Legal and Technical Approaches to MyData

We discuss state-of-the-art legal and technical questions relating to the regulation of information, personal data and privacy, and the impacts on individuals, businesses and the public sector.

Legal and Technical Approaches to MyData

in room A-121, Tallinn University

The legal and technical academic workshops were initially planned as separate workshops, but in order to give the session more substance, and considering the strong complementary nature of the accepted papers, we decided to join forces and hold a common session instead. We feel that the presentations will benefit from a multidisciplinary audience and we expect a quite interesting discussion to come out of this collaboration.

MyData is a new human-centric paradigm in data management that puts individuals in charge of their own personal data. Recent legislation as well as jurisprudence in Europe have attempted to significantly strengthen the standing of individuals in a digitized world. These forms of regulation are impacting the collection and use of personal information both in the public sphere as well as for business. While some see such regulation as a heavy burden for business and innovation, others embrace modern regulatory instruments, the increased protection of informational fundamental rights or the harmonization of rules.

While legal frameworks and social practices set the scene for implementing MyData, the actual technical implementations are central as they ultimately define the limitations and possibilities for us being in control of our personal data — “code is law” as Lawrence Lessig put it. Indeed, the human-centric personal data paradigm presents several novel and important technical challenges that need to be overcome.

This workshop discusses state-of-the-art legal and technical questions relating to the regulation of information, personal data and privacy, and the impacts on individuals, businesses and the public sector as well as the idea of MyData as a model for human centric management of personal data and the way it fits together with the regulatory approaches. Additionally, this workshop focuses on a wide spectrum of technical challenges, including technologies for sharing and consenting, and security & privacy.

Workshop program

10:30 – 12:00, Session 1 (1,5h)
Chair: Jens Kremer

Track Conveners: Welcome & Introduction

Sam Wrigley: New kid on the block(chain): Controllers, processors and decentralised processing.

Nicolo Zingales: The rise of ‘infomediaries’ and its competitive implications

Anna Mayer & Jeffrey Ritter: Regulating Data as Property: A New Construct for Moving Forward.

13:15 – 14.45, Session 2 (1,5 h)
Chair: Yki Kortesniemi

Krisztina Huszti-Orban: The Role of Consent in the Collection, Retention, Processing and Sharing of Data by Business Enterprises.

Arianna Rossi & Monica Palmirani: Automatically Transposing GDPR’s Requirements for Informed Consent into Visual Interfaces

Francois Mestre: Ontology design patterns for an ontology of IT law

Alper T. Alan, Dorota Filipczuk, Tim Baarslag, Richard Gomer, Enrico Gerding, m.c. schraefel: An Evaluation of Negotiation Agents for Permission Management: A Lab Study

15:00 – 16:00, Session 3 (1 h)
Chair: Mats Sjöberg

Maximilian Von Grafenstein, Christina Douka: The ‘state of the art’ of privacy- and security-by-design (measures).

Paul Francis: Diffix: GDPR-level Anonymity with High Utility Analytics

Joseph Lindley: Anticipating GDPR in Smart Homes Through Fictional Conversational Objects


Date & venue: Wednesday, August 30, 2017 at Tallinn University

Sign-up to this workshop in advance!

Guidelines: Presenting in the workshop is subject to an accepted abstract. Acceptance notifications have already been sent out. The abstracts will be published on this web page in time before the workshop. The plan is to later organize a joint proceedings containing the full papers.

Workshop organizers

Legal – contact email:
Jens Kremer, University of Helsinki
Anette Alen-Savikko, University of Helsinki

Technical – contact email:
Mats Sjöberg, University of Helsinki
Yki Kortesniemi, Aalto University
Harri Honko, Tampere University of Technology
Tuukka Lehtiniemi, Helsinki Institute for Information Technology

The workshop is arranged in connection with the MyData 2017 conference, Tallinn & Helsinki, 30.8. – 1.9.2017. General information of the academic workshops of the conference can be found here.