Towards a Semantic Model of the GDPR Register of Processing Activities

• URL: http://arxiv.org/abs/2008.00877v1
• Date: Mon, 3 Aug 2020 13:54:47 GMT
• Title: Towards a Semantic Model of the GDPR Register of Processing Activities
• Authors: Paul Ryan, Harshvardhan J. Pandit, Rob Brennan
• Abstract summary: We present a consolidated data model based on common concepts and relationships across analysed templates. We show that the DPV currently does not provide sufficient concepts to represent the ROPA data model. This will enable creation of a pan-EU information management framework for interoperability between organisations and regulators for compliance.
• Score: 0.3441021278275805
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: A core requirement for GDPR compliance is the maintenance of a register of processing activities (ROPA). Our analysis of six ROPA templates from EU data protection regulators shows the scope and granularity of a ROPA is subject to widely varying guidance in different jurisdictions. We present a consolidated data model based on common concepts and relationships across analysed templates. We then analyse the extent of using the Data Privacy Vocabulary - a vocabulary specification for GDPR. We show that the DPV currently does not provide sufficient concepts to represent the ROPA data model and propose an extension to fill this gap. This will enable creation of a pan-EU information management framework for interoperability between organisations and regulators for GDPR compliance.

Related papers

• Toward Regulatory Compliance: A few-shot Learning Approach to Extract Processing Activities [2.1903839165439845]
  We present a method to generate segments of RoPA from user-authored usage scenarios using large language models (LLMs) Our findings highlight the significant influence of the number of examples in prompts on summarization F1 scores. Our prompts achieve successful summarization of processing activities with an average 70% ROUGE-L F1 score.
  arXiv  Detail & Related papers  (2024-07-12T17:56:18Z)
• Demystifying Legalese: An Automated Approach for Summarizing and Analyzing Overlaps in Privacy Policies and Terms of Service [0.6240153531166704]
  Our work seeks to alleviate this issue by developing language models that provide automated, accessible summaries and scores for such documents. We compared transformer-based and conventional models during training on our dataset, and RoBERTa performed better overall with a remarkable 0.74 F1-score.
  arXiv  Detail & Related papers  (2024-04-17T19:53:59Z)
• Towards an Enforceable GDPR Specification [49.1574468325115]
  Privacy by Design (PbD) is prescribed by modern privacy regulations such as the EU's. One emerging technique to realize PbD is enforcement (RE) We present a set of requirements and an iterative methodology for creating formal specifications of legal provisions.
  arXiv  Detail & Related papers  (2024-02-27T09:38:51Z)
• A Multi-solution Study on GDPR AI-enabled Completeness Checking of DPAs [3.1002416427168304]
  General Data Protection Regulation (DPA) requires a data processing agreement (DPA) which regulates processing and ensures personal data remains protected. Checking completeness of DPA according to prerequisite provisions is therefore an essential to ensure that requirements are complete. We propose an automation strategy to address the completeness checking of DPAs against stipulated provisions.
  arXiv  Detail & Related papers  (2023-11-23T10:05:52Z)
• Zero-shot Composed Text-Image Retrieval [72.43790281036584]
  We consider the problem of composed image retrieval (CIR) It aims to train a model that can fuse multi-modal information, e.g., text and images, to accurately retrieve images that match the query, extending the user's expression ability.
  arXiv  Detail & Related papers  (2023-06-12T17:56:01Z)
• NLP-based Automated Compliance Checking of Data Processing Agreements against GDPR [9.022562906627991]
  We propose an automated solution to check compliance of a given DPA against the "shall" requirements. Our approach correctly finds 618 out of 750 genuine violations while raising 76 false violations, and further correctly identifies 524 satisfied requirements.
  arXiv  Detail & Related papers  (2022-09-20T13:50:58Z)
• Relational Action Bases: Formalization, Effective Safety Verification, and Invariants (Extended Version) [67.99023219822564]
  We introduce the general framework of relational action bases (RABs) RABs generalize existing models by lifting both restrictions. We demonstrate the effectiveness of this approach on a benchmark of data-aware business processes.
  arXiv  Detail & Related papers  (2022-08-12T17:03:50Z)
• Learning to Synthesize Data for Semantic Parsing [57.190817162674875]
  We propose a generative model which models the composition of programs and maps a program to an utterance. Due to the simplicity of PCFG and pre-trained BART, our generative model can be efficiently learned from existing data at hand. We evaluate our method in both in-domain and out-of-domain settings of text-to-Query parsing on the standard benchmarks of GeoQuery and Spider.
  arXiv  Detail & Related papers  (2021-04-12T21:24:02Z)
• Mapping Patterns for Virtual Knowledge Graphs [71.61234136161742]
  Virtual Knowledge Graphs (VKG) constitute one of the most promising paradigms for integrating and accessing legacy data sources. We build on well-established methodologies and patterns studied in data management, data analysis, and conceptual modeling. We validate our catalog on the considered VKG scenarios, showing it covers the vast majority of patterns present therein.
  arXiv  Detail & Related papers  (2020-12-03T13:54:52Z)
• GRIT: Generative Role-filler Transformers for Document-level Event Entity Extraction [134.5580003327839]
  We introduce a generative transformer-based encoder-decoder framework (GRIT) to model context at the document level. We evaluate our approach on the MUC-4 dataset, and show that our model performs substantially better than prior work.
  arXiv  Detail & Related papers  (2020-08-21T01:07:36Z)
• Machine Understandable Policies and GDPR Compliance Checking [9.032680855473986]
  Towards SPECIAL H2020 project aims to provide a set of tools that can be used by data controllers that automatically check if personal data sharing complies with obligations set forth with obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with regulatory obligations set forth with
  arXiv  Detail & Related papers  (2020-01-24T09:41:47Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.