Figure - available from: Cluster Computing
This content is subject to copyright. Terms and conditions apply.
Architecture of the personal information management system. The top-right legend identifies the elements in the diagram. Solid arrows represent interactions from an actor or a set of actors and a system or network. Dashed arrows represent hash pointers to elements
Source publication
The centralization of control over the processing of personal data threatens the privacy of individuals due to the lack of transparency and the obstruction of easy access to their data. Individuals need the tools to effectively exercise their rights, enshrined in regulations such as the European Union General Data Protection Regulation (GDPR). Havi...
Similar publications
Medical records are one of the crucial documents and a significant asset for anyone seeking treatment. Electronic health records (EHRs) have made a dynamic shift by making them easier to manage, facilitate and share among various stakeholders such as doctors, lab technicians, and insurance agents. EHRs are vulnerable to hacker, cybercriminal attack...
Citations
... Notably, the so-called MyData 6 initiative, which has been actively promoted by data and privacy activists (Lehtiniemi, 2017;Lehtiniemi & Haapoja, 2020), shares similarities with the regulation and particularly its concept of data altruism. Analogous information systems for personal data management, data governance, and data altruism have recently been presented also in academic research (Zichichi et al., 2022). However, these initiatives, information systems, and the DGA all seem problematic in that these rely on consent for the sharing and processing of personal data. ...
The European Union (EU) has been pursuing a new strategy under the umbrella label of digital sovereignty. Data is an important element in this strategy. To this end, a specific Data Governance Act was enacted in 2022. This new regulation builds upon two ideas: reuse of data held by public sector bodies and voluntary sharing of data under the label of data altruism. This short commentary reviews the main content of the new regulation. Based on the review, a few points are also raised about potential challenges.
... Notably, the so-called MyData 6 initiative, which has been actively promoted by data and privacy activists (Lehtiniemi, 2017;Lehtiniemi & Haapoja, 2020), shares similarities with the regulation and particularly its concept of data altruism. Analogous information systems for personal data management, data governance, and data altruism have recently been presented also in academic research (Zichichi, Ferretti, D'Angelo, & Rodríguez-Doncel, 2022). However, these initiatives, information systems, and the DGA all seem problematic in that these rely on consent for the sharing and processing of personal data. ...
The European Union (EU) has been pursuing a new strategy under the umbrella label of digital sovereignty. Data is an important element in this strategy. To this end, a specific Data Governance Act was enacted in 2022. This new regulation builds upon two ideas: reuse of data held by public sector bodies and voluntary sharing of data under the label of data altruism. This short commentary reviews the main content of the new regulation. Based on the review, a few points are also raised about potential challenges.
... Decentralized File Storage (DFS) is a solution for storing files as in Cloud Storage [28] but retaining the benefits of decentralization [9]. They offer higher data availability and resilience thanks to data replication. ...
... Their distributed nature solves the single point of failure problem and mitigates the concern for privacy leakage by eliminating third parties. Traditional access-control policies have been combined with DLTs: discretionary (DAC), to manage personal data "off-chain" (i.e., not directly stored in the DLT), through the access-control policy on the blockchain [48]; mandatory (MAC), to constrain the ability of a subject to access on a datum through smart contracts [9]; role-based (RBAC), for achieving crossorganizational authentication for user roles [49]; and attribute-based (ABAC), to grant or deny user requests based on the attributes of a user, an object and environment conditions [50]. Among DLT-based access-control mechanisms, Attribute-Based Encryption (ABE) [51] offers the best policy expressiveness without introducing many elements into the system infrastructure. ...
... The databox, for instance, is a PDS [8,9] that must be conceived as a concept that describes a set of storing and access-control technologies enabling users to have direct control of their data. In [11,58], the databox is a platform that provides means for individuals to manage personal data and control access by other parties wishing to use their data, supporting incentives for all parties. ...
Big Tech companies operating in a data-driven economy offer services that rely on their users’ personal data and usually store this personal information in “data silos” that prevent transparency about their use and opportunities for data sharing for public interest. In this paper, we present a solution that promotes the development of decentralized personal data marketplaces, exploiting the use of Distributed Ledger Technologies (DLTs), Decentralized File Storages (DFS) and smart contracts for storing personal data and managing access control in a decentralized way. Moreover, we focus on the issue of a lack of efficient decentralized mechanisms in DLTs and DFSs for querying a certain type of data. For this reason, we propose the use of a hypercube-structured Distributed Hash Table (DHT) on top of DLTs, organized for efficient processing of multiple keyword-based queries on the ledger data. We test our approach with the implementation of a use case regarding the creation of citizen-generated data based on direct participation and the involvement of a Decentralized Autonomous Organization (DAO). The performance evaluation demonstrates the viability of our approach for decentralized data searches, distributed authorization mechanisms and smart contract exploitation.
Genomic information is increasingly used to inform medical treatments and manage future disease risks. However, any personal and societal gains must be carefully balanced against the risk to individuals contributing their genomic data. Expanding our understanding of actionable genomic insights requires researchers to access large global datasets to capture the complexity of genomic contribution to diseases. Similarly, clinicians need efficient access to a patient’s genome as well as population-representative historical records for evidence-based decisions. Both researchers and clinicians hence rely on participants to consent to the use of their genomic data, which in turn requires trust in the professional and ethical handling of this information.
Here, we review existing and emerging solutions for secure and effective genomic information management, including storage, encryption, consent, and authorization that are needed to build participant trust. We discuss recent innovations in cloud computing, quantum-computing-proof encryption, and self-sovereign identity. These innovations can augment key developments from within the genomics community, notably GA4GH Passports and the Crypt4GH file container standard. We also explore how decentralized storage as well as the digital consenting process can offer culturally acceptable processes to encourage data contributions from ethnic minorities.
We conclude that the individual and their right for self-determination needs to be put at the center of any genomics framework, because only on an individual level can the received benefits be accurately balanced against the risk of exposing private information.
Our personal information, or “digital footprint,” is gathered and used in today's digital age. Digital footprints are kept, unlike snow footprints. There is a large market for this data, which businesses utilize to analyze consumer preferences. Businesses collecting a lot of data in one place pose a privacy risk. Thus, people are worried. Businesses prefer not to utilize intermediaries to manage client data to save money. Therefore, new technology is needed to make online interactions safer and more efficient. We're considering “distributed ledger technology.” This technology is interesting because it securely collects, stores, and processes data without central authority. It has data immutability, transparency, and safety. A problem exists. The European GDPR (general data protection regulation) may conflict with this technology. This chapter will examine this tension, focusing on the right to be forgotten, which permits people to delete their data. It will examine how this new technology and existing privacy policies can function together or need tweaking.
The 2014 Google Spain lawsuit was a major European Court ruling. It indicated that online name searches yield personal information. Google and other search engine operators must remove or prevent search results that breach privacy rights. The “right to forget” lets users remove their personal information from search engine results. Your internet privacy isn't completely protected. Technology changes quickly, making it hard for laws to stay up. The right to be forgotten is criticized for its deceptive nomenclature and inconsistent application. European websites may remove information, but non-European sites (like the US) may not. This right may also limit free speech. The chapter discusses the “right to be forgotten” from the new GDPR perspective. They are testing whether this right gives internet users more control over their data. It conflicts with privacy and free speech. It's considerably difficult since private firms, whose major objective is to make money, have a say, raising problems about our rights.
