AI poses fundamental questions concerning its ethical, social and legal impact thus setting new c... more AI poses fundamental questions concerning its ethical, social and legal impact thus setting new challenges to privacy and data protection. Since 2016, many reports but also legislative initiatives appeared to consider and address the impact of artificial intelligence on society and law. Does AI accelerate the erosion of data protection and related fundamental rights or is there room for mitigating risks and preventing the adverse consequences of an “amplified” AI? Is GDPR applicable to AI? The GDPR applies both in the phase of AI development and with regard to its use for analyzing and decision making about individuals. The provisions of GDPR with regard to the rights of the data subjects, the obligations deriving from accountability or the obligations of processors will contour the way AI and machine learning will be developed and applied. Moreover, the GDPR comprises the elements to face the technological transformations. A first tool consists in the Data Protection Impact Assessments that have to be carried out before deployment of high-risk technologies. A second tool, strictly interrelated to DPIA is the duty to protect personal data by design that the GDPR compels to data controllers.
This policy paper presents and discusses the gaps (or problems) in the security domain where RRI ... more This policy paper presents and discusses the gaps (or problems) in the security domain where RRI can serve as a valuable tool to effectively address these gaps. As the RESPONSIBILITY project focuses on the context of RRI from a civil security technologies perspective, the intended Policy Brief (PB) aims to contribute to the on-going public discourse and development of security policies and recommendations. This policy paper highlights the urgency of the new, emerging and complex security issues, and elaborates the importance of engaging RRI as balancing instrument. In this context, RRI should be integrated in the process (particularly related to security research and innovation) to clarify and handle the on-going tension between formulating and implementing security measures and policies, and the issues related to privacy protection. Several pertinent key recommendations are further highlighted at the end of the paper for further consideration and deliberation. In the paper, pertine...
... and the nature of genetic information creates an additional layer of complexity by introducin... more ... and the nature of genetic information creates an additional layer of complexity by introducing an array ... Regulation of Biobanks (Symposium Proceedings), Spring 2005, pp ... Wallace HM, The development of UK Biobank: Excluding scientific controversy from ethical debate, Critical ...
Concepts, Methodologies, Tools, and Applications, 2010
This chapter addresses the issue of electronic workplace monitoring and its implications for empl... more This chapter addresses the issue of electronic workplace monitoring and its implications for employees' privacy. Organisations increasingly use a variety of electronic surveillance methods to mitigate threats to their information systems. Monitoring technology spans different ...
is an HTML working draft that led to an article publication. A reference to this work should alwa... more is an HTML working draft that led to an article publication. A reference to this work should always be done using the following citation: Dimitrios Lekkas, Stefanos Gritzalis, Lilian Mitrou, "Withdrawing a declaration of will: Towards a framework for Digital Signature Revocation", Internet Research, Vol.15, No.4
The evolution of new technologies and the spread of the Internet have led to the exchange and ela... more The evolution of new technologies and the spread of the Internet have led to the exchange and elaboration of massive amounts of data. Simultaneously, intelligent systems that parse and analyze patterns within data are gaining popularity. Many of these data contain sensitive information, a fact that leads to serious concerns on how such data should be managed and used from
... 1 Security and privacy: convergence or contradiction? Constitutional rights: beyond the... more ... 1 Security and privacy: convergence or contradiction? Constitutional rights: beyond the security challenges Lilian Mitrou/S. Katsikas University of the Aegean Page 2. Mitrou/Katsikas, Rights beyond the security challenges 2 Security ...
AI poses fundamental questions concerning its ethical, social and legal impact thus setting new c... more AI poses fundamental questions concerning its ethical, social and legal impact thus setting new challenges to privacy and data protection. Since 2016, many reports but also legislative initiatives appeared to consider and address the impact of artificial intelligence on society and law. Does AI accelerate the erosion of data protection and related fundamental rights or is there room for mitigating risks and preventing the adverse consequences of an “amplified” AI? Is GDPR applicable to AI? The GDPR applies both in the phase of AI development and with regard to its use for analyzing and decision making about individuals. The provisions of GDPR with regard to the rights of the data subjects, the obligations deriving from accountability or the obligations of processors will contour the way AI and machine learning will be developed and applied. Moreover, the GDPR comprises the elements to face the technological transformations. A first tool consists in the Data Protection Impact Assessments that have to be carried out before deployment of high-risk technologies. A second tool, strictly interrelated to DPIA is the duty to protect personal data by design that the GDPR compels to data controllers.
This policy paper presents and discusses the gaps (or problems) in the security domain where RRI ... more This policy paper presents and discusses the gaps (or problems) in the security domain where RRI can serve as a valuable tool to effectively address these gaps. As the RESPONSIBILITY project focuses on the context of RRI from a civil security technologies perspective, the intended Policy Brief (PB) aims to contribute to the on-going public discourse and development of security policies and recommendations. This policy paper highlights the urgency of the new, emerging and complex security issues, and elaborates the importance of engaging RRI as balancing instrument. In this context, RRI should be integrated in the process (particularly related to security research and innovation) to clarify and handle the on-going tension between formulating and implementing security measures and policies, and the issues related to privacy protection. Several pertinent key recommendations are further highlighted at the end of the paper for further consideration and deliberation. In the paper, pertine...
... and the nature of genetic information creates an additional layer of complexity by introducin... more ... and the nature of genetic information creates an additional layer of complexity by introducing an array ... Regulation of Biobanks (Symposium Proceedings), Spring 2005, pp ... Wallace HM, The development of UK Biobank: Excluding scientific controversy from ethical debate, Critical ...
Concepts, Methodologies, Tools, and Applications, 2010
This chapter addresses the issue of electronic workplace monitoring and its implications for empl... more This chapter addresses the issue of electronic workplace monitoring and its implications for employees' privacy. Organisations increasingly use a variety of electronic surveillance methods to mitigate threats to their information systems. Monitoring technology spans different ...
is an HTML working draft that led to an article publication. A reference to this work should alwa... more is an HTML working draft that led to an article publication. A reference to this work should always be done using the following citation: Dimitrios Lekkas, Stefanos Gritzalis, Lilian Mitrou, "Withdrawing a declaration of will: Towards a framework for Digital Signature Revocation", Internet Research, Vol.15, No.4
The evolution of new technologies and the spread of the Internet have led to the exchange and ela... more The evolution of new technologies and the spread of the Internet have led to the exchange and elaboration of massive amounts of data. Simultaneously, intelligent systems that parse and analyze patterns within data are gaining popularity. Many of these data contain sensitive information, a fact that leads to serious concerns on how such data should be managed and used from
... 1 Security and privacy: convergence or contradiction? Constitutional rights: beyond the... more ... 1 Security and privacy: convergence or contradiction? Constitutional rights: beyond the security challenges Lilian Mitrou/S. Katsikas University of the Aegean Page 2. Mitrou/Katsikas, Rights beyond the security challenges 2 Security ...
— Addressing the insider threat is a major issue in cyber and corporate security in order to enha... more — Addressing the insider threat is a major issue in cyber and corporate security in order to enhance trusted computing in critical infrastructures. In this paper we study the psycho-social perspective and the implications of insider threat prediction via social media, Open Source Intelligence, and user generated content classification. Inductively, we propose a prediction method by evaluating the predisposition towards law enforcement and authorities, a personal psychosocial trait closely connected to the manifestation of malevolent insiders. We propose a methodology to detect users holding negative attitude towards authorities. For doing so, we facilitate a brief analysis of the medium (YouTu-be), machine learning techniques and a dictionary-based approach , in order to detect comments expressing negative attitude. Thus, we can draw conclusions over a user behavior and beliefs via the content the user generated within the limits a social medium. We also use an assumption free flat data representation technique in order to decide over the user's attitude and improve the scalability of our method. Furthermore, we compare the results of each method and highlight the common behavior and characteristics manifested by the users. As privacy violations may well-rise when using such methods, their use should be restricted only on exceptional cases, e.g. when appointing security officers or decision making staff in critical infrastructures.
Uploads
Papers by Lilian Mitrou
Is GDPR applicable to AI? The GDPR applies both in the phase of AI development and with regard to its use for analyzing and decision making about individuals. The provisions of GDPR with regard to the rights of the data subjects, the obligations deriving from accountability or the obligations of processors will contour the way AI and machine learning will be developed and applied. Moreover, the GDPR comprises the elements to face the technological transformations. A first tool consists in the Data Protection Impact Assessments that have to be carried out before deployment of high-risk technologies. A second tool, strictly interrelated to DPIA is the duty to protect personal data by design that the GDPR compels to data controllers.
Is GDPR applicable to AI? The GDPR applies both in the phase of AI development and with regard to its use for analyzing and decision making about individuals. The provisions of GDPR with regard to the rights of the data subjects, the obligations deriving from accountability or the obligations of processors will contour the way AI and machine learning will be developed and applied. Moreover, the GDPR comprises the elements to face the technological transformations. A first tool consists in the Data Protection Impact Assessments that have to be carried out before deployment of high-risk technologies. A second tool, strictly interrelated to DPIA is the duty to protect personal data by design that the GDPR compels to data controllers.