資料載入中.....
|
請使用永久網址來引用或連結此文件:
https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/121963
|
題名: | Examining Compliance with Personal Data Protection Regulations in Interorganizational Data Analysis |
作者: | Li, Szu Chuang;Chen, Yi-Wen;Huang, Yennun |
關鍵詞: | personal data protection;privacy;federated learning;data deidentification |
日期: | 2021-10-16 |
上傳時間: | 2022-01-20 12:10:59 (UTC+8) |
出版者: | MDPI |
摘要: | The development of big data analysis technologies has changed how organizations work. Tech giants, such as Google and Facebook, are well positioned because they possess not only big data sets but also the in-house capability to analyze them. For small and medium-sized enterprises (SMEs), which have limited resources, capacity, and a relatively small collection of data, the ability to conduct data analysis collaboratively is key. Personal data protection regulations have become stricter due to incidents of private data being leaked, making it more difficult for SMEs to perform interorganizational data analysis. This problem can be resolved by anonymizing the data such that reidentifying an individual is no longer a concern or by deploying technical procedures that enable interorganizational data analysis without the exchange of actual data, such as data deidentification, data synthesis, and federated learning. Herein, we compared the technical options and their compliance with personal data protection regulations from several countries and regions. Using the EU’s GDPR (General Data Protection Regulation) as the main point of reference, technical studies, legislative studies, related regulations, and government-sponsored reports from various countries and regions were also reviewed. Alignment of the technical description with the government regulations and guidelines revealed that the solutions are compliant with the personal data protection regulations. Current regulations require “reasonable” privacy preservation efforts from data controllers; potential attackers are not assumed to be experts with knowledge of the target data set. This means that relevant requirements can be fulfilled without considerably sacrificing data utility. However, the potential existence of an extremely knowledgeable adversary when the stakes of data leakage are high still needs to be considered carefully. |
關聯: | Sustainability 13(20), 11459 |
DOI: | 10.3390/su132011459 |
顯示於類別: | [資訊傳播學系暨研究所] 期刊論文
|
文件中的檔案:
檔案 |
描述 |
大小 | 格式 | 瀏覽次數 |
index.html | | 0Kb | HTML | 162 | 檢視/開啟 |
|
在機構典藏中所有的資料項目都受到原著作權保護.
|