nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

GDPR Transparency Requirements and Data Privacy Vocabularies

verfasst von : Eva Schlehahn, Rigo Wenning

Erschienen in: Privacy and Identity Management. Fairness, Accountability, and Transparency in the Age of Big Data

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

This tutorial introduced participants to the transparency requirements of the General Data Protection Regulation (GDPR) [35]. Therein, it was explored together with the attendees whether technical specifications can be valuable to support transparency in favour of a data subject whose personal information is being processed. In the context of the discussions, past and present international efforts were examined that focus on data privacy vocabularies and taxonomies as basis work to enable effective enforcement of data handling policies. One example of a current undertaking in this area is the W3C Data Privacy Vocabularies and Controls Community Group (DPVCG) which aims at developing a taxonomy of privacy terms aligned to the GDPR, which encompasses personal data categories, processing purposes, events of disclosures, consent, and processing operations. During the tutorial session, the potential of such efforts was discussed among the participants, allowing for conclusions about the need to re-align and update past research in this area to the General Data Protection Regulation.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Trust and Distrust: On Sense and Nonsense in Big Data

Nächstes Kapitel Wider Research Applications of Dynamic Consent

Cf. with regard not only to the GDPR, but also to the review of the ePrivacy Directive, see [12]:pages 3, 7, 10, and 11 as well as in [11], pages 4 f. The results of the public consultation and the Eurobarometer survey outcomes strongly indicate a lack of citizen’s confidence of being able to control and protect own personal data online.

With an exemplary list of transparency-enhancing technical and organizational measures referenced in the handbook of the Standard Data Protection Model recommended for use in Germany.

Meis et al. constructed a set of requirements for a transparency focused ontology on the basis of the ISO/IEC 29100:2011standard, OECD principles, and the US fair information practices (FIPs), and which already entails some of these aspects.

OTT (Over The Top Services) are communication systems over data networks, e.g. skype.

Electronic Communication Services.

Microsoft had considerable market power on the Web in 2002.

https://cordis.europa.eu/project/rcn/71383/factsheet/en.

http://primelife.ercim.eu/.

https://www.w3.org/2002/ws/ accessed 2019-01-21.

RDF uses IRIs to identify objects.

The privacy dashboard was a Firefox extension that stored all data from the HTTP chatter into a local database and was able to show the tracking to the user. See http://primelife.ercim.eu/results/opensource/76-dashboard.

http://a4cloud.eu/.

See https://www.w3.org/2013/share-psi/ for more information and pointers.

https://www.big-data-europe.eu.

Scalable and policy-aware linked data architecture for privacy, transparency and compliance (SPECIAL), https://www.specialprivacy.eu.

W3C Workshop on the long term Future of P3P and Enterprise Privacy Languages (2003). W3C. https://www.w3.org/2003/p3p-ws/

Security assertion markup language (saml) v2.0. Technical report, March 2005. https://www.oasis-open.org/standards#samlv2.0, https://wiki.oasis-open.org/security/FrontPage#SAML_V2.0_Standard

Extensible markup language (xml) 1.0 (5. edition). Technical report, November 2008. http://www.w3.org/TR/2008/REC-xml-20081126/

Engineering Privacy by Design (2011)

Rdf 1.1 primer. Technical report, June 2014. http://www.w3.org/TR/2014/NOTE-rdf11-primer-20140624/

Gupta, A.: Data provenance. In: Liu, L., Özsu, M.T. (eds.) Encyclopedia of Database Systems. Springer, Boston (2009). https://doi.org/10.1007/978-0-387-39940-9CrossRef

Berners-Lee, T., Fielding, R.T., Masinter, L.: Uniform resource identifier (URI): Generic syntax. Technical report (2005). http://www.ietf.org/rfc/rfc3986.txt

Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_7CrossRef

Camenisch, J., Leenes, R., Sommer, D. (eds.): PRIME - Privacy and Identity Management for Europe. Lecture Notes in Computer Science, vol. 6545. Springer, Berlin (2011). https://doi.org/10.1007/978-3-642-19050-6CrossRef

10.

Collins, C.: A brief history of xml, March 2008. https://ccollins.wordpress.com/2008/03/03/a-brief-history-of-xml/

11.

European Commission: Flash eurobarometer 443: e-privacy. Technical report, December 2016. http://data.europa.eu/euodp/en/data/dataset/S2124_443_ENG

12.

European Commission: Summary report on the public consultation on the evaluation and review of the eprivacy directive. Technical report, August 2016. https://ec.europa.eu/digital-single-market/en/news/summary-report-public-consultation-evaluation-and-review-eprivacy-directive

13.

European Council, European Parliament, and European Commission: Charter of Fundamental Rights of the European Union. Number 83 in Official Journal of the European Union C. European Union, pp. 389–403, March 2010. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:C:2010:083:0389:0403:en:PDF

14.

Cranor, L.F.: Web Privacy with P3P. O’Reilly & Associates Inc., Newton (2002). ISBN 0-596-00371-4

15.

Decker, S., Peristeras, V. (eds.): Data Privacy Controls and Vocabularies: A W3C Workshop on Privacy and Linked Data (2017). W3C. https://www.w3.org/2018/vocabws/

16.

Duerst, M., Suignard, M.: Internationalized resource identifiers (iris). Technical report 3987, January 2005. http://www.ietf.org/rfc/rfc3987.txt

17.

ECHR2010: Convention for the protection of human rights and fundamental freedoms as amended by protocol no. 11 and no. 14, June 2010. http://conventions.coe.int/treaty/en/Treaties/Html/005.htm

18.

Goodman, B., Flaxman, S.: EU regulations on algorithmic decision-making and a “right to explanation”. AI Mag. 38(3) (2017)

19.

Holtz, L.-E., Nocun, K., Hansen, M.: Towards displaying privacy information with icons. In: Fischer-Hübner, S., Duquenoy, P., Hansen, M., Leenes, R., Zhang, G. (eds.) Privacy and Identity 2010. IAICT, vol. 352, pp. 338–348. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20769-3_27CrossRef

20.

Inchauste, F.: The dirtiest word in UX: Complexity, July 2010. http://uxmag.com/articles/the-dirtiest-word-in-ux-complexity

21.

Kinderlerer, J., Dabrock, P., Haker, H., Nys, H., Salvi, M.: Opinion 26 - Ethics of information and communication technologies. Publications Office of the European Union, February 2012. ISBN 978-92-79-22734-9. https://doi.org/10.2796/13541, http://bookshop.europa.eu/en/ethics-of-information-and-communication-technologies-pbNJAJ12026/

22.

Kodagoda, N.: Using machine learning to infer reasoning provenance from user interaction log data: based on the data/frame theory of sensemaking. JCEDM Spec. Issue 11(1), 23–47 (2017)

23.

Koops, B.-J.: On Decision Transparency, or How to Enhance Data Protection after the Computational Turn, pp. 196–220 (2013)

24.

Krauskopf, T., Miller, J., Resnick, P., Treese, W.: Pics label distribution label syntax and communication protocols. Technical report, October 1996. https://www.w3.org/TR/REC-PICS-labels-961031

25.

Lehmann, J., et al.: Distributed semantic analytics using the SANSA stack. In: d’Amato, C., et al. (eds.) ISWC 2017. LNCS, vol. 10588, pp. 147–155. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68204-4_15CrossRef

26.

McDonald, A.M.: Footprints Near the Surf: Individual Privacy Decisions in Online Contexts. Ph.D. thesis (2010). https://kilthub.figshare.com/articles/Footprints_Near_the_Surf_Individual_Privacy_Decisions_in_Online_Contexts/6717041

27.

McDonald, A.M., Cranor, L.F.: The cost of reading privacy policies. I/S: J. Law Policy Inf. Soc. 4(3), 543–568 (2008). http://heinonline.org/hol-cgi-bin/get_pdf.cgi?handle=hein.journals/isjlpsoc4&section=27, https://kb.osu.edu/dspace/bitstream/handle/1811/72839/ISJLP_V4N3_543.pdf

28.

Meis, R., Wirtz, R., Heisel, M.: A taxonomy of requirements for the privacy goal transparency. In: Fischer-Hübner, S., Lambrinoudakis, C., Lopez, J. (eds.) TrustBus 2015. LNCS, vol. 9264, pp. 195–209. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22906-5_15CrossRef

29.

Moor, J.H.: What is computer ethics? Metaphilosophy 16(4), 266–275 (1985). ISSN 1467–9973. https://onlinelibrary.wiley.com/doi/abs/10.1111/j.1467-9973.1985.tb00173.x, https://web.cs.ucdavis.edu/~rogaway/classes/188/spring06/papers/moor.htmlCrossRef

30.

Moses, T.: Extensible access control markup language (xacml) v2.0. Technical report (2005). http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf

31.

Conference of the Independent Data Protection of the Authorities. The standard data protection model. Technical report (2016). https://www.datenschutzzentrum.de/uploads/sdm/SDM-Methodology_V1.0.pdf

32.

Pandit, H., O’Sullivan, D., Lewis, D.: Queryable provenance metadata for GDPR compliance. Procedia Comput. Sci. 137, 262–268 (2018)CrossRef

33.

Azraoui, M., Elkhiyaoui, K., Önen, M., Bernsmed, K., De Oliveira, A.S., Sendor, J.: A-PPL: an accountability policy language. In: Garcia-Alfaro, J., et al. (eds.) DPM/QASA/SETOP-2014. LNCS, vol. 8872, pp. 319–326. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-17016-9_21CrossRef

34.

Sippel, B., European Parliament: Report on the proposal for a regulation of the European parliament and of the council concerning the respect for private life and the protection of personal data in electronic communications and repealing directive 2002/58/ec (regulation on privacy and electronic communications), October 2017. http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A8-2017-0324&language=EN

35.

European Union: Regulation (EU) 2016/679 of the European parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/ec (general data protection regulation), May 2016

36.

W3C: A P3P preference exchange language 1.0 (APPEL1.0) (2002)

37.

W3C: The platform for privacy preferences 1.1 (P3P1.1) specification (2006)

Titel: GDPR Transparency Requirements and Data Privacy Vocabularies
verfasst von: Eva Schlehahn
Rigo Wenning
Verlag: Springer International Publishing
Buch: Privacy and Identity Management. Fairness, Accountability, and Transparency in the Age of Big Data
Print ISBN: 978-3-030-16743-1

Electronic ISBN: 978-3-030-16744-8

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-16744-8_7

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"