A5027694376- Privacy, Security, and Data Protection
- Privacy-Preserving Technologies in Data
- Data Quality and Management
- Ethics and Social Impacts of AI
- Semantic Web and Ontologies
- Access Control and Trust
- Law, AI, and Intellectual Property
- Digitalization, Law, and Regulation
- Scientific Computing and Data Management
- Cloud Data Security Solutions
- 3D Modeling in Geospatial Applications
- Information and Cyber Security
- European Criminal Justice and Data Protection
- Big Data and Business Intelligence
- Artificial Intelligence in Healthcare and Education
- Library Science and Information Systems
- Research Data Management Practices
- Cryptography and Data Security
- Service-Oriented Architecture and Web Services
- Multimedia Communication and Technology
- Patient Dignity and Privacy
- Ethics in medical practice
- Biomedical Text Mining and Ontologies
- Explainable Artificial Intelligence (XAI)
- Dispute Resolution and Class Actions
Dublin City University
2022-2024
Trinity College Dublin
2016-2024
Ghent University
2024
Koblenz University of Applied Sciences
2024
Universität Koblenz
2024
Science Foundation Ireland
2022-2023
Trinity College
2018-2019
University College Cork
2015
Solid is a new radical paradigm based on decentralising control of data from central organisations to individuals that seeks empower have active who and how their being used. In order realise this vision, the use-cases implementations also require us be consistent with relevant privacy protection regulations such as GDPR. However, do so first requires prior understanding all actors, roles, processes involved in use-case, which then need aligned GDPR’s concepts identify obligations,...
The Global Alliance for Genomics and Health is an international consortium that developing the Data Use Ontology (DUO) as a standard providing machine-readable codes automation in data discovery responsible sharing of genomics data. DUO concepts, which are encoded using OWL, only contain textual descriptions conditions use they represent, do not specify intended permissions, prohibitions, obligations explicitly – limits their usefulness. We present exploration how Open Digital Rights...
The Data Privacy Vocabulary (DPV), developed by the W3C Vocabularies and Controls Community Group (DPVCG), enables creation of machine-readable, interoperable, standards-based representations for describing processing personal data. group has also published extensions to DPV describe specific applications support legislative requirements such as EU's GDPR. fills a crucial niche in state art providing vocabulary that can be embedded used alongside other existing standards ODRL, which...
The use of AI in healthcare has the potential to improve patient care, optimize clinical workflows, and enhance decision-making. However, bias, data incompleteness, inaccuracies training datasets can lead unfair outcomes amplify existing disparities. This research investigates current state dataset documentation practices, focusing on their ability address these challenges support ethical development. We identify shortcomings methods, which limit recognition mitigation other issues datasets....
Solid, the emerging technology for organizing data in decentralized stores, relies on a simple authorization mechanism granting access to data. Solid's personal online datastores (Pods) are ideal keeping data, as they allow individuals represent permissions very manner using Access Control Language (ACL) expressions. Whereas these expressions suffice yes/no and read/write permissions, cannot more complex rules nor invoke regulation-specific concepts. This paper describes an extension of ACL...
The acceptance of the GDPR legislation in 2018 started a new technological shift towards achieving transparency. put focus on concept informed consent applicable for data processing, which led to an increase responsibilities regarding sharing both end users and companies. This paper presents literature survey existing solutions that use semantic technology implementing consent. main is ontologies, how they are used representation management combination with other technologies such as...
The EU's proposed AI Act sets out a risk-based regulatory framework to govern the potential harms emanating from use of systems. Within Act's hierarchy risks, systems that are likely incur "high-risk" health, safety, and fundamental rights subject majority provisions. To include uses where at stake, Annex III provides list applications wherein conditions shape high-risk described. For systems, places obligations on providers users regarding keeping appropriate documentation through...
Consenting on the Web, in context of online privacy and data protection, is universally accepted as a difficult problem, mainly because its cross-disciplinarity. For example, any approach to needs meet usability, legal, regulatory, technical, business requirements. To date, effort has been predominantly focused meeting compliance with regulations automation, less true re-empowerment users respect their personal data. One that not seen sufficient research use ' <italic...
Data Protection and Consenting Communication Mechanisms (DPCCMs) enable users to express their privacy decisions manage online consent. Thus, they can become a crucial means of protecting individuals' agency, thereby replacing the current problematic practices such as "consent dialogues". Based on an in-depth analysis different DPCCMs, we propose interdisciplinary set factors that be used for comparison mechanisms. Moreover, use results from qualitative expert study identify some main...
Information associated with regulatory compliance is often siloed as legal documentation that not suitable for querying or reuse. Utilising open standards and technologies to represent query this information can facilitate interoperability between stakeholders assist in the task of maintaining well demonstrating compliance. In paper, we show how semantic web representation related General Data Protection Regulation (GDPR), an European law governing use consent personal data. We focus on...
With the upcoming enforcement of EU AI Act, documentation high-risk systems and their risk management information will become a legal requirement playing pivotal role in demonstration compliance. Despite its importance, there is lack standards guidelines to assist with drawing up aligned Act. This paper aims address this gap by providing an in-depth analysis Act's provisions regarding technical documentation, wherein we particularly focus on management. On basis analysis, propose Cards as...
This paper introduces a collaborative, human-centered taxonomy of AI, algorithmic and automation harms. We argue that existing taxonomies, while valuable, can be narrow, unclear, typically cater to practitioners government, often overlook the needs wider public. Drawing on taxonomies large repository documented incidents, we propose is clear understandable broad set audiences, as well being flexible, extensible, interoperable. Through iterative refinement with topic experts crowdsourced...
Abstract Data processing is increasingly becoming the subject of various policies and regulations, such as European General Protection Regulation (GDPR) that came into effect in May 2018. One important aspect GDPR informed consent, which captures one’s permission for using personal information specific data purposes. Organizations must demonstrate they comply with these policies. The fines come non-compliance are importance it has driven research facilitating compliance verification....
The GDPR requires Data Controllers and Protection Officers (DPO) to maintain a Register of Processing Activities (ROPA) as part overseeing the organisation’s compliance processes. ROPA must include information from heterogeneous sources such (internal) departments with varying IT systems (external) data processors. Current practices use spreadsheets or proprietary that lack machine-readability interoperability, presenting barriers automation. We propose Catalogue (DPCat) for representation,...
The ISO/IEC TS 27560:2023 Privacy technologies - Consent record information structure provides guidance for the creation and maintenance of records regarding consent as machine-readable information. It also on use this to exchange such between entities in form 'receipts'. In article, we compare requirements 27560:2023, 29184:2020 Notices, EU's General Data Protection Regulation (GDPR) show how these standards can be used support GDPR compliance. We then Vocabulary (DPV) implement create...