Közlemény:34142535
Egyeztetett
Forrás Idéző Folyóiratcikk
(Szakcikk ) Tudományos
Nyelv: Magyar Az informatikai és információbiztonság olyan fontos a KKV-k életében, mint a sivatagban
az oázis. A vállalatok versenyképességéhez nagyban hozzájárul a biztonság szintje,
amely terület erősen alulreprezentált a KKV-szektorban. A tanulmány arra a kérdésre
keresi a választ, miszerint valóban megfigyelhető-e, hogy a sürgetett digitalizáció
negatív hatással van az információbiztonsági szintre nézve a KKV-k életében Magyarországon.
Az elemzés főként az e-kereskedelemben aktívan részt vevő cégekre terjed ki. Magyarországon
és az Európai Unióban összehasonlítva kimutathatók az információbiztonsággal és adatvédelemmel
kapcsolatos trendek, amelyekből látható a területet érintő elmaradottság. A tanulmány
a Digiméter 2020, 2021 és 2022-es kvantitatív kutatásának eredményét mutatja be, emellett
az Európai Unió által biztosított DESI-index (Digital Economy and Society Index) és
NCSI (National Cybersecurity Index) nyilvános adatait dolgozza fel. A kutatás várható
eredménye igazolja, hogy Magyarországon jól látható az információbiztonság kiforratlansága. Szakcikk (Folyóiratcikk) | Tudományos[34142535] [Egyeztetett]
Budapesti Corvinus Egyetem, Közgazdasági és Gazdaságinformatika
Doktori Iskola.,Disszertáció benyújtásának éve:
2022,Védés éve: 2023Megjelenés/Fokozatszerzés
éve: 2023
Közlemény:33720935
Egyeztetett
Forrás Idéző Disszertáció
(PhD ) Tudományos
Nyelv: Angol Three competing forces are shaping the concept of European Privacy by Design (PbD):
laws and regulations, business goals and architecture designs. These forces carry
their own influence in terms of ethics, economics, and technology. In this research
we undertook the journey to understand the concept of European PbD. We examined its
nature, application, and enforcement. We concluded that the European PbD is under-researched
in two aspects: at organizational level (compared to the individual level); and mainly
in the way it is enforced by authorities. We had high hopes especially with regards
to the latter, and eager to bring significant scientific contribution on this field.
We were interested to learn if data protection authorities are having such impacts
looking at European PbD, that can pioneer new approaches to privacy preservation.
This is why we elaborated on possible ways to measure their activity, in a manner
that both legal and non-legal experts can understand our work. We promised a response
to the research question can the enforcement of European PbD be measured and if yes,
what are possible ways to do so? We conducted data analytics on quantitative and qualitative
data to answer this question the best way possible. Our response is a moderate yes,
the enforcement of PbD can be measured. Although, at this point, we need to settle
with only good-enough ways of measure and not dwell into choosing the most optimal
or best ways. One reason for this is that enforcement of PbD cases are highly customized
and specific to their own circumstances. We have shown this while creating models
to predict the amount of administrative fines for infringement of GDPR. Clustering
these cases was a daunting task. Second reason for not delivering what could be the
best way of measure is lack of data availability in Europe. This problem has its roots
in the philosophical stance that the European legislator is taking on the topic of
data collection within the EU. Lawmakers in Europe certainly dislike programs that
collect gigantic amounts of personal data from EU citizens. Third reason is a causal
link between the inconsistent approach between the data protection authorities’ practices.
This is due to the different levels of competencies, reporting structures, personnel
numbers, and experience in the work of data protection authorities. Looking beyond
the above limitations, there are certainly ways to measure the enforcement of European
PbD. Our measurements helped us formulate the following statements: a. The European
PbD operates in ‘data saver’ mode: we argue that analogous to the data saving mode
on mobile phones, where most applications and services get background data only via
Wi-Fi connection, in Europe data collection and data processing is kept to minimal.
Therefore, we argue that European PbD is in essence about data minimization. Our conviction
that this concept is more oriented towards data security have been partially refuted.
b. The European PbD is platform independent: we elaborated in the thesis on various
infrastructures and convergent technologies that found compatibility with the PbD
principles. We consider that the indeed the concept is evolutionary and technology
–neutral. c. The European PbD is a tool obligation: we argue that the authorities
are looking at PbD as a tool utilization obligation. In a simple language, companies
should first perform a privacy impact assessment in order to find out which tools
are supporting their data processing activities and then implement these, as mandated
PbD. d. The European PbD is highly territorial: we reached the conclusion that enforcement
of PbD is highly dependent on geographical indicators (i.e. countries and counties).
The different level of privacy protection cultures are still present in Europe. On
a particular level, what is commonly true across all countries is that European PbD
mandates strong EU data sovereignty. PhD (Disszertáció) | Tudományos[33720935] [Egyeztetett]
Rijeka,
Horvátország : Croatian Society for Information and Communication
Technology Electronics and Microelectronics (MIPRO)(2023) pp. 1521-1525. , 5 p.
Rijeka, Horvátország : Croatian
Society for Information and Communication Technology Electronics and Microelectronics
(MIPRO)(2022) pp. 1240-1244.
, 5 p.
Konferencia előadás, International
Academic Conference of PhD. Students and Young Researchers, Milestones of Law in the
Area of Central Europe 2021 Conference, 24-25 June 2021, Bratislava, Slovakia,
Közlemény:32083364
Nyilvános
Forrás Egyéb
(Nem besorolt ) Tudományos
Nyelv: Angol Nem besorolt (Egyéb) | Tudományos[32083364] [Nyilvános]
Közlemény:31676254
Nyilvános
Forrás Egyéb
(Nem besorolt ) Tudományos
Nyelv: Angol Controllers, processors, joint-controllers and sub-processors: they are all liable.
Up to date these participants have managed to generate a fund of €470 mill. from 240
issued fines. With the help of multivariate statistical methods and machine learning,
researchers should be able to scan for correlations between cases and features – if
any. This is a promising field to understand the behavior of various data protection
authorities (DPAs) across EU. Figures show that certain DPAs are more active than
others when it comes to number of fines issued, whereas some DPAs are aiming for less
numbered, but greater monetary penalties.
This paper shall focus on establishing a prediction algorithm using R programming
language. The scope is to study the determining factors for fines issued under various
articles of the General Data Protection Regulation (GDPR) and to construct a model,
which simply predicts the amount of future fines. To this extent, as the first step
data must be collected, structured, cleaned and prepared for analysis. This is a crucial
step for the analysis. The next phase should include variable determinations and the
construction of regression models. Last, but not least, we will test the accuracy
of the models and conclude which one has the best prediction rate. The applicability
of the results is still debatable due to the primal stage of the prediction model
and future work points into the direction of defining a unified variable catalogue
to get most accurate results. Nem besorolt (Egyéb) | Tudományos[31676254] [Nyilvános]
Közlemény:31676252
Nyilvános
Forrás Egyéb
(Nem besorolt ) Tudományos
Nyelv: Angol Controllers, processors, joint-controllers and sub-processors: they are all liable.
Up to date these participants have managed to generate a fund of €470 mill. from 240
issued fines. With the help of multivariate statistical methods and machine learning,
researchers should be able to scan for correlations between cases and features – if
any. This is a promising field to understand the behavior of various data protection
authorities (DPAs) across EU. Figures show that certain DPAs are more active than
others when it comes to number of fines issued, whereas some DPAs are aiming for less
numbered, but greater monetary penalties.
This paper shall focus on establishing a prediction algorithm using R programming
language. The scope is to study the determining factors for fines issued under various
articles of the General Data Protection Regulation (GDPR) and to construct a model,
which simply predicts the amount of future fines. To this extent, as the first step
data must be collected, structured, cleaned and prepared for analysis. This is a crucial
step for the analysis. The next phase should include variable determinations and the
construction of regression models. Last, but not least, we will test the accuracy
of the models and conclude which one has the best prediction rate. Nem besorolt (Egyéb) | Tudományos[31676252] [Nyilvános]