Alexandra Giannopoulou’s research while affiliated with University of Amsterdam and other places

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (6)


Self-sovereign identity
  • Article
  • Full-text available

April 2021

·

649 Reads

·

19 Citations

Internet Policy Review

Alexandra Giannopoulou

·

Fennie Wang

The concept of self-sovereign identity (SSI) describes an identity management system created to operate independently of third-party public or private actors, based on decentralised technological architectures, and designed to prioritise user security, privacy, individual autonomy and self-empowerment.

Download

Data Protection Compliance Challenges for Self-sovereign Identity

July 2020

·

81 Reads

·

20 Citations

Advances in Intelligent Systems and Computing

Various identity management solutions are emerging in different jurisdictions, with the goal of creating a unified and privacy-preserving identity management system bridging the offline with the online. Within this trend, the concept of self-sovereign identity has re-emerged. It is a concept attached to expressions of both individual autonomy and individual control (sovereignty)—an aspiration in direct relation to what blockchain is promised to bring in contemporary discourse. The paper will provide an overview of the current self-sovereign identity paradigm solutions within the technological environment that involves decentralized networks and it will trace some of the challenges it faces within the European Union especially with regards to the General Data Protection Regulation (EU) 2016/679 (GDPR).


Algorithmic systems: the consent is in the detail?

March 2020

·

107 Reads

·

20 Citations

Internet Policy Review

Applications of algorithmically informed decisions are becoming entrenched in society, with data processing being their main process and ingredient. While these applications are progressively gaining momentum, established data protection and privacy rules have struggled to incorporate the particularities of data-intensive information societies. Consequently, there is a misalignment created between algorithmic processing of personal data and the corresponding regulatory frameworks since they both strive for meaningful control over personal data. However, the challenges to the traditional role and the concept of consent are particularly manifest. This article examines the transformation of consent in order to assess how the concept in itself as well as the applied models of consent can be reconciled to correspond not only to current data protection normative frameworks but also to algorithmic processing technologies. This particularly pressing area of safeguarding a fundamental aspect of individual control over personal data in the algorithmic era is interlinked with practical implementations of consent in the technology used. Moreover, it relates to adopted interpretations of the concept of consent, to the scope of application of personal data, as well as to the obligations enshrined in them. What makes consent efficient as a data protection tool? Can its previous glory be maintained within the current techno-legal challenges?



Distributed Data Protection and Liability on Blockchains

April 2019

·

50 Reads

·

4 Citations

Lecture Notes in Computer Science

Blockchains and the GDPR pursue similar objectives where they seek to grant users greater control over their personal data. While the latter pursues this goal by imposing duties of care to centralized controllers and collectors of data, blockchains go a step beyond by trying to eliminate these stakeholders and the need to trust them. Nevertheless, the rules set out by the GDPR apply whenever personal data are at stake, and various actors of the blockchain ecosystem risk liability for controlling of processing data in violation of privacy requirements. A possible solution is to re-contextualize the concepts of data controlling and responsibility, as framed by the GDPR, in light of blockchains’ enhanced individual autonomy. In this paper, we set the framework for a further inquiry on the role of users as both data subjects and data controllers of distributed ledgers.


Citations (5)


... Powstaje również pytanie o granice dopuszczalności tworzenia sztucznych tożsamości cyfrowych np. w metaverse, które mogą sprzyjać działaniom nieetycznym lub przestępczym [Giannopoulou, Wang, 2021]. W tym kontekście kluczowe znaczenie może mieć koncepcja cyfrowej tożsamości suwerennej (Self Sovereign Identity -SSI) [Sas, 2020;Duijzer, 2021]. ...

Reference:

Metaverse – nadmierny szum czy nowe szanse dla biznesu? (cz. 1)
Self-sovereign identity

Internet Policy Review

... Zhu and Badr [ref] also reviewed papers that use blockchain to implement SSI in the context of IoT devices. Giannopoulou [11] provided an overview of current SSI solutions within the technological environment involving decentralized networks, analyzing challenges related to data protection and privacy laws. ...

Data Protection Compliance Challenges for Self-sovereign Identity
  • Citing Chapter
  • July 2020

Advances in Intelligent Systems and Computing

... This process leaves the question of when the ML model should be re-trained with a new dataset after a data subject withdraws their consent or consent expires after a certain period [6]- [8]. Consent is one of six legal bases for processing personal data as stated in GDPR, which indicates an ML system shall not process any personal data without valid consent, which is unlawful [9]. ...

Algorithmic systems: the consent is in the detail?

Internet Policy Review

... This distribution reduces the risk of a single point of failure. In a decentralized system, even if some nodes are compromised, the integrity of the data remains intact because other nodes can validate and maintain the correct version of the ledger (Bodó & Giannopoulou, 2019). ...

The logics of technology decentralization – the case of distributed ledger technologies

... It is discussed in the literature that there is a linkability risk when data stored in a hashed form: the possibility to link a particular piece of data and a hash value can still be found or a hash value might be used to infer personal information, when the same hash value is stored multiple times (Erbguth, 2019;Duarte, 2019). Therefore, it is not surprising that we observed a general consensus in the literature, which highlights that transactional data pseudonymised via encryption or hash functions should still be considered personal data (Giordano, 2021;Politou et al., 2019;Wirth and Kolain, 2018;Molina et al., 2021;Giannopoulou and Ferrari, 2018;Kolan et al., 2020;Wilford et al., 2021;Ferrari et al., 2018;Duarte, 2019;Teperdjian, 2020;Dutta et al., 2020;Schmelz et al., 2018;Karasek-Wojciechowicz, 2021;Alessi et al., 2019;Duarte, 2019). ...

Distributed Data Protection and Liability on Blockchains
  • Citing Chapter
  • April 2019

Lecture Notes in Computer Science