Seite - 203 - in Intelligent Environments 2019 - Workshop Proceedings of the 15th International Conference on Intelligent Environments

6.- Computer security In the case of tourist data, whose access and reuse have an important economic implication, cybersecurity becomes indispensable for the prevention of attacks by third parties. In the context of macro data any data operator may have relations with third countries that lack the same level of data protection and consequently submit the information to undoubted threats. In a defensive and anticipatory strategy for the security of personal data, the European RGPD essentially revolves around a risk-based approach. And this risk must be subject to prior evaluation, taking into account the nature, scope, context and purposes of data processing. Not in vain does the RGPD oblige the processor to weigh the risk based on an objective evaluation by which it is determined whether the data processing operations pose a risk or if the risk is high [16]. Although we have advanced the protection of privacy in the digital environment, we should bear in mind that in general, access to data constitutes an assignment for the purposes of the LOPD, generating an inevitable conflict between transparency and privacy. On the other hand, tourist information and contracting through technical means leave a trace or fingerprint of the individual, which can be used by third parties for commercial or non-commercial purposes. Today the user of tourist services is making a personalized trace of their preferences and experiences: visit web pages, search in networks the opinions of other users, pour your own, plan your itinerary or combined trip, reserve and pay for transportation, accommodation, tickets to entertainment shows ... The technical means allow us to appreciate a digital identity of the user in permanent construction as he buys a plane ticket, clicks on a certain content on Facebook, shares a photo, visits an online store ... In general, the technical media has developed a new class of personal data very different from the conventional ones: from the analysis of conversations in social networks, data are extracted about patterns of consumption, economic solvency, needs and preferences; sensors are installed in automobiles to know their location and predict a massification; Many cities have digital transport cards that allow routes to be optimized by using encrypted data in the city of Madrid or by erasing the data every forty-eight hours in Paris. The policy of cookies is especially intense in the field of tourism, so that the repeated consultation of an offer increases the price; or the beacons, which make possible, based on geo-positioning, an avalanche of information from nearby establishments on mobile devices. Initially the data obtained do not have to be associated with a specific person; However, their treatment does allow them to be linked and even identify their owner, so that the application of the legal regime of protection of personal data becomes inexcusable. F.J.BauzáMartorell / IntelligenceTourismandPublicAdministration 203