Portal de Periódicos da CAPES

Protecting privacy in automated transaction systems: A legal and technological perspective in the European Union

2010; Taylor & Francis; Volume: 24; Issue: 2 Linguagem: Inglês

10.1080/13600861003748243

1364-6885

Faye Fangfei Wang, Nathan Griffiths,

Privacy, Security, and Data Protection

Abstract In the past, spies could enter one's residence, organisations or companies and collect valuable information such as personal sensitive data, trade secrets or transaction records. Nowadays, the open architecture of the Internet has generated an environment in which there are more opportunities to quickly and easily obtain data than there used to be, as a variety of sensitive information can be captured on the Internet without a physical presence in the location where the data is situated. Privacy rights have consequently become more vulnerable to attack. This paper will discuss the current legal framework of ePrivacy protection in the European Union (EU), examine the state-of-the-art technologies for service-oriented computing, evaluate practical obstacles and propose possible solutions to establish trust in privacy management. Keywords: privacydata protectionservice-oriented computing Notes BBC Radio 4, ‘High Frequently Trading’, program number: 09VQ4560LH0, Tuesday 3 November 2009, 20.00–20.40. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, Official Journal L 281, 23 November 1995, P. 0031–0050. Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), Official Journal L 201, 31 July 2002, P. 0037–0047. EDPS second Opinion on ePrivacy Directive review and security breach: privacy safeguards need to be strengthened, Press Release, Brussels, Monday 12 January 2009. Second opinion of the European Data Protection Supervisor on the review of Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), O.J. C 128/33, 6 June 2009. D. Cooper et al., ‘Security Breach Notification in Europe on the Horizon’, World Data Protection Report, October 2006. Y. Shoham, ‘An Overview of Agent-Oriented Programming’, in Software Agents (Menlo Park, CA: AAAI Press, 1997). M. Wooldridge, Reasoning About Rational Agents (Cambridge, MA: MIT Press, 2000). D. Booth et al., ‘Web Services Architecture’, available at http://www.w3.org/TR/ws-arch/ (accessed 16 February 2010). M. Colan, ‘Service-Oriented Architecture Expands the Vision of Web Services, Part 1’, available at http://www.ibm.com/developerworks/webservices/library/ws-soaintro.html (accessed 16 February 2010). OASIS, ‘OASIS Reference Architecture for SOA Foundation, Version 1.0’, OASIS Public Review Draft 1, available at http://docs.oasis-open.org/soa-rm/soa-ra/v1.0/soa-ra-pr-01.pdf (accessed 16 February 2010). S. Meng and F. Arbab, ‘QoS-driven Service Selection and Composition’, in Proceedings of the 8th International Conference on Application of Concurrency to System Design, Xi'an, China, 23–27 June 2008. C. Anderson, ‘Atoms are the New Bits – the New Industrial Revolution’, Wired (UK), March 2010, 76–85. Council Decision (2009/…/CFSP/JHA) of on the signing, on behalf of the European Union, of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging Data from the European Union to the United States for purposes of the Terrorist Finance Tracking Program, Council of the European Union, Brussels, 27 November 2009, 16110/09, JAI 838, USA 101, RELEX 1082, DATAPROTECT 73, ECOFIN 805. OECD Working Party on Information Security and Privacy, ‘Privacy Online: Policy and Practice Guidance’, DSTI/ICCP/REG(2002)3/FINAL, 21 January 2003. Group of Experts on Information Security and Privacy, ‘Implementing the OECD “Privacy Guidelines” in Electronic Environment: Focus on the Internet’, DSTI/ICCP/REG(97)6/FINAL, 9 September 1998. R.J. Mann, Electronic Commerce, 2nd ed. (New York: Aspen Publishing, 2005), p. 227.