Institutional Violence Complaints in Argentina: A Privacy Study

Argentina is a federal republic located in South America. Despite Argentina’s redemocratization in 1983, conditions favoring human rights abuses still persist. Institutional violence refers to structured practices of human rights violation by state officials belonging to public institutions. In this paper, we outline and discuss privacy issues in institutional violence complaints in Argentina. To this aim, we defined a BPMN process model for registering victims’ complaints in a database, and proposed an approach to investigate the privacy of such process from a threat modeling perspective. With the approach, we identified privacy threats of information disclosure and content unawareness, and defined privacy requirements and controls needed to mitigate these threats.

[1]  Marco Ramilli,et al.  Exploring Information Security Issues in Public Sector Inter-organizational Collaboration , 2011, EGOV.

[2]  Marit Hansen,et al.  Protection Goals for Privacy Engineering , 2015, 2015 IEEE Security and Privacy Workshops.

[3]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[4]  Ronald Leenes,et al.  Privacy regulation cannot be hardcoded. A critical comment on the ‘privacy by design’ provision in data-protection law , 2014 .

[5]  Francesca Lessa,et al.  Beyond Transitional Justice: Exploring Continuities in Human Rights Abuses in Argentina between 1976 and 2010 , 2011 .

[6]  Colin J. Fidge,et al.  Privacy-Aware Workflow Management , 2013, Business Process Management.

[7]  Stefan Fenz,et al.  A taxonomy for privacy enhancing technologies , 2015, Comput. Secur..

[8]  Jaap-Henk Hoepman,et al.  PDF hosted at the Radboud Repository of the Radboud University Nijmegen , 2022 .

[9]  Anneke Zuiderwijk,et al.  Trusted third parties for secure and privacy-preserving data integration and sharing in the public sector , 2012, dg.o '12.

[10]  Paul Benjamin Lowry,et al.  Examining the intended and unintended consequences of organisational privacy safeguards , 2016, Eur. J. Inf. Syst..

[11]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[12]  Klemens Böhm,et al.  Semantic Support for Security-Annotated Business Process Models , 2011, BMMDS/EMMSAD.

[13]  Sicco Verwer,et al.  Combining and Analyzing Judicial Databases , 2013, Discrimination and Privacy in the Information Society.

[14]  Klemens Böhm,et al.  Modelling and transforming security constraints in privacy-aware business processes , 2011, 2011 IEEE International Conference on Service-Oriented Computing and Applications (SOCA).

[15]  Yannis Charalabidis,et al.  Issues and Guiding Principles for Opening Governmental Judicial Research Data , 2012, International Conference on Electronic Government.

[16]  Roberto Uzal,et al.  A software application to improve human rights watching activities and to prepare police stations to face the ISO 9001:2008 certification procedure , 2011, 2011 9th IEEE International Conference on Industrial Informatics.

[17]  Marit Hansen,et al.  Privacy Considerations for Internet Protocols , 2022 .