Add second year

second/semester1/CT255/Assessment/CT255-Assignment-1/latex/latex/head.tex

@@ -0,0 +1,50 @@
+\addtolength{\hoffset}{-2.25cm}
+\addtolength{\textwidth}{4.5cm}
+\addtolength{\voffset}{-3.25cm}
+\addtolength{\textheight}{5cm}
+\setlength{\parskip}{0pt}
+\setlength{\parindent}{0in}
+
+%----------------------------------------------------------------------------------------
+%	PACKAGES AND OTHER DOCUMENT CONFIGURATIONS
+%----------------------------------------------------------------------------------------
+
+\usepackage{blindtext} % Package to generate dummy text
+\usepackage{charter} % Use the Charter font
+\usepackage[utf8]{inputenc} % Use UTF-8 encoding
+\usepackage{microtype} % Slightly tweak font spacing for aesthetics
+\usepackage[english, ngerman]{babel} % Language hyphenation and typographical rules
+\usepackage{amsthm, amsmath, amssymb} % Mathematical typesetting
+\usepackage{float} % Improved interface for floating objects
+\usepackage[final, colorlinks = true, 
+            linkcolor = black, 
+            citecolor = black]{hyperref} % For hyperlinks in the PDF
+\usepackage{graphicx, multicol} % Enhanced support for graphics
+\usepackage{xcolor} % Driver-independent color extensions
+\usepackage{marvosym, wasysym} % More symbols
+\usepackage{rotating} % Rotation tools
+\usepackage{censor} % Facilities for controlling restricted text
+\usepackage{listings, style/lstlisting} % Environment for non-formatted code, !uses style file!
+\usepackage{pseudocode} % Environment for specifying algorithms in a natural way
+\usepackage{style/avm} % Environment for f-structures, !uses style file!
+\usepackage{booktabs} % Enhances quality of tables
+\usepackage{tikz-qtree} % Easy tree drawing tool
+\tikzset{every tree node/.style={align=center,anchor=north},
+         level distance=2cm} % Configuration for q-trees
+\usepackage{style/btree} % Configuration for b-trees and b+-trees, !uses style file!
+\usepackage[backend=biber,style=numeric,
+            sorting=nyt]{biblatex} % Complete reimplementation of bibliographic facilities
+\addbibresource{ecl.bib}
+\usepackage{csquotes} % Context sensitive quotation facilities
+\usepackage[yyyymmdd]{datetime} % Uses YEAR-MONTH-DAY format for dates
+\renewcommand{\dateseparator}{-} % Sets dateseparator to '-'
+\usepackage{fancyhdr} % Headers and footers
+\pagestyle{fancy} % All pages have headers and footers
+\fancyhead{}\renewcommand{\headrulewidth}{0pt} % Blank out the default header
+\fancyfoot[L]{} % Custom footer text
+\fancyfoot[C]{} % Custom footer text
+\fancyfoot[R]{\thepage} % Custom footer text
+\newcommand{\note}[1]{\marginpar{\scriptsize \textcolor{red}{#1}}} % Enables comments in red on margin
+
+%----------------------------------------------------------------------------------------
+

second/semester1/CT255/Assessment/CT255-Assignment-1/latex/latex/main.run.xml

@@ -0,0 +1,87 @@
+<?xml version="1.0" standalone="yes"?>
+<!-- logreq request file -->
+<!-- logreq version 1.0 / dtd version 1.0 -->
+<!-- Do not edit this file! -->
+<!DOCTYPE requests [
+  <!ELEMENT requests (internal | external)*>
+  <!ELEMENT internal (generic, (provides | requires)*)>
+  <!ELEMENT external (generic, cmdline?, input?, output?, (provides | requires)*)>
+  <!ELEMENT cmdline (binary, (option | infile | outfile)*)>
+  <!ELEMENT input (file)+>
+  <!ELEMENT output (file)+>
+  <!ELEMENT provides (file)+>
+  <!ELEMENT requires (file)+>
+  <!ELEMENT generic (#PCDATA)>
+  <!ELEMENT binary (#PCDATA)>
+  <!ELEMENT option (#PCDATA)>
+  <!ELEMENT infile (#PCDATA)>
+  <!ELEMENT outfile (#PCDATA)>
+  <!ELEMENT file (#PCDATA)>
+  <!ATTLIST requests
+    version CDATA #REQUIRED
+  >
+  <!ATTLIST internal
+    package CDATA #REQUIRED
+    priority (9) #REQUIRED
+    active (0 | 1) #REQUIRED
+  >
+  <!ATTLIST external
+    package CDATA #REQUIRED
+    priority (1 | 2 | 3 | 4 | 5 | 6 | 7 | 8) #REQUIRED
+    active (0 | 1) #REQUIRED
+  >
+  <!ATTLIST provides
+    type (static | dynamic | editable) #REQUIRED
+  >
+  <!ATTLIST requires
+    type (static | dynamic | editable) #REQUIRED
+  >
+  <!ATTLIST file
+    type CDATA #IMPLIED
+  >
+]>
+<requests version="1.0">
+  <internal package="biblatex" priority="9" active="0">
+    <generic>latex</generic>
+    <provides type="dynamic">
+      <file>main.bcf</file>
+    </provides>
+    <requires type="dynamic">
+      <file>main.bbl</file>
+    </requires>
+    <requires type="static">
+      <file>blx-dm.def</file>
+      <file>blx-compat.def</file>
+      <file>biblatex.def</file>
+      <file>standard.bbx</file>
+      <file>numeric.bbx</file>
+      <file>numeric.cbx</file>
+      <file>biblatex.cfg</file>
+      <file>german.lbx</file>
+      <file>ngerman.lbx</file>
+      <file>english.lbx</file>
+    </requires>
+  </internal>
+  <external package="biblatex" priority="5" active="0">
+    <generic>biber</generic>
+    <cmdline>
+      <binary>biber</binary>
+      <infile>main</infile>
+    </cmdline>
+    <input>
+      <file>main.bcf</file>
+    </input>
+    <output>
+      <file>main.bbl</file>
+    </output>
+    <provides type="dynamic">
+      <file>main.bbl</file>
+    </provides>
+    <requires type="dynamic">
+      <file>main.bcf</file>
+    </requires>
+    <requires type="editable">
+      <file>ecl.bib</file>
+    </requires>
+  </external>
+</requests>

second/semester1/CT255/Assessment/CT255-Assignment-1/latex/latex/main.tex

@@ -0,0 +1,121 @@
+\documentclass[a4paper]{article} 
+\input{head}
+\begin{document}
+
+%-------------------------------
+%	TITLE SECTION
+%-------------------------------
+
+\fancyhead[C]{}
+\hrule \medskip % Upper rule
+\begin{minipage}{0.295\textwidth} 
+\raggedright
+\footnotesize
+Andrew Hayes \hfill\\   
+21321503 \hfill\\
+a.hayes18@nuigalway.ie
+\end{minipage}
+\begin{minipage}{0.4\textwidth} 
+\centering 
+\large 
+CT255 Assignment 1\\ 
+\normalsize 
+GDPR\\ 
+\end{minipage}
+\begin{minipage}{0.295\textwidth} 
+\raggedleft
+\today\hfill\\
+\end{minipage}
+\medskip\hrule 
+\bigskip
+
+%-------------------------------
+%	CONTENTS
+%-------------------------------
+
+\section{Problem 1}
+\subsection{What is GDPR?}
+The \textbf{General Data Protection Regulation (GDPR)} is a legal regulation in EU law pertaining to the protection of data within the European Union and the European Economic Area (EEA), and the protection of this data when it is transferred out of this region. GDPR applies to any organisation that is processing the personal data of individuals who are in the EEA, regardless of the location of said organisation or the citizenship / residence status of the individuals whose data is being processed. GDPR sets out several key principles in relation to the processing of personal data:
+
+\begin{itemize}
+    \item \textbf{Lawfulness -} You must identify a \textit{lawful basis} under the GDPR for the processing of personal data.
+    \item \textbf{Fairness \& Transparency -} You must be open \& honest with the Data Subjects about how and why their data is being processed, and you must not use this data in a way that doesn't align with these methods. 
+    \item \textbf{Purpose Limitation -} You must clearly state your purposes for processing the personal data of Data Subjects from the start, and may only use the data for different purpose if it is either compatible with your original purpose, you get \textit{consent}, or if you have a \textit{clear basis} in law.
+    \item \textbf{Data Minimisation -} The personal data you process must be \textit{adequate}, \textit{relevant}, and \textit{limited} only to what is necessary.
+    \item \textbf{Accuracy -} Personal data should not be incorrect or misleading.
+    \item \textbf{Storage Limitation -} You must not keep personal data for longer than you need it.
+    \item \textbf{Integrity \& Confidentiality -} You must take appropriate technical \& organisational measures to ensure that the personal data of data subjects remains \textit{secure}.
+    \item \textbf{Accountability -} You must be able to demonstrate your compliance with GDPR.
+\end{itemize}
+\bigbreak
+
+All Data Processors (i.e., anyone who is responsible for the processing of personal information) are motivated to obey GDPR by threat of strict penalties. For particularly serious GDPR breaches, a Data Processor could be fined up to €20 million, or 4\% of the firm's global turnover. For less serious breaches, the Data Processor can be fined up to €10 million, or 2\% of the firm's global turnover.
+
+
+\subsection{Why was GDPR introduced? What was the motivation for this legislation?}
+GDPR was introduced with the aim of enhancing the rights \& control of individuals over their personal data and to simplify data processing regulations with regards to international businesses.
+\bigbreak
+As the processing of the personal data of individuals increases in the modern world with the advent of modern technology, it has became necessary to update the laws governing the processing of personal data to protect the interests of data subjects in an era of unprecedented data collection, surveillance, \& processing. GDPR sets out clear \& concise principles \& rules that determine who's personal data may be processed, what information this data may consist of, when it is acceptable to process it, where this data can be processed \& relocated to, why this data may or may not be processed, and how this data processing can be undertaken.   
+\bigbreak
+The European Parliament adopted the GDPR in April 2016 to replace the then-outdated Data Protection Directive, which was first enacted in 1995.
+There were 2 main issues with the Data Protection Directive that made it necessary to replace it:
+\begin{enumerate}
+    \item Under EU law, a ``Directive'' is less strict than a ``Regulation''.
+        A Directive allows the EU member states to adapt \& change the law to fit the needs of their citizens, while a Regulation does not allow this.
+        A Regulation forces the member states to adopt it, and does not allow them to adapt or change it at all.
+    \item The Data Protection Directive was too outdated for the modern world.
+        It did not address how data is collected, stored, or transferred in the digital world, and thus largely failed to regulate digital data processing.
+\end{enumerate}
+
+\bigskip
+
+%------------------------------------------------
+
+\section{Problem 2}
+This company needs to be extremely careful with their GDPR compliance, as they are handling some extremely sensitive personal information.
+\newline\newline
+With regards to the GDPR key principle of \textbf{Lawfulness}, I think that this website is in the clear.
+Since the users are uploading their own data of their own volition, this gives the website a clear lawful basis for data processing - they have the \textit{consent} of the data subjects for the processing of their data.
+\newline\newline
+I do, however, have some concerns about the compliance of the company with GDPR key principle \textbf{Fairness \& Transparency}. The company is quite vague about how they process the personal data of the users, how the data is stored, etc.
+There is no mention of any kind of Data Protection Notice that informs the user of the identity \& contact details of the Data Controller, the contact details of the Data Protection officer, the details of any data transfer out of of the EEA or the safeguards in place, the data retention period, or the individual's rights.
+The only information that the Data Subjects really have is the purpose of the processing and (at least some of) the recipients of the data.
+It's possible that other people are in receipt of the users' personal data as well, but there is no mention of this.
+
+\bigbreak
+
+The company should be in the clear with regards to \textbf{Purpose Limitation}, assuming that they are being fully open \& honest about their purposes for processing the data, and stick to these purposes, but if they are not doing this, then that is a massive issue.
+\newline\newline
+The principle of \textbf{Data Minimisation} is a bit more of a grey area for this website.
+It's hard to say what data is and isn't adequate \& relevant to the purpose of "keeping in touch".
+Personally, I would be of the opinion that absolutely none of the data mentioned is relevant for the purposes of "keeping in touch", but it is plausible that some people would feel otherwise.
+It could be problematic for the company that they allow the users to upload pretty much whatever they want, as the company may end up in possession of a lot of irrelevant data that the users uploaded.
+The company needs to be extremely careful with receiving data that they didn't expect to receive, which may or may not be relevant to the purposes of the company.
+\newline\newline
+The principle of \textbf{Accuracy} is another potentially problematic one for this company.
+The company must take all reasonable steps to ensure that the personal data that they hold is not incorrect or misleading as to any matter of fact.
+It's not unlikely that some, if not many, of the users of the website will ``exaggerate'' (or just make up) positive aspects of their life after university, their salary, etc.
+There also doesn't seem to be any protocol to verify that the users are who they say they are, so anyone could be uploading the personal data, fictitious or otherwise, of anyone else, and this data could be viewed by anyone in the world, so long as they claimed to be an alumni of a particular course.
+This is a problem for the company, as they have the responsibility to ensure that the data is accurate, although this may be considered to be something that the company cannot reasonably be expected to regulate / control.
+\newline\newline
+The company does not seem to comply with the principle of \textbf{Storage Limitation} at all.
+There is no mention of data retention period, or how the users might be able to learn their data retention periods. 
+\newline\newline
+Similarly, the company doesn't seem to comply with \textbf{Accountability \& Governance} at all either. 
+There is no attempt to provide an assurance of GDPR compliance, or to explain why the data is held, when it will be deleted, and who may gain access to it.
+\newline\newline
+There is no mention of any attempt to comply with \textbf{Integrity \& Confidentiality} either.
+There is no mention of any security measure such as encryption, nor do they mention any other technical measures that they might use to process the data securely.
+
+\bigskip
+
+\section{References}
+\begin{enumerate}
+    \item Schukat, M. (2022-09-09). \textit{CT255 Lecture Slides - GDPR.} Blackboard. 
+    \item Wolford, B. \textit{What is GDPR, the EU's new data protection law?} Proton. https://gdpr.eu/what-is-gdpr/
+    \item Sivula, A. \textit{GDPR: What Happens If You Don't Comply}. AMD Solicitors. https://amdsolicitors.com/gdpr-what-happens-if-you-dont-comply/
+    \item Rossow, A. \textit{The Birth of GDPR: What Is It And What You Need To Know}. Forbes\\ https://www.forbes.com/sites/andrewrossow/2018/05/25/the-birth-of-gdpr-what-is-it-and-what-you-need-to-know/?sh=62b80a5a55e5
+\end{enumerate}
+%------------------------------------------------
+
+\end{document}