additional Referees
Sponsoring Institutions
Contents
Part I Privacy Friendly Data Usage
1 An Overview of the Secondary Use of Health Data Within the European Union: EU-Driven Possibilities and Civil Society Initiatives
1 Introduction: The Potential of the Secondary Use of Data for Health and Care in the European Union
2 The Legal Framework in the European Union
2.1 The Secondary Use of Health Data Within the General Data Protection Regulation (GDPR)
2.2 The Data Governance Act: A Debated First Approach to the Secondary Use of Data
2.3 Artificial Intelligence and Personal Data in the EU Framework
3 Initiatives Towards the Use of Data Within Healthcare Research
3.1 Policymaker Initiatives
3.2 Civil Society Initiatives
4 Discussion
5 Conclusions
References
2 Multi-Party Computation in the GDPR
1 Introduction
2 Multi-Party Computation
2.1 Introduction
2.2 Private Set Intersection
2.3 Security
3 GDPR: Personal Data
3.1 Absolute Approach
3.2 Relative Approach
3.3 Risk-Based Approach
3.4 Conclusion
4 GDPR: Data Protection by Design
4.1 Article 25
4.2 Privacy Engineering
4.2.1 Privacy-Enhancing Technologies
4.3 EDPB Guidelines
4.4 Conclusion
5 MPC in the GDPR
5.1 Related Work
5.2 Test
5.2.1 Absolute vs. Relative
5.2.2 Input Data
5.2.3 Output Data
5.2.4 Data Minimization
5.3 Security Model and Trust Assumption
5.3.1 GDPR Avoidance
5.3.2 Data Protection by Design
6 Scenarios
6.1 Private Set Intersection
6.1.1 Solution 1
6.1.2 Solution 2
6.1.3 Solution 3
6.2 Outsourcing
6.2.1 Solution
6.2.2 Variant
7 Conclusion
References
3 A Critique of the Google Apple Exposure Notification (GAEN) Framework
1 Introduction
2 How Contact Tracing and Exposure Notification Works
3 The GAEN Framework
4 How the GAEN Framework Differs from a Purely App-Based Approach
5 A Critique of the GAEN Framework
5.1 GAEN Creates a Dormant Mass Surveillance Tool
5.2 Google and Apple Control the Exposure Notification Microdata
5.3 Distributed Can Be Made Centralised
5.4 Google and Apple Dictate How Contact Tracing Works
5.5 Function Creep
6 Conclusion
References
Part II Implications of Regulatory Framework in the European Union
4 Global Data Processing Identifiers and Registry (DP-ID)
1 Introduction
2 Global Data Processing Identifier Registry Concept
3 Facilitating GDPR Compliance
3.1 Obligation to Inform Art. 12, 13, 14
3.2 Data Protection by Design and Default Art. 25
4 Data Processing-Identified Requirements
5 DP-ID Implementation
6 Data Processing Identifier Format
7 Enabling Data Processing Mapping
8 Demonstrating Integrability and Portability
9 Demonstrating Interoperability