Advertisement

Electronic Markets

, Volume 25, Issue 2, pp 155–160 | Cite as

A metadata-based architecture for user-centered data accountability

  • Sean Maguire
  • Jeffrey Friedberg
  • M.-H. Carolyn Nguyen
  • Peter Haynes
Special Theme - Invited Paper

Abstract

Data is rapidly changing how companies operate, offering them new business opportunities as they generate increasingly sophisticated insights from the analysis of an ever-increasing pool of information. Businesses have clearly moved beyond a focus on data collection to data use, but users have an inadequate model of notice and consent at the point of data collection to limit inappropriate use. An interoperable context-aware metadata-based architecture that allows permissions and policies to be bound to data, and is flexible enough to allow for changing trust norms, help balance the tension between users and business, satisfy regulators’ desire for increased transparency and greater accountability, and still enable data to flow in ways that provide value to all participants in the ecosystem.

Keywords

Metadata Big data Interoperability Architecture 

JEL classification

O33 

References

  1. Ashley, P., Powers, C., & Schunter, M. (2002). From privacy promises to privacy management: A new approach for enforcing privacy throughout an enterprise (pp. 43–50). Virginia Beach: New Security Paradigms Workshop.Google Scholar
  2. Bohrer, K., Liu, X., Kesdogan, D., Schonberg, E., Singh, M., & Spraragen, S. L. (2001). Personal information management and distribution. The Fourth International Conference on Electronic Commerce Research (ICECR-4), (pp. 1–14). Dallas, TX.Google Scholar
  3. Bohrer, K., Levy, S., Liu, X., & Schonberg, E. (2003). Individualized privacy policy based access control. Proceedings 6th International Conference on Electronic Commerce Research (ICECR-6). Dallas, Texas.Google Scholar
  4. Bus, J., & Nguyen, M.-H. (2013). Personal data management—a structured discussion. In M. Hildebrandt, K. O’Hara, & M. Waidner (Eds.), Digital enlightenment yearbook 2013: The value of personal data (pp. 270–287). Amsterdam: Ios Press.Google Scholar
  5. Casassa Mont, M., Pearson, S., & Bramhall, P. (2003). Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services. Bristol: HP Laboratories.Google Scholar
  6. Cisco. (2014). Cisco visual networking index: Global mobile data traffic forecast update, 2013–2018. Cisco.Google Scholar
  7. Cranor, L. (2003). P3P: making privacy policies more useful. IEEE Security and Privacy, 1(6), 50–55.CrossRefGoogle Scholar
  8. European Commission. (2012). General data protection regulation. Brussels: European Commission.Google Scholar
  9. IDC (2011). IDC Predictions 2012: Competing for 2020. IDC.Google Scholar
  10. Nguyen, M.-H., Haynes, P., Maguire, S., & Friedberg, J. (2013). A user-centred approach to the data dilemma: Context, architecture, and policy. In M. Hildebrandt, K. O’Hara, & M. Waidner (Eds.), Digital enlightenment yearbook 2013: The value of personal data (pp. 227–242). Amsterdam: Ios Press.Google Scholar
  11. Nissenbaum, H. (2004). Privacy as contextual integrity. Washington Law Review, 79(1). Retrieved from http://papers.ssrn.com/sol3/papers.cfm?abstract_id=534622.
  12. Nissenbaum, H. (2011). A contextual approach to privacy online. Daedalus, The Journal of the American Academy of Arts & Sciences, 140(4), 32–48.Google Scholar
  13. President’s Council of Advisors on Science and Technology. (2010). Report to the president: Realizing the full potential of health information technology to improve healthcare for Americans: The path forward. Washington: Executive Office of the President.Google Scholar
  14. PrimeLife. (2011). Project fact Sheet. Retrieved from http://primelife.ercim.eu/about/factsheet.
  15. Searls, D. (2012). The intention economy: When customers take charge. Boston: Harvard Business Review Press.Google Scholar
  16. TNS Opinion & Social. (2011). Special Eurobarometer 359: Attitudes on data protection and electronic identity in the European union. Brussels: European Commission. Retrieved from http://ec.europa.eu/public_opinion/archives/ebs/ebs_359_en.pdf.
  17. Whitley, E. (2013). Towards effective consent-based control of personal data. In Digital enlightenment yearbook 2013: The value of personal data (pp. 165–176). Amsterdam: Ios Press.Google Scholar

Copyright information

© Institute of Information Management, University of St. Gallen 2015

Authors and Affiliations

  • Sean Maguire
    • 1
  • Jeffrey Friedberg
    • 1
  • M.-H. Carolyn Nguyen
    • 1
  • Peter Haynes
    • 2
  1. 1.MicrosoftRedmondUSA
  2. 2.Atlantic CouncilWashingtonUSA

Personalised recommendations