Privacy and data protection: Legal aspects in the Republic of Macedonia

Background Along with the rapid digitalization of health data (e.g. Electronic Health Records), there is an increasing concern on maintaining data privacy while garnering the benefits, especially when the data are required to be published for secondary use. Most of the current research on protecting health data privacy is centered around data de-identification and data anonymization, which removes the identifiable information from the published health data to prevent an adversary from reasoning about the privacy of the patients. However, published health data is not the only source that the adversaries can count on: with a large amount of information that people voluntarily share on the Web, sophisticated attacks that join disparate information pieces from multiple sources against health data privacy become practical. Limited efforts have been devoted to studying these attacks yet. Results We study how patient privacy could be compromised with the help of today’s information technologies. In particular, we show that private healthcare information could be collected by aggregating and associating disparate pieces of information from multiple online data sources including online social networks, public records and search engine results. We demonstrate a real-world case study to show user identity and privacy are highly vulnerable to the attribution, inference and aggregation attacks. We also show that people are highly identifiable to adversaries even with inaccurate information pieces about the target, with real data analysis. Conclusion We claim that too much information has been made available electronic and available online that people are very vulnerable without effective privacy protection.

Following a general overview of the EHCR case of law and some of its distinctive features, this article focuses on explaining the meaning of ‘privacy’, and guaranteed as a fundamental right in light of Article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms, using as illustrations the verdicts of some cases judged by the institutions of Strasbourg. Certain paragraphs of the article address a series of issues, which according to the Court-referring to the images created by the Convention-cover a range , within which any individual may freely follow the development of their personality. The article also raises some questions, which the ECHR has often fully answered,or at least, indirectly implied. The author elaborates also on limits of privacy as foreseen by paragraph 2 of Article8, as well as on some obligations that the Convention assigns to its contracting State-Parties.