A metadata-based architecture for user-centered data accountability
Data is rapidly changing how companies operate, offering them new business opportunities as they generate increasingly sophisticated insights from the analysis of an ever-increasing pool of information. Businesses have clearly moved beyond a focus on data collection to data use, but users have an inadequate model of notice and consent at the point of data collection to limit inappropriate use. An interoperable context-aware metadata-based architecture that allows permissions and policies to be bound to data, and is flexible enough to allow for changing trust norms, help balance the tension between users and business, satisfy regulators’ desire for increased transparency and greater accountability, and still enable data to flow in ways that provide value to all participants in the ecosystem.
KeywordsMetadata Big data Interoperability Architecture
- Ashley, P., Powers, C., & Schunter, M. (2002). From privacy promises to privacy management: A new approach for enforcing privacy throughout an enterprise (pp. 43–50). Virginia Beach: New Security Paradigms Workshop.Google Scholar
- Bohrer, K., Liu, X., Kesdogan, D., Schonberg, E., Singh, M., & Spraragen, S. L. (2001). Personal information management and distribution. The Fourth International Conference on Electronic Commerce Research (ICECR-4), (pp. 1–14). Dallas, TX.Google Scholar
- Bus, J., & Nguyen, M.-H. (2013). Personal data management—a structured discussion. In M. Hildebrandt, K. O’Hara, & M. Waidner (Eds.), Digital enlightenment yearbook 2013: The value of personal data (pp. 270–287). Amsterdam: Ios Press.Google Scholar
- Casassa Mont, M., Pearson, S., & Bramhall, P. (2003). Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services. Bristol: HP Laboratories.Google Scholar
- Cisco. (2014). Cisco visual networking index: Global mobile data traffic forecast update, 2013–2018. Cisco.Google Scholar
- European Commission. (2012). General data protection regulation. Brussels: European Commission.Google Scholar
- IDC (2011). IDC Predictions 2012: Competing for 2020. IDC.Google Scholar
- Nguyen, M.-H., Haynes, P., Maguire, S., & Friedberg, J. (2013). A user-centred approach to the data dilemma: Context, architecture, and policy. In M. Hildebrandt, K. O’Hara, & M. Waidner (Eds.), Digital enlightenment yearbook 2013: The value of personal data (pp. 227–242). Amsterdam: Ios Press.Google Scholar
- Nissenbaum, H. (2004). Privacy as contextual integrity. Washington Law Review, 79(1). Retrieved from http://papers.ssrn.com/sol3/papers.cfm?abstract_id=534622.
- Nissenbaum, H. (2011). A contextual approach to privacy online. Daedalus, The Journal of the American Academy of Arts & Sciences, 140(4), 32–48.Google Scholar
- President’s Council of Advisors on Science and Technology. (2010). Report to the president: Realizing the full potential of health information technology to improve healthcare for Americans: The path forward. Washington: Executive Office of the President.Google Scholar
- PrimeLife. (2011). Project fact Sheet. Retrieved from http://primelife.ercim.eu/about/factsheet.
- Searls, D. (2012). The intention economy: When customers take charge. Boston: Harvard Business Review Press.Google Scholar
- TNS Opinion & Social. (2011). Special Eurobarometer 359: Attitudes on data protection and electronic identity in the European union. Brussels: European Commission. Retrieved from http://ec.europa.eu/public_opinion/archives/ebs/ebs_359_en.pdf.
- Whitley, E. (2013). Towards effective consent-based control of personal data. In Digital enlightenment yearbook 2013: The value of personal data (pp. 165–176). Amsterdam: Ios Press.Google Scholar