Processing of Personal and Public Data

A tantárgy neve magyarul / Name of the subject in Hungarian: Személyes és közadatok kezelése

Last updated: 2018. január 26.

Budapest University of Technology and Economics
Faculty of Electrical Engineering and Informatics

Master in Business Information Systems
Elective course (to be selected)
Course ID Semester Assessment Credit Tantárgyfélév
VIETM294   3/0/0/v 4  
3. Course coordinator and department Dr. Villányi Balázs János,
4. Instructors
Name: Position: Department:
SZÉKELY, Iván CSc associate professor Department of Electronics Technology
5. Required knowledge Basic knowledge of business and administration, experience in web use.
6. Pre-requisites
Ajánlott:
None
7. Objectives, learning outcomes and obtained knowledge Course objectives: To make students familiar with the specific rules of processing of personal data, data of public interest, and data being public on grounds of public interest. Furthermore, the IT solutions at the functional and architectural levels assisting the application of these rules will also be investigated and discussed. The students will be able to evaluate systems which process personal and public data, design and operate new systems, explore problems in data processing and make suggestions for improving such systems in the administration, business and not-for-profit sectors.
8. Synopsis 1. Definition and interpretation of notions regarding the processing of personal and public data.
2. International basic principles of processing personal data, examples of applying these principles in Hungarian and EU environment.
3. International basic principles of processing data of public interest, examples of applying these principles in Hungarian and EU environment.
4. IT and organizational tasks of application of the uniform EU data protection regulation (GDPR)
5. Overview of basic data security and cryptographic methods, anonymizing protocols and their fields of application from the aspect of the uniform European data protection requirements.
6. Data protection information technology from the data controller’s side. Separation of data processing systems, authorization management, anonymizing, pseudonymizing, deletion and archiving of data.
7. Data protection information technology from the data subject’s side. Privacy Enhancing Technologies (PET). Basic PET concepts and architectures.
8. Models and IT realizations of user-centric identity management. PRIME, PrimeLife, private credentials, attribute-based credentials; IBM Identity Mixer, Microsoft U-Prove, ABC4Trust.
9. Personal data processing aspects and practice of web-based services. Attacks and defenses; privacy protection on the web. Service side privacy-friendly solutions. Replacing generally used web based services with privacy-friendly solutions and services. Visualizing tools for data protection.
10. Overview of PGP, TOR network, Bitcoin, cryptocurrencies. New, „post-Snowden" communication tools and applications (Blackphone, GoTenna, Onion Pi stb.). Evaluation criteria of secure messaging.
11. Specific areas of processing personal data. Data processing at the workplace, direct marketing by IT means. Data protection implications of future and emerging technologies. Data protection implications of Big Data.
12. Electronic freedom of information. Realizing and operating the Hungarian Central Electronic List of Public Information and the Single Public Information Retrieval System on OAI (Open Archives Initiative) grounds.
13. IT support of the openness of the preparation of legal regulations, of the parliamentary legislation, and the public access to legal regulations. IT support of the openness of the court decisions. Hungarian and international examples of access to public data: KiMitTud, WhatDoTheyKnow, AskTheEU, Data.gov
14. Legal and internal regulation of processing personal and public data. The tasks of the internal data protection officer. The data protection register.
9. Method of instruction Lectures
10. Assessment a. In the teaching period: one in-class test (minimum: pass mark)
b. A szorgalmi időszakban egy házi feladat teljesítése.
c. In the examination period: a written examination (minimum: pass mark)
d. Condition for the signature: passing the in-class test (including the repeated tests)

Active class participation and individual research work may positively influence grading.
11. Recaps The in-class test can be repeated once at the announced occasion during the teaching period, and at another announced occasion in the official recap period, subject to paying a fee.
12. Consultations Individual consultation: Upon appointment with the instructor.
13. References, textbooks and resources • an Blarkom, G. W. – Borking, J. J. – Olk, J. G. E. (eds.): Handbook of Privacy and Privacy-Enhancing Technologies. The Hague, 2003.
• Székely I. Freedom of Information versus Privacy: Friends or Foes? In: Gutwirth, S. et al (eds.): Reinventing Data Protection? Springer 2009.
• International PET Portal and Blog, https://pet-portal.eu/ (1 October 2017)
• Applications developed by the PrimeLife projects: http://primelife.ercim.eu/results/opensource/ (1 October 2017)
• D' Acquisto, G. et al.: Privacy by design in big data – An overview of privacy enhancing technologies in the era of big data analytics, ENISA (2015) https://www.enisa.europa.eu/publications/big-data-protection (1 October 2017)
• Danezis, G. et al.: Privacy and data protection by design – From policy to engineering, ENISA (2015) https://www.enisa.europa.eu/publications/privacy-and-data-protection-by-design (1 October 2017)
• https://www.privacytools.io/ (1 October 2017)
• https://www.whatdotheyknow.com/ Get answers from the government and public sector
• https://www.data.gov/ The home of the U.S. Government’s open data
14. Required learning hours and assignment
Lessons42
Preparation for classes 10
Preparation for test 12
Homework 16
Processing prescribed texts 0
Preparation for exam 40
Total120

 

15. Syllabus prepared by
Name: Position: Department:
SZÉKELY, Iván CSc associate professor Department of Electronics Technology