Homework 1: Analysing the explicit, implicit and emergent properties of a system of your choice
Your task for the first homework is to do what we did in Seminar 1, but with a system/initiative of your choosing. Please do as follows.
Pick a novel data-driven service according to the following conditions.
- A core part of the service is that it uses either the personal data of people or the business secrets of companies.
- You have either read about, researched or built it. It doesn't have to be an existing/implemented system, it can be a proposed one.
- There a no confidentiality clauses that you might be breaking by writing about that system.
For examples, see the systems we read about in the first seminar.
As your homework, please send a write-up (PDF format preferred) with the following sections
- Title (name of the system)
- Description of the system - what does/would it do? (Up to 1 paragraph)
- Stakeholders who would be touching the data in some way. Please distinguish data owners, the service provider and result users. For each stakeholder, state their role in the system. (Up to 3 short paragraphs)
- Explicit properties. Describe the communicated functionality of the system, expected impact, used technology, operating concepts and if any privacy control measures have been used. (Up to 3-4 paragraphs of reasonable length)
- Emergent/implicit properties. Analyse the system from the point of impact to the personal/confidential data. What kind of leakages are possible? How could these leakages be used? What could the impact to data owners/subjects be? You may refer to sources you've read here, but my expectations is that you are capable of providing additional analysis of your own (Up to 3-4 paragraphs of reasonable length)
- References: source material that you have used, preferably public materials I could review and compare to your work (see above for the use of confidential source materials).
Additional terms:
- The homework is individual. You are expected to do your own thinking in the analysis section.
- The whole document should not be longer than two A4-sized pages.
- It is not forbidden to describe the same system as someone else on your course. However, if that happens and the results look like academic plagiarism (e.g., identical sentences, uncannily similar analysis etc) when analysed by at least three members of the course team, both students will get 0 points for this homework.
- If you will be late, please alert the lecturer in advance.
Deadline: February 26th, 2023, 23:59 EET.
Delivery: upload through the course website (see below)
For inspiration, you can read a recent analysis by the lecturer below (unfortunately, the English version is only in the shape of a Twitter thread, but you can run the Estonian articles through some online translation service). Note that there is no expectation that you can currently suggest Privacy Enhancing Technologies for the solution. That will come by the end of the course.
- Source article: Testimisse jõuab riiklik e-majutuskaart, mis informeerib politseid tagaotsitavatest (October 2019)
- English analysis (short): Twitter thread (October 2019)
- Estonian analysis (a bit more detailed): Andmeteadlane: kuidas ehitada täiesti anonüümset elektroonset majutuskaarti? (November 2019)
- Position of the Estonian Data Protection Authority: Inspektsioonile teeb muret hotellikülaliste andmete automaatne kogumine (February 2020)