Noteworthy Information
[Avançado] Healthchain: uma nova estrutura sobre a preservação da privacidade de registros eletrônicos de saúde usando a tecnologia blockchain

A privacidade dos registros eletrônicos de saúde (EHRs) está enfrentando um grande obstáculo com a terceirização de dados privados de saúde na nuvem, pois existe o perigo de vazamento de informações de saúde para partes não autorizadas. Na verdade, os EHRs são armazenados em bancos de dados centralizados, o que aumenta a área de cobertura do risco à segurança e exige confiança em uma única autoridade que não pode proteger os dados de ataques internos com eficácia. Esta pesquisa se concentra em garantir a privacidade do paciente e a segurança dos dados, enquanto compartilha os dados confidenciais entre organizações iguais ou diferentes, bem como provedores de saúde em um ambiente distribuído.

[Advanced] Healthchain: A novel framework on privacy preservation of electronic health records using blockchain technology

The privacy of Electronic Health Records (EHRs) is facing a major hurdle with outsourcing private health data in the cloud as there exists danger of leaking health information to unauthorized parties. In fact, EHRs are stored on centralized databases that increases the security risk footprint and requires trust in a single authority which cannot effectively protect data from internal attacks. This research focuses on ensuring the patient privacy and data security while sharing the sensitive data across same or different organisations as well as healthcare providers in a distributed environment.

Transforming Data Flow Diagram for Privacy Compliance

In this paper, weprovide an explicit algorithm and a proof-of-concept implementation to transform Data Flow Diagrams into Privacy-Aware DataFlow Diagrams. Our tool assists software engineers in the critical but error-prone task of systematically inserting privacy checksduring design (they are automatically added by our tool) while still allowing them to inspect and edit if necessary.

Transformando o diagrama de fluxo de dados para conformidade com as políticas de privacidade

Neste artigo, fornecemos um algoritmo explícito e uma implementação de prova de conceito para transformar diagramas de fluxo de dados em diagramas de fluxo de dados voltados para a privacidade. Nossa ferramenta auxilia os engenheiros de software na tarefa crítica, mas sujeita a erros, de inserir sistematicamente verificações de privacidade durante o projeto (elas são adicionadas automaticamente por nossa ferramenta) enquanto ainda permite que inspecionem e editem, se necessário.


In this paper, weprovide an explicit algorithm and a proof-of-concept implementation to transform Data Flow Diagrams into Privacy-Aware DataFlow Diagrams. Our tool assists software engineers in the critical but error-prone task of systematically inserting privacy checksduring design (they are automatically added by our tool) while still allowing them to inspect and edit if necessary.

Logged out: Ownership, exclusion and public value in the digital data and information commons

Abstract: In recent years, critical scholarship has drawn attention to increasing power differentials between corporations that use data and people whose data is used. A growing number of scholars see digital data and information commons as a way to counteract this asymmetry. In this paper I raise two concerns with this argument.

Desconectado: propriedade, exclusão e valor público nos dados digitais e informações comuns

Resumo: nos últimos anos, estudos críticos têm chamado a atenção para o aumento dos diferenciais de poder entre as empresas que usam dados e as pessoas cujos dados são usados. Um número crescente de estudiosos vê os dados digitais e os bens comuns de informação como uma forma de neutralizar essa assimetria. Neste artigo, levanto duas preocupações com esse argumento.

All the Ways Slack Tracks You—and How to Stop It

From changing privacy settings to putting limits on those infuriating notifications, here’s how to take control of Slack.

Todas as maneiras que o Slack rastreia você - e como impedi-lo

De alterar as configurações de privacidade a colocar limites nessas notificações irritantes, veja como assumir o controle do Slack.

Making context the central concept in privacy engineering

There is a gap between people’s online sharing of personal data and their concerns about privacy. Till now, this gap is addressed by attempting to match individual privacy preferences with service providers’ options for data handling. This approach has ignored the role different contexts play in data sharing. This paper aims at giving privacy engineering a new direction putting context centre stage and exploiting the affordances of machine learning in handling contexts and negotiating data sharing policies.

Fazendo do contexto o conceito central na engenharia de privacidade

Há uma lacuna entre o compartilhamento online de dados pessoais das pessoas e suas preocupações com a privacidade. Até agora, essa lacuna é abordada ao tentar combinar as preferências de privacidade individuais com as opções dos provedores de serviço para tratamento de dados. Essa abordagem ignorou o papel que diferentes contextos desempenham no compartilhamento de dados. Este artigo tem como objetivo dar à engenharia de privacidade uma nova direção, colocando o contexto no centro do palco e explorando as possibilidades do aprendizado de máquina para lidar com contextos e negociar políticas de compartilhamento de dados.



Purism - Financie seu aplicativo

Um verdadeiro sistema operacional de código aberto para celular que não possui posições políticas?

Purism - Fund Your App

A real open-source OS for mobile phone that has no political stances?

Uma estrutura baseada em blockchain para compartilhamento de registros médicos eletrônicos com controle de acesso refinado

Bom trabalho Universidade de Wuhan. É ótimo ver engenheiros chineses trabalhando em plataformas relacionadas a dados pessoais. No entanto, precisava de um passo extra para se tornar mais centrado no ser humano. O paciente deve ter controle total, não o médico.

A blockchain-based framework for electronic medical records sharing with fine-grained access control

Good job Wuhan University. It is great to see Chinese engineers working on personal data related platform. However, needed one extra step to become more human-centric. The patient should have the full control not the doctor.

Librem 5 phoneがキャンペーンを展開中。スマホの仕様を決めるのはあなたです

Purismが開発するLibrem 5 phoneは、PureOSというGNU/Linux OSで稼働します。展開中の「Fund Your Appキャンペーン」では、より使いやすいツールにするため利用者に対して、搭載して欲しいアプリを公募しています。投票には寄付金を添えます。PureOSは民主的な、携帯電話向けの真のオープンソースOSとなるでしょうか?

Measurement-based evaluation of Google/Apple Exposure Notification API for proximity detection in a light-rail tram

This paper describes results of a Covid-19 contact tracing app measurement study carried out on a standard design of European commuter tram. The measurements indicate that in the tram there is little correlation between Bluetooth received signal strength and distance between handsets. The paper applies the detection rules used by the Italian, Swiss and German apps to measurement data and also characterised the impact on performance of changes in the parameters used in these detection rules.

Google/Apple Exposure Notification APIを用いた軽便路面電車における近接検知のための測定評価


Avaliação baseada em medição da API de notificação de exposição do Google/Apple para detecção de proximidade em um bonde elétrico

Este artigo descreve os resultados de um estudo de medição de aplicativo de rastreamento de contato Covid-19 realizado em um projeto padrão de bonde suburbano europeu. As medições indicam que no bonde há pouca correlação entre a intensidade do sinal recebido pelo Bluetooth e a distância entre os aparelhos. O artigo aplica as regras de detecção usadas pelos aplicativos italiano, suíço e alemão aos dados de medição e também caracterizou o impacto no desempenho das mudanças nos parâmetros usados ​​nessas regras de detecção.

Data Stewardship Literature Catalog

John Wunderlich shared the huge collections of projects and publications in the data stewardship field.

"A data steward is a role within an organization responsible for utilizing an organization's data governance processes to ensure fitness of data elements - both the content and metadata" - Definition from Wikipedia


John Wunderlich氏は、データスチュワードシップ分野の膨大なプロジェクトや出版物のコレクションを共有しました。


Catálogo de literatura de gerenciamento de dados

John Wunderlich compartilhou as enormes coleções de projetos e publicações na área de gerenciamento de dados.

"Um administrador de dados é uma função dentro de uma organização responsável por utilizar os processos de governança de dados de uma organização para garantir a adequação dos elementos de dados - tanto o conteúdo quanto os metadados" - Definição da Wikipedia.

Como o uso da desinformação como arma pode derrubar a rede elétrica de uma cidade

A mídia social tornou possível manipular as massas por meio de desinformação e notícias falsas em uma escala sem precedentes. Isso é particularmente alarmante do ponto de vista da segurança, pois os humanos provaram ser um dos elos mais fracos na proteção de infraestruturas críticas em geral e da rede elétrica em particular.

How weaponizing disinformation can bring down a city’s power grid

Social media has made it possible to manipulate the masses via disinformation and fake news at an unprecedented scale. This is particularly alarming from a security perspective, as humans have proven to be one of the weakest links when protecting critical infrastructure in general, and the power grid in particular.

Como a criptografia diminui as comunidades marginalizadas

Falando em uma conferência de prestígio sobre criptografia neste mês, Seny Kamara convocou o campo para reconhecer seus pontos cegos - e corrigi-los. A palestra, apelidada de Crypto for the People (YouTube Video, 1:04 horas) e proferida em 19 de agosto, examinou a questão de quem realmente se beneficia com as tecnologias de criptografia e avanços na pesquisa criptográfica.


今月、著名な暗号会議で講演したSeny Kamaraさんは、業界にある死角を認識して修正するよう呼びかけました。
8月19日に行われたこの講演では、Crypto for the People(YouTubeビデオ、1時間4分)と呼ばれ、暗号化技術と暗号化研究の進歩から誰が本当に恩恵を受けるのかという問題について検討しました。

How Cryptography Lets Down Marginalized Communities

Speaking at a prestigious crypto conference this month, Seny Kamara called on the field to recognize its blind spots—and fix them.
The talk, dubbed Crypto for the People (YouTube Video, 1:04 hours) and given on August 19, examined the question of who really benefits from encryption technologies and advances in cryptographic research.

Digital Inequality During a Pandemic

A quantitative study of differences in COVID-19–related internet uses and outcomes among the general population.



Desigualdade digital durante uma pandemia

Um estudo quantitativo das diferenças nos resultados e usos da Internet relacionados ao COVID-19 entre a população em geral.

Cellphone Data Shows How Las Vegas Is “Gambling With Lives” Across the US

Las Vegas casinos, open for months now, are a likely hotbed for the spread of COVID-19. For many reasons, contact tracing has proved next to impossible as tourists return to homes across the U.S.

Dados de celulares mostram como Las Vegas está “brincando com vidas” nos EUA

Os cassinos de Las Vegas, abertos há meses, são um provável foco para a disseminação do COVID-19. Por muitos motivos, o rastreamento de contatos provou-se quase impossível, pois os turistas voltam para suas casas nos EUA.



People-Centered (Not Tech-Driven) Design

Technology driven design usually fails. Examples are given to support why people-centered design is inevitable.

Design centrado nas pessoas (e não direcionado à tecnologia)

O design impulsionado pela tecnologia geralmente falha. Por isso, trouxemos exemplo justificar porque o design centrado nas pessoas é inevitável.



How Many Ads And Trackers Does ONE Page Load?

Some Banking Websites Have Third Party Trackers on Login Pages. Just like the danger of malicious code slipping into ads on mainstream sites, the presence of third party javascript trackers on the login page of the bank means there are increased risk of privacy compromise or worse.

Quantos anúncios e rastreadores UMA página carrega?

Alguns sites bancários possuem rastreadores de terceiros nas páginas de login. Assim como o perigo de códigos maliciosos entrarem em anúncios em sites populares, a presença de rastreadores javascript de terceiros na página de login do banco significa que há um risco maior de comprometer a privacidade, ou pior.

How Many Ads And Trackers Does ONE Page Load?

Some Banking Websites Have Third Party Trackers on Login Pages. Just like the danger of malicious code slipping into ads on mainstream sites, the presence of third party javascript trackers on the login page of the bank means there are increased risk of privacy compromise or worse.

As gerações futuras merecem bons antepassados. Você será um?

Os vivos, os mortos e os que ainda não nasceram, estão todos aqui conosco: devemos respeitar seus interesses e seu mundo tanto quanto os nossos.

Future generations deserve good ancestors. Will you be one?

The living, the dead and the unborn are all here with us: we must respect their interests and their world as much as our own.

O Valor de Segurança da Ineficiência

Bruce Schneier sobre eficiência e ineficiência em tempos de Covid-19.

The Security Value of Inefficiency

Bruce Schneier about efficiency and inefficiency in times of Covid-19.

A Slack’s Engineer System to Using Slack Efficiently

How to customize Slack so you get the notifications you need — when you need to get them

O Livro de Atividades do Organizador

O Livro de Atividades do Organizador é um recurso de autoaprendizagem do Projeto Dados e Ativismo da Tactical Tech. O livro é uma coleção de exercícios divertidos para organizadores da sociedade civil que trabalham com dados pessoais de defensores de direitos humanos, investigadores, ativistas e outros que participam de ações sociais ou políticas.

The Organiser's Activity Book

The Organiser’s Activity Book is a self-learning resource from Tactical Tech’s Data and Activism project. The book is a collection of playful exercises for organisers within civil society who work with the personal data of human rights defenders, investigators, campaigners, and others who are taking part in social or political action.

Data Trusts: Ethics, Architecture and Governance for Trustworthy Data Stewardship

A data trust works within the law to provide ethical, architecturaland governancesupport for trustworthy data processing.

Book: The Smart Enough City

Why technology is not an end in itself, and how cities can be “smart enough,” using technology to promote democracy and equity.

Princeton-Leuven Longitudinal Corpus of Privacy Policies

We are releasing a reference dataset of over 1 million privacy policy snapshots from more than 100,000 websites, spanning over two decades.

Leaked Reports Show EU Police Are Planning a Pan-European Network of Facial Recognition Databases

The proposal to link the EU’s facial recognition databases would likely connect them to the U.S. as well, in a massive consolidation of biometric data.

Modern Mass Surveillance: Identify, Correlate, Discriminate

Communities across the United States are starting to ban facial recognition technologies. In all cases, modern mass surveillance has three broad components: identification, correlation and discrimination. Read more on Bruce Schneier’s blog on Security.

Privacy, Data, and the Consumer: What US Thinks About Sharing Data

As GDPR becomes the norm, are marketers able to walk the tight-rope of consumer data and privacy? Acxiom and DMA study consumers’ take on data sharing.

Nearly 90% of European websites do not respect privacy regulations

Only one in ten European websites respects the General Data Protection Regulation (GDPR), the European privacy law, according to a study by MIT, UCL and Aarhus Universiteit.

Science Conferences Are Stuck in the Dark Ages

Exhausting, expensive, and exclusive, these conferences needs to be modernized. The future of science depends on it.

How Big Tech Manipulates Academia to Avoid Regulation

A Silicon Valley lobby enrolled elite academia to avoid legal restrictions on artificial intelligence.

Fighting for digital equity, in Canada and beyond

Equitable access to the internet is a communication right. As the Alliance for Affordable Internet (A4AI) points out, not only is the internet a pathway to information, communication, and economic opportunity, it is increasingly necessary to access basic commercial and public services. As more of the world becomes digital, those unable to connect will inevitably be left behind.

The Open Application Network

Solving the unintended consequences of platform economies. The OAN is a public infrastructure that creates a new design space for Open Applications.

Why scam calls seem to be on the rise - Wait, There’s More (Audio: 24:41min)

Host Tamara Khandaker is joined in studio by John Wunderlich, a privacy and security consultant, to discuss the uptick in phone call scams, and if there’s any way to actually stop them.

Finland Leads The Way In The Secondary Use Of Health And Social Care Data (Podcast: 5:19min)

Medical data are considered particularly sensitive personal information. Laws and regulations in most countries, including the USA and throughout Europe, generally aim to restrict sharing such information with the target of building privacy walls around each person’s data. But making such health data available more broadly is key to improved medical care, research and the advance of health science. Finland is the first country known to have adopted an approach to allow third parties to access health data for the purposes of scientific research, drug and health technology development and knowledge-based management in social and health care.

What’s a Digital Bill of Rights Without Enforcement?

Google and Facebook are backers of the Contract for the Web, which lists privacy as a core principle. But the companies continue to slurp up user data.

Tools Overview Online

This is actually a summary post from a discussion on Slack of valuable online resources for recommended tools by @teemu.rpoonen, @John W., @Sille, and @Iain. Please also note that Tools is one of the focus topics in 2020 for MyData.

The Best Privacy-Friendly Apps For iPhones & iPads

A recommendation of privacy-friendly apps for use with iPhones and iPads.

Policymaking must catch up with technology - before it's too late

World Economic Forum: As technology continues to permeate society, surviving the future depends on bringing technologists and policymakers together. Here's how we might achieve it.

The Global South Is Redefining Tech Innovation

Top-down, unsustainable Silicon Valley needs to learn from Africa, South Asia, and South America, where tech is built for and by users.

Greece: The new data protection law raises concerns

The much awaited new Greek data protection law has been criticised for the lack of conformity of its provisions with the EU General Data Protection Regulation (GDPR).

MyData in the Smart City

The question is not whether a human-centric smart city can be built. The question is whether the citizen will be put at the center of their own data to make a wise city.

From smart to rebel city? Worlding, provincialising and the Barcelona Model

This article examines the evolution of the ‘Barcelona Model’ of urban transformation through the lenses of worlding and provincialising urbanism. We trace this evolution from an especially dogmatic worlding vision of the smart city, under a centre-right city council, to its radical repurposing under the auspices of a municipal government led, after May 2015, by the citizens’ platform Barcelona en Comú.

Digital Dystopia: How Algorithms Punish the Poor

The Guardian has spent the past three months investigating how billions are being poured into AI innovations that are explosively recasting how low-income people interact with the state. Together, our reporters in the US, Britain, India and Australia have explored what amounts to the birth of the digital welfare state.

Big Data from the South(s): Beyond Data Universalism

This article introduces the tenets of a theory of datafication of and in the Souths. It calls for a de-Westernization of critical data studies, in view of promoting a reparation to the cognitive injustice that fails to recognize non-mainstream ways of knowing the world through data.

10 Best Secure Email Services to Project Your Privacy

Don't want your email service providers snooping on your emails? Here are the most secure email services that ensure your data remain private.

SMART CITY: Privacy (Video: 1:16min)

Google's sister company Sidewalk is proposing a large urban development project in Toronto - without any prior development experience. Privacy, privatization and governance concerns are worrying residents and government alike, despite a massive two-year lobbying campaign by Google. Ambiguous language in the proposal suggests that public spaces may not be so public, and that some of the most valuable land in North America may be handed over at a discount to one of the world's richest companies.

Blue Book: Privacy Design Strategies

We want to determine by ourselves which personal details we share with others, and how they are used. We don’t want everyone to know what we do or think. We don’t want our boss to know what we discuss with our friends. We don’t want our personal information to be misinterprete doutside the original context. In other words, we want some privacy please.

'Digital' becomes a top priority for the EU Commission

Today, President-elect of the EU Commission, Ursula von der Leyen, revealed the list of nominated commissioners who will constitute the new College of Commissioners of the European Union for the next five years. The least we can say is that she has set the bar very high when it comes to regulating the digital economy. None less than three commissioners have been tasked with overseeing the digital economy within the European Union: Margrethe Vestager (digital watchdog), Didier Reynders (data protection commissioner), and Sylvie Goulard (promoter of the Digital Single Market)

2019 Privacy Tech Vendor Report

The privacy tech vendor market continues to mature as more organizations around the world adopt products and services that help automate and streamline necessary functions for the privacy office and enterprise as a whole.

App attempts a rare trick in China: Online Privacy

In a country where privacy protections are considered weak and anything-goes data collection has become the norm, Chinese tech entrepreneur Yang Geng stands out. His service, LeakZero, helps people surf the web anonymously, protect passwords and send encrypted messages. By design, he can’t find out the names of the app’s users or even know how many there are. It doesn’t have a so-called ‘back door.’

The Algorithmic Colonization of Africa

Startups are importing and imposing AI systems founded on individualistic and capitalist drives. “Mining” people for data is reminiscent of the colonizer attitude that declares humans as raw material.

Information gerrymandering in social networks skews collective decision-making

An analysis shows that information flow between individuals in a social network can be ‘gerrymandered’ to skew perceptions of how others in the community will vote — which can alter the outcomes of elections.

Privacy matters because it empowers us all

Don’t just give away your privacy to the likes of Google and Facebook – protect it, or you disempower us all.

Deconstructing Google’s excuses on tracking protection

It is disappointing—but regrettably unsurprising—that the Chrome team is cloaking Google’s business priorities in disingenuous technical arguments.

Towards the Uberisation of Legal Practice

Uber and Airbnb signify new ways of working and doing business by facilitating direct access to providers through new digitalised platforms. The gig economy is also beginning to percolate into legal practice through what is colloquially known as NewLaw.

The New Wilderness

The need to regulate online privacy is a truth so universally acknowledged that even Facebook and Google have joined the chorus of voices crying for change.

Questions Asked
MyData position on proposed sale of .org domain

AFollowing widespread protest over the proposed sale of the .ORG domain by the Public Interest Registry to a private equity fund, ICANN posted a response. Should MyData also openly take a stance?

Ban Facial Recognition

Should MyData Global sign this as an organization?

Wanted: Policy Advisor!

EDRi's Brussels office is looking for a Policy Advisor to support the Policy Team on issues such as platform regulation, cross-border access to data, privacy, data retention, Artificial Intelligence (AI), copyright and data protection.

Pulse Policy

Pulse Privacy is the simplest way to deliver a world-class website policy experience for customers and protect your business, in just a few easy clicks.


Email management app Superhuman uses a pixel tracker, turned on by default, to gather info on recipients without their knowledge.


Considering setting up a public Loomio Group. Thoughts?


Paying the privacy tax - read about building Revue who takes their readers’ privacy seriously.


This is getting some publicity. It’s Image “Cloaking” for Personal Privacy. Worth considering as a MyData tool?


User Focused Security For Teams That Slack


Beta testers have the unique opportunity to directly impact the development of the Utopia P2P Project by improving its operation, expanding its usability and increasing its functionality, all while earning rewards and enjoying yourself!


Looks like a MyData friendly option to Google Analytics.