Automating Data Privacy Compliance through Filtering Algorithms

Demelyn E. Monzon,

Authors

Demelyn E. Monzon, Leandro Avena

Keywords:

Collaborative Filtering, Content Filtering, Data Privacy Impact Assessment, Business Process Outsourcing, Data Privacy Officers

Abstract

Implementing controls to address identified privacy risks in Business Process Outsourcing (BPO) companies presents a significant challenge for Data Privacy Officers. A well-functioning control system directly contributes to the privacy risk rate associated with each identified issue. Failure to implement controls correctly can escalate the level of privacy risk.

The researcher has developed a unique system that is integrated into a Privacy Impact Assessment (PIA) tool. This system, powered by content and collaborative filtering algorithms, takes a collaborative approach to privacy risk management. Based on the risk category of each control and historical data, it recommends controls for reducing or eliminating the risk associated with each project within the organization. A collaborative approach empowers everyone to feel responsible for the outcome, encouraging all stakeholders to actively participate in addressing privacy risks.

This study adopts a combination of developmental and descriptive approaches. Developmental research focuses on systematically designing, developing, and evaluating the recommender system for the PIA tool, ensuring it meets the requirements. Descriptive research, meanwhile, investigates common privacy risks, implementation challenges, strategies employed, and respondents' satisfaction levels with the developed system.

The thoroughness of the research findings is a testament to the potential risks in BPO facilities. Many of these facilities allow unrestricted employee access to data storage areas, leading to potential breaches. Additionally, technical issues with data processing equipment often result in accidental exposure of personal and sensitive information even after disposing of records. These identified risks directly contravene the security protocols mandated by the National Privacy Commission (NPC), which require strict physical security measures for organizations handling personal data. The comprehensive nature of these findings instills confidence in the proposed solutions, reassuring the audience about the effectiveness of the proposed system.

This research introduces a crucial solution-a recommender system integrated within a Privacy Impact Assessment (PIA) tool. This system, powered by Collaborative filtering and content filtering, is designed to effectively address the challenges posed by privacy risks in BPO companies. Its ability to analyze past assessments and suggest controls based on similar situations, as well as categorize the appropriate control type based on risk description, makes it a valuable tool for Data Privacy Officers (DPOs) and top management.

By utilizing collaborative and content-based algorithms, the system not only recommends privacy risk levels and corresponding controls for identified and newly identified risks but also includes the audience in the process. This assists Data Privacy Officers (DPOs) in reducing risk levels by lessening or eliminating the potential harm from privacy breaches and making informed decisions. The system provides recommendations for top management to ensure compliance, fostering a sense of inclusion and shared responsibility in addressing privacy risks.

Downloads

Download data is not yet available.

References

Aghdam, M. (2019). Context- aware recommender systems using hierarchical hidden Markov Model. Physica A: Statistical Mechanics and its Applications, 518(15), 89-98. https://doi.org/10.1016/j.physa.2018.11.037

Alhijawi, and Kilani. (2020). A collaborative filtering recommender system using genetic algorithm. Information Processing and Management, 56(6) https://doi.org/10.1016/j.ipm.2020.102310.

Boström and Filipsson. (2017). Comparison of User Based and Item Based Collaborative Filtering Recommendation Services. Retrieved from http://search.ndltd.org/

Cena, Console and Vernero. (2021). Logical foundations of knowledge-based recommender systems: A unifying spectrum of alternatives. Information Sciences, 546(6), 60-73. https://doi.org/10.1016/j.ins.2020.07.075

Chulyadyo, Rajani. (2016). A new horizon for the recommendation: Integration of spatial dimensions to aid decision making.

Clarke. (2016). Privacy impact assessments as a control mechanism for Australian counter-terrorism initiatives. Computer Law & Security Review, 32(3), 403-418. https://doi.org/10.1016/j.clsr.2016.01.009

Dela Cruz. (2018). Why Do We Undertake Privacy Impact Assessments (PIA)? Retrieved from http://ateneo.edu/udpo/article/Why-do-we-undertake-Privacy-Impact-Assessments-PIA

Disini and Disini Law Office. (2018). Fostering a culture of privacy through the conduct of Privacy Impact Assessments. Retrieved from https://privacy.com.ph/articles/fostering-a-culture-of-privacy-through-the-conduct-of-privacy-impact-assessments/

Dong, Zeng, Koehl, and Zhang. (2020). An interactive knowledge-based recommender system for fashion product design in the big data environment. Information Sciences, 540, 469-488. https://doi.org/10.1016/j.ins.2020.05.094

Eirinaki, Gao, Varlamis, and Tserpes. (2017). Recommender Systems for Large-Scale Social Networks: A review of challenges and solutions. Future Generation Computer Systems, 78(1), 413-418. https://doi.org/10.1016/j.future.2017.09.015

Esmaeili, Mardani, Alireza, and Golpayegani. (2020). A novel tourism recommender system in the context of social commerce. Expert Systems with Applications, 149(1). https://doi.org/10.1016/j.eswa.2020.113301

Gao, Zhang, Yu, Li, Wen, and Xiong. (2021). Recommender systems based on generative adversarial networks: A problem-driven perspective. Information Sciences, 546(6), 1166-1185. https://doi.org/10.1016/j.ins.2020.09.013

Herce-Zelaya, Porcel, Bernabe-Moreno, and Herrera-Viedma. (2020). New technique to alleviate the cold start problem in recommender systems using information from social media and random decision forests. Information Science, 536, 156-170. https://doi.org/10.1016/j.ins.2020.05.071

Sinha and Dhanalaksmi. (2020). Evolution of recommender paradigm optimization over time. Journal of King Saud University – Computer and Information Sciences, 34(4), 1047-1059. https://doi.org/10.1016/j.jksuci.2019.06.008

International Standard Organization (2018) ISO 31000 Risk Management – Principles and Guidelines on Implementation. Retrieved from https://www.iso.org/iso-31000-risk-management.html/

Lovine, Narducci, and Semeraro. (2020). Conversational Recommender Systems and natural language: A study through the ConveRSE framework. Decision Support Systems, 131. https://doi.org/10.1016/j.dss.2020.113250

Madasamy. (2019). Introduction to recommendation systems and How to design Recommendation system. Retrieved from https://madasamy.medium.com/introduction-to-recommendation-systems-and-how-to-design-recommendation-system-that-resembling-the

Margaris, Vassilakis, Spiliotopoulos. (2020). What makes a review a reliable rating in recommender systems? Information Processing and Management, 57(6). https://doi.org/10.1016/j.ipm.2020.102304

Mohamed, Khafagy and Ibrahim. (2019). Recommender Systems Challenges and Solutions Survey. International Conference on Innovative Trends in Computer Engineering (ITCE), 149-155. http://doi.org/10.1109/ITCE.2019.8646645.

Napoles, Grau, and Salgueiro. (2020). Recommender system using Long-term Cognitive Networks. Knowledge-Based Systems, 206(28). https://doi.org/10.1016/j.knosys.2020.106372

National Privacy Commission. (2016). Implementing Rules and Regulation. Retrieved from https://www.privacy.gov.ph/implementing-rules-and-regulations-of-republic-act-no-10173-known-as-the-data-privacy-act-of-2012/

Ojagh, Malek, Saeedi, and Liang. (2020). A location-based orientation-aware recommender system using IoT smart devices and Social Networks. Future Generation Computer Systems, 108, 970-118. https://doi.org/10.1016/j.future.2020.02.041

Pyati and Malawade. (2018). A Study on Risk Assessment Using Probability-Impact Matrix Method for A Multi-Storeyed Residential Building. International Research Journal of Engineering and Technology (IRJET), 05(07), 254-257

Raab. (2020). Information privacy, impact assessment, and the place of ethic. Computer Law & Security Review, 37. https://doi.org/10.1016/j.clsr.2020.105404

Sambhav, Vikesha, Sushama. (2018). An Improved Collaborative Filtering Based Recommender System using Bat Algorithm. Procedia Computer Science, 132, 1795-1803. https://doi.org/10.1016/j.procs.2018.05.155

Scudder, McNevin, Kelty, Walsh, and Robertson. (2017). Forensic DNA phenotyping: Developing a model privacy impact assessment. Forensic Sci Int Genet, 34, 222-230. https://doi.org/ 10.1016/j.fsigen.2018.03.005

Seyyar and Geradts. (2020). Privacy impact assessment in large-scale digital forensic investigations. Forensic Science International Digital Investigation. https://doi.org/ 10.1016/j.fsidi.2020.200906

Su, Zheng, Ai, Shen, Zhang. (2020). Link prediction in recommender systems based on vector similarity. Physica A: Statistical Mechanics and its Applications, 560(15). https://doi.org/10.1016/j.physa.2020.125154

Yassine, Mohamed, and Mohammed. (2021). Hybrid recommendation system combined content-based filtering and collaborative prediction using artificial neural network. Simulation Modelling Practice and Theory, 113. https://doi.org/10.1016/j.simpat.2021.102375

Automating Data Privacy Compliance through Filtering Algorithms

Authors

Keywords:

Abstract

Downloads

References

Downloads

Published

How to Cite

Issue

Section

License

Similar Articles

Announcements

Information for Authors

ijisae

Information

trindex