Legal and Technical Approaches to MyData
in room A-121, Tallinn University
The legal and technical academic workshops were initially planned as separate workshops, but in order to give the session more substance, and considering the strong complementary nature of the accepted papers, we decided to join forces and hold a common session instead. We feel that the presentations will benefit from a multidisciplinary audience and we expect a quite interesting discussion to come out of this collaboration.
MyData is a new human-centric paradigm in data management that puts individuals in charge of their own personal data. Recent legislation as well as jurisprudence in Europe have attempted to significantly strengthen the standing of individuals in a digitized world. These forms of regulation are impacting the collection and use of personal information both in the public sphere as well as for business. While some see such regulation as a heavy burden for business and innovation, others embrace modern regulatory instruments, the increased protection of informational fundamental rights or the harmonization of rules.
While legal frameworks and social practices set the scene for implementing MyData, the actual technical implementations are central as they ultimately define the limitations and possibilities for us being in control of our personal data — “code is law” as Lawrence Lessig put it. Indeed, the human-centric personal data paradigm presents several novel and important technical challenges that need to be overcome.
This workshop discusses state-of-the-art legal and technical questions relating to the regulation of information, personal data and privacy, and the impacts on individuals, businesses and the public sector as well as the idea of MyData as a model for human centric management of personal data and the way it fits together with the regulatory approaches. Additionally, this workshop focuses on a wide spectrum of technical challenges, including technologies for sharing and consenting, and security & privacy.
10:30 – 12:00, Session 1 (1,5h)
Chair: Jens Kremer
Track Conveners: Welcome & Introduction
Sam Wrigley: New kid on the block(chain): Controllers, processors and decentralised processing.
Nicolo Zingales: The rise of ‘infomediaries’ and its competitive implications
Anna Mayer & Jeffrey Ritter: Regulating Data as Property: A New Construct for Moving Forward.
13:15 – 14.45, Session 2 (1,5 h)
Chair: Yki Kortesniemi
Krisztina Huszti-Orban: The Role of Consent in the Collection, Retention, Processing and Sharing of Data by Business Enterprises.
Arianna Rossi & Monica Palmirani: Automatically Transposing GDPR’s Requirements for Informed Consent into Visual Interfaces
Francois Mestre: Ontology design patterns for an ontology of IT law
Alper T. Alan, Dorota Filipczuk, Tim Baarslag, Richard Gomer, Enrico Gerding, m.c. schraefel: An Evaluation of Negotiation Agents for Permission Management: A Lab Study
15:00 – 16:00, Session 3 (1 h)
Chair: Mats Sjöberg
Maximilian Von Grafenstein, Christina Douka: The ‘state of the art’ of privacy- and security-by-design (measures).
Paul Francis: Diffix: GDPR-level Anonymity with High Utility Analytics
Joseph Lindley: Anticipating GDPR in Smart Homes Through Fictional Conversational Objects
Date & venue: Wednesday, August 30, 2017 at Tallinn UniversitySign-up to this workshop in advance!
Guidelines: Presenting in the workshop is subject to an accepted abstract. Acceptance notifications have already been sent out. The abstracts will be published on this web page in time before the workshop. The plan is to later organize a joint proceedings containing the full papers.
Technical – contact email: email@example.com
Mats Sjöberg, University of Helsinki
Yki Kortesniemi, Aalto University
Harri Honko, Tampere University of Technology
Tuukka Lehtiniemi, Helsinki Institute for Information Technology