Figure - available from: Humanities and Social Sciences Communications
This content is subject to copyright. Terms and conditions apply.
Cost of a Data Breach Report 2022 (from IBM Security, 2022) Note: Measured in USD millions. The most common initial attack vector in 2022 was stolen or compromised credentials, responsible for 19% of breaches in the study, at an average cost of USD 4.50 million.
Source publication
Personal physiological data is the digital representation of physical features that identify individuals in the Internet of Everything environment. Such data includes characteristics of uniqueness, identification, replicability, irreversibility of damage, and relevance of information, and this data can be collected, shared, and used in a wide range...
Citations
... The IoE is considered a huge, complex network ecosystem composed of objects, digital devices, digital individuals, digital enterprises, digital governments, data resources, and other elements connected by digital platforms and digital processes (Li 2020). Compared with the Internet of Things (IoT), which connects aspects such as sensors and devices, the IoE has a wider range of connected objects and can interact strongly with individual and social environments (Martino et al. 2017;Wang et al. 2023), translating the real world ubiquitously and holographically into a digital world. In particular, Everything to Person (E2P) service providers based on various scenarios such as personal work, travel, medical treatment, and entertainment scenes allow for ubiquitous data gathering and combination (Harari et al. 2016;Ioannou et al. 2020). ...
... These E2P service providers commit to analysing "who you are, what you are doing, what you think, and what you need" and creating more personalised and targeted user profiles or "digital identities" (Mathews-Hunt 2016), which can provide more customised and tailored services to expand their user base.types of personal data are expanding and transforming in unprecedented ways. The essence of IoE is "connecting While the convenience of various services provided by IoE is built on the wide collection and utilisation of users' personal data (Li et al. 2017), privacy and security risks become accordingly apparent once data breaches and abuse occur (Wang et al. 2023). Gradually, individuals value the importance of privacy due to mounting, serious privacy concerns and have become more prudent in their online adoption and data provision behaviour (Lyu et al. 2024;Ayaburi and Treku 2020;Hajli and Lin 2016). ...
... Very few studies have focused on the IoE context. The intelligence of IoE technology is changing our lives; in particular, IoE technologies such as deep learning, artificial intelligence, and big data require the sharing of multiple new types of personal data (Wang et al. 2023), such as facial data, online behavioural data, or spiritual data. Research has shown that these new types of personal data pose greater and more insidious risks of privacy breaches, and users are more cautious about them (Wang et al. 2023;Farayola et al. 2024). ...
The ubiquitous monitoring and collection capabilities of the IoE, as well as its innovative scenarios, have led to changes in the content and type of personal data. Personal data sensitivity, as a standard for measuring privacy attitudes, can provide a reference for the design and improvement of privacy systems. This study aims to evaluate individuals’ personal data sensitivity in the IoE context, to better understand individuals’ current privacy attitudes. This study uses a questionnaire survey to study personal data sensitivity and the antecedents affecting personal data sensitivity among 1921 Chinese citizens. Research suggests that, within the spectrum of 41 personal data categories, identifiers such as ID numbers and home addresses are deemed highly sensitive. Furthermore, within the IoE context, emerging types of personal data, including behavioural and facial recognition data, also demonstrate significant sensitivity. With respect to sensitivity levels, personal data can be categorized into four tiers: very highly sensitive data, highly sensitive data, medium sensitive data, and low sensitive data. The study also finds that perceived privacy risks, privacy concerns, and social influences have a significant impact on personal data sensitivity, and there are differences in public perception of personal data sensitivity among different genders, ages, and educational levels.
... However, effectively leveraging these rich data sources requires addressing two interrelated challenges. The first challenge is ensuring patient privacy while sharing sensitive medical data across institutions (Wang et al., 2023;Jwa and Poldrack, 2022). The second challenge involves managing the heterogeneity of biomedical datasets, particularly in mitigating distribution shifts that arise when integrating populations from diverse clinical settings. ...
Motivation
Advancing data sharing in biomedical research, particularly for sensitive genomic and clinical datasets, is crucial for improving model performance across diverse patient populations. However, stringent privacy concerns hinder collaboration and limit insights derived from multi-institutional datasets. Current approaches to privacy-preserving data sharing fail to address gaps between data distributions.
Results
We introduce NoisyFlow, a differentially private neural network-based optimal transport framework designed to enable secure and unbiased biomedical data sharing. By integrating optimal transport theory with neural networks and differential privacy mechanisms, our framework aligns data distributions across institutions while preserving individual privacy. NoisyFlow eliminates the need for direct data sharing and reduces distribution shifts caused by covariate and batch effects. Empirical evaluations demonstrate the framework’s effectiveness in handling high-dimensional single-cell genomic data and histopathology images, achieving superior privacy guarantees while maintaining high utility in downstream tasks such as disease classification.
Availability and implementation
The implementation of NoisyFlow is available at https://github.com/liyy2/NoisyFlow .
Contact
mark@gersteinlab.org .
Supplementary information
Supplementary data are available online.
... However, the attack methods of some criminals and hackers are also constantly improving, and they try their best to find vulnerabilities and carry out malicious attacks. In recent years, a large number of serious personal data leaks have occurred around the world: for example, the 2019 Facebook data breach in the United States affected 540 million people [1]; China Deep Web Vision's non-compliant and illegal data processing practices have exposed billions of facial data [1]; The Finnish National Police informed the Office of the Data Protection Ombudsman in April 2021 of a personal data breach [21] involving the trial of facial recognition software by the National Bureau of Investigation in early 2020, which was caused by a failure to comply with the responsibility of the controller in the operation. Nor do the measures taken by the controller prevent the illegal processing of personal data [21]; Suprema, a security firm used by British police, banks and military contractors, reported that a security breach at a British biometrics company called Suprema compromised 28 million records and 23GB of data, including fingerprints, facial recognition data, passwords and security clearance information. ...
... However, the attack methods of some criminals and hackers are also constantly improving, and they try their best to find vulnerabilities and carry out malicious attacks. In recent years, a large number of serious personal data leaks have occurred around the world: for example, the 2019 Facebook data breach in the United States affected 540 million people [1]; China Deep Web Vision's non-compliant and illegal data processing practices have exposed billions of facial data [1]; The Finnish National Police informed the Office of the Data Protection Ombudsman in April 2021 of a personal data breach [21] involving the trial of facial recognition software by the National Bureau of Investigation in early 2020, which was caused by a failure to comply with the responsibility of the controller in the operation. Nor do the measures taken by the controller prevent the illegal processing of personal data [21]; Suprema, a security firm used by British police, banks and military contractors, reported that a security breach at a British biometrics company called Suprema compromised 28 million records and 23GB of data, including fingerprints, facial recognition data, passwords and security clearance information. ...
... This risk puts 5,700 organizations in 83 countries (including the UK's Metropolitan Police) at high risk. [22] At the national level, the impact of physiological data breaches can be far-reaching, for example, the Equifax hack, which exposed the data of 143 million US citizens [1], posing a serious threat to US national security. The frequency and scale of these data leaks are shocking, touching people's great concerns about the increasingly widespread use of face recognition technology, and even the use of facial recognition by federal agencies has aroused the anger of lawmakers, which has a negative impact on the further development of face recognition technology applications, so how to ensure the security of personal information privacy while developing face recognition technology applications? ...
... To examine the effect of client participation within the MFL model, we tested different numbers of clients, that is, K=5, K=10, and K=20. As reported by Wang et al [34] and confirmed in Figure 2, an increasing number of clients and more client participation provide better performance for MFL training. The client distribution is different in assessing the MFL model in real-world conditions. ...
Background
The rise of wearable sensors marks a significant development in the era of affective computing. Their popularity is continuously increasing, and they have the potential to improve our understanding of human stress. A fundamental aspect within this domain is the ability to recognize perceived stress through these unobtrusive devices.
Objective
This study aims to enhance the performance of emotion recognition using multitask learning (MTL), a technique extensively explored across various machine learning tasks, including affective computing. By leveraging the shared information among related tasks, we seek to augment the accuracy of emotion recognition while confronting the privacy threats inherent in the physiological data captured by these sensors.
Methods
To address the privacy concerns associated with the sensitive data collected by wearable sensors, we proposed a novel framework that integrates differential privacy and federated learning approaches with MTL. This framework was designed to efficiently identify mental stress while preserving private identity information. Through this approach, we aimed to enhance the performance of emotion recognition tasks while preserving user privacy.
Results
Comprehensive evaluations of our framework were conducted using 2 prominent public datasets. The results demonstrate a significant improvement in emotion recognition accuracy, achieving a rate of 90%. Furthermore, our approach effectively mitigates privacy risks, as evidenced by limiting reidentification accuracies to 47%.
Conclusions
This study presents a promising approach to advancing emotion recognition capabilities while addressing privacy concerns in the context of empathetic sensors. By integrating MTL with differential privacy and federated learning, we have demonstrated the potential to achieve high levels of accuracy in emotion recognition while ensuring the protection of user privacy. This research contributes to the ongoing efforts to use affective computing in a privacy-aware and ethical manner.
... Devices produced by different manufacturers may use different communication protocols and data formats, leading to ineffective interaction and integration between devices. Additionally, IoT devices typically have lower computing and storage capabilities, making them vulnerable to security attacks [10], which could result in issues such as data breaches [11] and device tampering [12]. Furthermore, privacy protection and data security are also significant challenges faced by the IoT. ...
With the rapid development and widespread application of Internet of Things (IoT) technology, we are in an era of digital transformation, where the integration between the physical and digital worlds continues to deepen [...]
... Laws that govern the collection, use and disclosure of personal information by organisations, governments and other entities. With the growing importance of data itself, threats of possible maltreatment and improper use of personal information come to light (Wang et al., 2023). Such rights and freedom are being implemented by laws, for instance, GDPR in the European Union, by different governments worldwide (Ducato, 2020). ...
In today’s digital interconnectedness, data regulation in South Asia, particularly in India and Pakistan, is transforming into a state where profound changes are occurring. This article deals with the contrastive analysis of personal data-protection laws in the two countries, with the aim of revealing the points of convergence and divergence and the reasons that either support or reject unification. Different approaches led to the development of these standards, which encompass varying levels of scope, complexity and risk. The methodology prescribes reviewing and assessing the existing laws and proposing their legislative development. The research exposes the inefficiency in the legislative aspect of dealing with the rising demand for an adequate regulatory framework for data-protection measures. The wisdom drawn from this examination bestows priceless advice on Politian’s, legal experts and all involved parties who are concerned about data protection in the context of digital connections. International best practices can be adapted to inform reforms of the Digital Personal Data Protection (DPDP) Act, 2023, in India and the proposed Personal Data Protection Bill, 2023, in Pakistan to bring enhanced regimes for comprehensive and effective personal data protection in both nations. Keywords: data-protection laws; India; legislation; Pakistan.
... The Security Domain: Researchers [35][36][37][38][39][40][41], have made significant contributions to the field of IoE security, with 13% of IoE research applied to this domain. Their joint research efforts address the most important issues around security and privacy in the IoE ecosystem. ...
... With the increasing ubiquity and sophistication of facial recognition technology, a potential security and privacy concern regarding the exposure of facial data linked to sensitive personal information within the expansive Internet of Everything application platform arises [40]. Across various domains, the Internet of Everything generates copious data, encompassing domains like healthcare systems, traffic management, smart city surveillance, educational platforms, social networks, and government entities, among others. ...
... Collaborative efforts will provide holistic insights into the IoE's multifaceted aspects. • Privacy Protection: Addressing privacy challenges in the IoE, as recognized by [40], remains crucial. Future research endeavors should focus on devising effective mechanisms and privacy management theories to safeguard user data. ...
The Internet of Everything (IoE) represents a paradigm shift in the world of connectivity. While the Internet of Things (IoT) initiated the era of interconnected devices, the IoE takes this concept to new heights by interlinking objects, individuals, data, and processes. Symmetry in IoE innovation and technology is essential for creating a harmonious and efficient ecosystem to ensure that the benefits are accessible to a broad spectrum of society while minimizing potential drawbacks. This comprehensive review paper explores the multifaceted landscape of the IoE, delving into its core concepts, enabling technologies, real-world applications, and the intricate web of challenges it presents. A focal point of this review is the diverse array of real-world applications spanning healthcare, smart cities, industry 4.0, agriculture, and sustainability. Previous works and examples illustrate how the IoE reshapes these domains, leading to greater efficiency, sustainability, and improved decision making. However, the transformative power of the IoE is accompanied by a host of challenges, including security and privacy concerns, interoperability issues, and the ethical implications of ubiquitous connectivity. These challenges are dissected in order to comprehensively understand the obstacles and potential solutions in the IoE landscape. As we stand on the cusp of an IoE-driven future, this review paper serves as a valuable resource for researchers, policy makers, and industry professionals seeking to navigate the complexities of this emerging paradigm. By illuminating the intricacies of the IoE, this review fosters a deeper appreciation for the transformative potential and the multifaceted challenges that lie ahead in the Internet of Everything era.
... Other ethical concerns are data privacy and security where personal sensitive data may be inadvertently breached, (https:// www.chargedretail.co.uk/2023/05/04/chatgpt-data-breach/) calling for stricter regulatory oversight and cybersecurity. Patients or doctors may upload eye/facial photos for ChatGPT's "medical assistance", which may risk breaching biometric security and/or identity theft [31]. Also, ChatGPT cannot take accountability nor abide by any ethical/moral boundaries. ...
Facial recognition technologies exist in society. When they were implemented, it was not considered that the use of this technology could lead to a breach of privacy of the individual. Not all countries have specific regulations and there is no standard to determine its international feasibility. This study presents the bibliometric and content analysis of scientific production in Scopus and Web of Science. A total of 169 documents published between 2000 and 2023 were identified. It was found that the most frequently used terms are privacy, facial recognition, surveillance, and security. It was concluded that there is legal and ethical debate because there is no clear protection of human rights for the misuse of this technology.
