Protecting digital identity in the cloud: Regulating cross border data disclosure

Widespread use of cloud computing and other off-shore hosting and processing arrangements make regulation of cross border data one of the most significant issues for regulators around the world. Cloud computing has made data storage and access cost effective but it has changed the nature of cross border data. Now data does not have to be stored or processed in another country or transferred across a national border in the traditional sense, to be what we consider to be cross border data. Nevertheless, the notion of physical borders and transfers still pervades thinking on this subject. The European Commission (“EC”) is proposing a new global standard for data transfer to ensure a level of protection for data transferred out of the EU similar to that within the EU. This paper examines the two major international schemes regulating cross-border data, the EU approach and the US approach, and the new EC and US proposals for a global standard. These approaches which are all based on data transfer are contrasted with the new Australian approach which regulates disclosure. The relative merits of the EU, US and Australian approaches are examined in the context of digital identity, rather than just data privacy which is the usual focus, because of the growing significance of digital identity, especially to an individual's ability to be recognized and to transact. The set of information required for transactions which invariably consists of full name, date of birth, gender and a piece of what is referred to as identifying information, has specific functions which transform it from mere information. As is explained in this article, as a set, it literally enables the system to transact. For this reason, it is the most important, and most vulnerable, part of digital identity. Yet while it is deserving of most protection, its significance has been largely under-appreciated. This article considers the issues posed by cross border data regulation in the context of cloud computing, with a focus on transaction identity and the other personal information which make up an individual's digital identity. The author argues that the growing commercial and legal importance of digital identity and its inherent vulnerabilities mandate the need for its more effective protection which is provided by regulation of disclosure, not just transfer.     

From porn to cybersecurity passing by copyright: How mass surveillance technologies are gaining legitimacy … The case of deep packet inspection technologies

Recent coverage in the press regarding large-scale passive pervasive network monitoring by various state and government agencies has increased interest in both the legal and technical issues surrounding such operations. The monitoring may take the form of which systems (and thus potentially which people) are communicating with which other systems, commonly referred to as the metadata for a communication, or it may go further and look into the content of the traffic being exchanged over the network. In particular the monitoring may rely upon the implementation of Deep Packet Inspection (DPI) technologies. These technologies are able to make anything that happens on a network visible and recordable. While in practice the sheer volume of traffic passing through a DPI system may make it impractical to record all network data, if the system systematically records certain types of traffic, or looks for specific patterns in all traffic, the privacy concerns are highly significant. The aim of this paper is twofold: first, to show that despite the increasing public awareness in relation to the capabilities of Internet service providers (ISPs), a cross-field and comparative examination shows that DPI technologies are in fact progressively gaining legal legitimacy; second to stress the need to rethink the relationship between data protection law and the right to private life, as enshrined in Article 8 of the European Convention on human rights and Article 7 of the European Charter of fundamental rights, in order to adequately confine DPI practices. As a result, it will also appear that the principle of technical neutrality underlying ISP's liability exemptions is misleading.     

Examining the risk reduction strategies of actors in online criminal markets

Research examining offender risk reduction strategies within illicit markets focus primarily on those operating in the real world for drugs and stolen goods. Few have considered the strategies that may be used by individuals in virtual illicit markets that are hidden from public view. This study addresses this gap through a grounded theory analysis of posts from 10 Russian and three English language web forums selling stolen data to engage in identity theft and fraud. The findings indicate that buyers employ multiple strategies to reduce their risk of loss from unreliable vendors, along with resources provided by forum administrators to manage relationships between participants. The implications of this study for law enforcement and offender decision-making research are also discussed.     

Deterrence and delinquency: An analysis of individual data

Is commission of crime deterred by fear of arrest? Individual self-reported data on the commission of three crimes are analyzed in relation to perceived probabilities of arrest for more than 3000 French-speaking teenagers of the Montreal school population in 1974. The crimes are shoplifting, drug use, and stealing an item worth more than $50.00. In addition to the effect of the individuals' perceptions of the probability of arrest for the three crimes, age, sex, and previous arrest record are also taken into account. The data are all categorical. A multivariate log-linear probability model is estimated in order to test hypotheses concerning the direction and magnitude of bivariate associations among the variables. We conclude that there is clear evidence of a negative association between the subjective probability of arrest for each crime and the frequency of commission of that crime. We also find some negative cross-effects of the perceptions of the probability of arrest for one type of crime on the commission of another, holding constant the direct effects.     

基于数据仓库与数据挖掘的自动指纹识别系统的探讨

通过对已有自动指纹识别系统的分析、研究 ,针对目前的自动指纹识别系统存在的建库速度慢 ,采集速度慢 ,错、漏率高 ,匹配效率差等缺陷 ,探讨了基于数据仓库和数据挖掘的自动指纹识别系统。     

从全球女性主义到跨国女性主义--兼论跨国女性主义的知识生产

当前,全球化正以摧枯拉朽之势,冲破民族国家的疆界,迅速改写着地方、国家和地区的意义。对妇女而言,全球化的发展,一方面使超越国家边界的妇女问题迅速攀升,如贫困的女性化,女性移民人口的增长,等等;另一方面也增强了妇女运动在全球范围里的连接,比如联合国的世界妇女大会,跨国NGO妇女组织和因特网。为界定这些全球化的新发展,推动全球范围内妇女运动的发展,自上世纪后期,“全球女性主义”,“跨国女性主义”的概念先后出现。本文将以上世纪70年代之后历次联合国世界妇女大会的实践为开端,进而转入对全球女性主义的思想理念——全球姐妹情谊(globalsisterhood)的分析,然后通过对跨国女性主义的实践和理论的介绍,进一步考察跨国女性主义的知识生产过程的特点。     

数据挖掘在未成年人犯罪行为分析中的应用

随着我国经济的发展,未成年人犯罪行为却有增无减,并出现了新的特征和趋势.采用数据挖掘技术对未成年犯罪人员数据进行处理,采用C4.5决策树分类算法进行尝试性的数据挖掘,从中发现未成年人犯罪的特点、原因等方面潜在的规则,就可以据此提出一些预防未成年人犯罪的对策.     

宪法实施视域中司法裁判宪法援引的实证分析

全面推进宪法实施采用广义的宪法实施内涵,有利于将宪法基本原则和宪法规范贯彻落实到国家与社会生活的各个领域。司法裁判中的宪法援引是宪法实施在司法领域的具体实践,因此,对宪法援引的实证研究能够获得宪法实施的直观印象。借助于新兴的大数据技术,检索含有宪法援引内容的裁判文书,对其进行统计学处理和分析,形成关于宪法援引案件的系统性认知。在此基础上,运用宪法学原理对宪法援引进行解析,以主体为宪法援引的区分标准,将其分解为当事人宪法援引与法院宪法援引两种不同类型,便于深入考察司法实践中宪法援引的具体方式和实际效果,进一步印证宪法援引在推进宪法全面实施过程中所具有的实践价值。     

Promoting Data Protection Standards through Contracts: The Case of the Data Security Council of India

Data protection has emerged as a major corporate and government concern worldwide. The focus is on secure handling of data so as to ensure privacy of customer data and security of corporate data. Privacy and security laws in countries are not harmonized; compliance regulations are different too. As the global hub of outsourcing, India is faced with a challenge of demonstrating compliance with varying compliance regulations in countries. The Data Security Council of India (DSCI) considers the Best Practices Approach as a practical and realistic way to enhance adherence to data security and privacy standards, and to enable a service provider to demonstrate compliance. Getting these standards recognized through contracts can promote data protection. An industry association can act as a third party self‐regulatory organization to promote these standards and enforce them among its members through certification or privacy seals, thereby helping implement data protection in international data flows.     

Buying National Ink

Abstract

Advertorials are paid messages in the media sponsored by organized interests to create and sustain a favorable political environment to pursue their respective goals. Advertorials, a form of outside lobbying, take two broad forms: (1) image advertorials designed to create a positive impression of the sponsor and a favorable climate of opinion, and (2) advocacy advertorials intended to win support for an interest's viewpoints on controversial issues. We analyze the population of 3,375 advertorials placed from 1985 through 2000 by organized interests to reach the mass audience of TIME, the most widely circulated and read weekly newsmagazine in the United States. Typologies of advertorials (11 categories), organized interests (21 categories), corporate and non-corporate economic interests (29 categories), and policy content (28 categories) are used to document over time the placement of advertorials, what types of advertorials are being used, what interests avail themselves of advertorial campaigns, which issue areas are receiving attention, what images and policy messages are being communicated, which organizations sponsor the most advertorials, and the timing of such political advertising campaigns. It is apparent by their popularity that organized interests consider advertorials to be an effective form of political communication. We find over time an increasing number of advertorials, an increasing number and diversity of sponsoring interest organizations, an increasing trend in the placement of image rather than advocacy advertorials, and a continuing but somewhat declining dominance by corporations and their associations.