The SPECIAL-K Personal Data Processing Transparency and Compliance Platform

• URL: http://arxiv.org/abs/2001.09461v3
• Date: Thu, 15 Jul 2021 12:12:07 GMT
• Title: The SPECIAL-K Personal Data Processing Transparency and Compliance Platform
• Authors: Sabrina Kirrane, Javier D. Fern\'andez, Piero Bonatti, Uros Milosevic, Axel Polleres, Rigo Wenning
• Abstract summary: SPECIAL EU H 2020 project can be used to represent data policies and data and events sharing. System can verify that data processing and sharing complies with the data subjects consent.
• Score: 0.1385411134620987
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The European General Data Protection Regulation (GDPR) brings new challenges for companies who must ensure they have an appropriate legal basis for processing personal data and must provide transparency with respect to personal data processing and sharing within and between organisations. Additionally, when it comes to consent as a legal basis, companies need to ensure that they comply with usage constraints specified by data subjects. This paper presents the policy language and supporting ontologies and vocabularies, developed within the SPECIAL EU H2020 project, which can be used to represent data usage policies and data processing and sharing events. We introduce a concrete transparency and compliance architecture, referred to as SPECIAL-K, that can be used to automatically verify that data processing and sharing complies with the data subjects consent. Our evaluation, based on a new compliance benchmark, shows the efficiency and scalability of the system with increasing number of events and users.

Related papers

• LegiLM: A Fine-Tuned Legal Language Model for Data Compliance [5.256747140296861]
  LegiLM is a novel legal language model specifically tailored for consulting on data or information compliance. It has been fine-tuned to automatically assess whether particular actions or events breach data security and privacy regulations. LegiLM excels in detecting data regulation breaches, offering sound legal justifications, and recommending necessary compliance modifications.
  arXiv  Detail & Related papers  (2024-09-09T02:06:52Z)
• Towards an Enforceable GDPR Specification [49.1574468325115]
  Privacy by Design (PbD) is prescribed by modern privacy regulations such as the EU's. One emerging technique to realize PbD is enforcement (RE) We present a set of requirements and an iterative methodology for creating formal specifications of legal provisions.
  arXiv  Detail & Related papers  (2024-02-27T09:38:51Z)
• Extensible Consent Management Architectures for Data Trusts [0.0]
  This paper proposes a framework for consent management in Data Trusts. Data can flow across a network through "role tunnels" established based on corresponding legal capacities.
  arXiv  Detail & Related papers  (2023-09-28T18:28:50Z)
• Advanced Data Protection Control (ADPC): An Interdisciplinary Overview [0.0]
  The Advanced Data Protection Control (ADPC) is a technical specification that can change the practice of Internet-based personal data protection and consenting. The ADPC supports humans in practicing their rights to privacy and agency by giving them more human-centric control over the processing of their personal data and consent.
  arXiv  Detail & Related papers  (2022-09-20T13:57:49Z)
• Distributed Machine Learning and the Semblance of Trust [66.1227776348216]
  Federated Learning (FL) allows the data owner to maintain data governance and perform model training locally without having to share their data. FL and related techniques are often described as privacy-preserving. We explain why this term is not appropriate and outline the risks associated with over-reliance on protocols that were not designed with formal definitions of privacy in mind.
  arXiv  Detail & Related papers  (2021-12-21T08:44:05Z)
• Learning to Limit Data Collection via Scaling Laws: Data Minimization Compliance in Practice [62.44110411199835]
  We build on literature in machine learning law to propose framework for limiting collection based on data interpretation that ties data to system performance. We formalize a data minimization criterion based on performance curve derivatives and provide an effective and interpretable piecewise power law technique.
  arXiv  Detail & Related papers  (2021-07-16T19:59:01Z)
• TILT: A GDPR-Aligned Transparency Information Language and Toolkit for Practical Privacy Engineering [0.0]
  TILT is a transparency information language and toolkit designed to represent and process transparency information. We provide a detailed analysis of transparency obligations to identify the required for a formal transparency language. On this basis, we specify our formal language and present a respective, fully implemented toolkit.
  arXiv  Detail & Related papers  (2020-12-18T18:45:04Z)
• Second layer data governance for permissioned blockchains: the privacy management challenge [58.720142291102135]
  In pandemic situations, such as the COVID-19 and Ebola outbreak, the action related to sharing health data is crucial to avoid the massive infection and decrease the number of deaths. In this sense, permissioned blockchain technology emerges to empower users to get their rights providing data ownership, transparency, and security through an immutable, unified, and distributed database ruled by smart contracts.
  arXiv  Detail & Related papers  (2020-10-22T13:19:38Z)
• GDPR: When the Right to Access Personal Data Becomes a Threat [63.732639864601914]
  We examine more than 300 data controllers performing for each of them a request to access personal data. We find that 50.4% of the data controllers that handled the request, have flaws in the procedure of identifying the users. With the undesired and surprising result that, in its present deployment, has actually decreased the privacy of the users of web services.
  arXiv  Detail & Related papers  (2020-05-04T22:01:46Z)
• Beyond privacy regulations: an ethical approach to data usage in transportation [64.86110095869176]
  We describe how Federated Machine Learning can be applied to the transportation sector. We see Federated Learning as a method that enables us to process privacy-sensitive data, while respecting customer's privacy.
  arXiv  Detail & Related papers  (2020-04-01T15:10:12Z)
• Machine Understandable Policies and GDPR Compliance Checking [9.032680855473986]
  Towards SPECIAL H2020 project aims to provide a set of tools that can be used by data controllers that automatically check if personal data sharing complies with obligations set forth with obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with
  arXiv  Detail & Related papers  (2020-01-24T09:41:47Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.