Figure - available via license: Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International
Content may be subject to copyright.
Meaning of 'directly or indirectly identified or identifiable'
Context in source publication
Context 1... the same time, an otherwise non-unique identifier, such as that a person is wearing a black suit, may become unique and hence be sufficient to directly identify a person in a particular context, eg to distinguish one person from the people standing at a traffic light without any additional information. 101 This results in the meaning of identification as presented in Table 3. A person is 'identified directly', ie distinguished from the group, by name or another unique identifier which is obtained and where no additional information is necessary. ...
... They point out that there is a basic contradiction between the GDPR on the one hand, which implies an acceptable residual risk of identification compatible with the anonymous status of data, with interpretations by national supervisory authorities as well as the European Data Protection Board on the other, which consider that no remaining risk of identification is acceptable for data to qualify as anonymous. Purtova has provided a similar analysis of the uncertainties surrounding the concept of identification and identifiability as critical boundary concepts of data protection law . Another open thread of legal discussion concerns the question whether the scope of personal data protection should be extended to ML models, such as DL networks trained on personal data . ...
Brain-Computer Interfaces (BCIs) comprise a rapidly evolving field of technology with the potential of far-reaching impact in domains ranging from medical over industrial to artistic, gaming, and military. Today, these emerging BCI applications are typically still at early technology readiness levels, but because BCIs create novel, technical communication channels for the human brain, they have raised privacy and security concerns. To mitigate such risks, a large body of countermeasures has been proposed in the literature, but a general framework is lacking which would describe how privacy and security of BCI applications can be protected by design, i.e., already as an integral part of the early BCI design process, in a systematic manner, and allowing suitable depth of analysis for different contexts such as commercial BCI product development vs. academic research and lab prototypes. Here we propose the adoption of recent systems-engineering methodologies for privacy threat modeling, risk assessment, and privacy engineering to the BCI field. These methodologies address privacy and security concerns in a more systematic and holistic way than previous approaches, and provide reusable patterns on how to move from principles to actions. We apply these methodologies to BCI and data flows and derive a generic, extensible, and actionable framework for brain-privacy-preserving cybersecurity in BCI applications. This framework is designed for flexible application to the wide range of current and future BCI applications. We also propose a range of novel privacy-by-design features for BCIs, with an emphasis on features promoting BCI transparency as a prerequisite for informational self-determination of BCI users, as well as design features for ensuring BCI user autonomy. We anticipate that our framework will contribute to the development of privacy-respecting, trustworthy BCI technologies.
... With the widespread adoption of big data technology, the role of identity identification becomes more limited, while feature recognition takes on a larger role. The latest study by Purtova (2022) keenly captures this change and adds targeting as the new fifth identification type, implying the selection of a specific individual from a group at a point in time as the object of attention or processing. It is not difficult to find convergence between the above theory's evolution and Chinese judicial practice. ...