Damiano Torre,Mauricio Alferez,Ghanem Soltana,Mehrdad Sabetzadeh,Lionel Briand

DOI: https://doi.org/10.48550/arXiv.2007.12046

2020-07-23

Abstract:In Europe and indeed worldwide, the General Data Protection Regulation (GDPR) provides protection to individuals regarding their personal data in the face of new technological developments. GDPR is widely viewed as the benchmark for data protection and privacy regulations that harmonizes data privacy laws across Europe. Although the GDPR is highly beneficial to individuals, it presents significant challenges for organizations monitoring or storing personal information. Since there is currently no automated solution with broad industrial applicability, organizations have no choice but to carry out expensive manual audits to ensure GDPR compliance. In this paper, we present a complete GDPR UML model as a first step towards designing automated methods for checking GDPR compliance. Given that the practical application of the GDPR is influenced by national laws of the EU Member States, we suggest a two-tiered description of the GDPR, generic and specialized. In this paper, we provide (1) the GDPR conceptual model we developed with complete traceability from its classes to the GDPR, (2) a glossary to help understand the model, (3) the plain-English description of 35 compliance rules derived from GDPR along with their encoding in OCL, and (4) the set of 20 variations points derived from GDPR to specialize the generic model. We further present the challenges we faced in our modeling endeavor, the lessons we learned from it, and future directions for research.

Software Engineering

M. Emilia Cambronero,Miguel A. Martínez,Luis Llana,Ricardo J. Rodríguez,Alejandro Russo

DOI: https://doi.org/10.7717/peerj-cs.1898

2024-03-29

PeerJ Computer Science

Abstract:Data privacy is one of the biggest challenges facing system architects at the system design stage. Especially when certain laws, such as the General Data Protection Regulation (GDPR), have to be complied with by cloud environments. In this article, we want to help cloud providers comply with the GDPR by proposing a GDPR-compliant cloud architecture. To do this, we use model-driven engineering techniques to design cloud architecture and analyze cloud interactions. In particular, we develop a complete framework, called MDCT, which includes a Unified Modeling Language profile that allows us to define specific cloud scenarios and profile validation to ensure that certain required properties are met. The validation process is implemented through the Object Constraint Language (OCL) rules, which allow us to describe the constraints in these models. To comply with many GDPR articles, the proposed cloud architecture considers data privacy and data tracking, enabling safe and secure data management and tracking in the context of the cloud. For this purpose, sticky policies associated with the data are incorporated to define permission for third parties to access the data and track instances of data access. As a result, a cloud architecture designed with MDCT contains a set of OCL rules to validate it as a GDPR-compliant cloud architecture. Our tool models key GDPR points such as user consent/withdrawal, the purpose of access, and data transparency and auditing, and considers data privacy and data tracking with the help of sticky policies.

computer science, information systems, artificial intelligence, theory & methods

Damian A. Tamburri

DOI: https://doi.org/10.1016/j.is.2019.101469

IF: 3.18

2020-07-01

Information Systems

Abstract:Data and software are nowadays one and the same: for this very reason, the European Union (EU) and other governments introduce frameworks for data protection — a key example being the General Data Protection Regulation (GDPR). However, GDPR compliance is not straightforward: its text is not written by software or information engineers but rather, by lawyers and policy-makers. As a design aid to information engineers aiming for GDPR compliance, as well as an aid to software users' understanding of the regulation, this article offers a systematic synthesis and discussion of it, distilled by the mathematical analysis method known as Formal Concept Analysis (FCA). By its principles, GDPR is synthesized as a concept lattice, that is, a formal summary of the regulation, featuring 144372 records — its uses are manifold. For example, the lattice captures so-called attribute implications, the implicit logical relations across the regulation, and their intensity. These results can be used as drivers during systems and services (re-)design, development, operation, or information systems' refactoring towards more GDPR consistency.

computer science, information systems

Ze Shi Li,Colin Werner,Neil Ernst,Daniela Damian

DOI: https://doi.org/10.48550/arXiv.2002.06830

2020-02-17

Abstract:The enactment of the General Data Protection Regulation (GDPR) in 2018 forced any organization that collects and/or processes EU-based personal data to comply with stringent privacy regulations. Software organizations have struggled to achieve GDPR compliance both before and after the GDPR deadline. While some studies have relied on surveys or interviews to find general implications of the GDPR, there is a lack of in-depth studies that investigate compliance practices and compliance challenges of software organizations. In particular, there is no information on small and medium enterprises (SMEs), which represent the majority of organizations in the EU, nor on organizations that practice continuous integration. Using design science methodology, we conducted an in-depth study over the span of 20 months regarding GDPR compliance practices and challenges in collaboration with a small, startup organization. We first identified our collaborator's business problems and then iteratively developed two artifacts to address those problems: a set of operationalized GDPR principles, and an automated GDPR tool that tests those GDPR-derived privacy requirements. This design science approach resulted in four implications for research and for practice. For example, our research reveals that GDPR regulations can be partially operationalized and tested through automated means, which improves compliance practices, but more research is needed to create more efficient and effective means to disseminate and manage GDPR knowledge among software developers.

Software Engineering

Naila Azam,Anna Lito Michala,Shuja Ansari,Nguyen Truong

2024-04-22

Abstract:Data-driven applications and services have been increasingly deployed in all aspects of life including healthcare and medical services in which a huge amount of personal data is collected, aggregated, and processed in a centralised server from various sources. As a consequence, preserving the data privacy and security of these applications is of paramount importance. Since May 2018, the new data protection legislation in the EU/UK, namely the General Data Protection Regulation (GDPR), has come into force and this has called for a critical need for modelling compliance with the GDPR's sophisticated requirements. Existing threat modelling techniques are not designed to model GDPR compliance, particularly in a complex system where personal data is collected, processed, manipulated, and shared with third parties. In this paper, we present a novel comprehensive solution for developing a threat modelling technique to address threats of non-compliance and mitigate them by taking GDPR requirements as the baseline and combining them with the existing security and privacy modelling techniques (i.e., \textit{STRIDE} and \textit{LINDDUN}, respectively). For this purpose, we propose a new data flow diagram integrated with the GDPR principles, develop a knowledge base for the non-compliance threats, and leverage an inference engine for reasoning the GDPR non-compliance threats over the knowledge base. Finally, we demonstrate our solution for threats of non-compliance with legal basis and accountability in a telehealth system to show the feasibility and effectiveness of the proposed solution.

Cryptography and Security

David Restrepo Amariles,Aurore Clément Troussel,Rajaa El Hamdani

DOI: https://doi.org/10.48550/arXiv.2012.12718

2020-12-23

Abstract:Most prominent research today addresses compliance with data protection laws through consumer-centric and public-regulatory approaches. We shift this perspective with the Privatech project to focus on corporations and law firms as agents of compliance. To comply with data protection laws, data processors must implement accountability measures to assess and document compliance in relation to both privacy documents and privacy practices. In this paper, we survey, on the one hand, current research on GDPR automation, and on the other hand, the operational challenges corporations face to comply with GDPR, and that may benefit from new forms of automation. We attempt to bridge the gap. We provide a roadmap for compliance assessment and generation by identifying compliance issues, breaking them down into tasks that can be addressed through machine learning and automation, and providing notes about related developments in the Privatech project.

Artificial Intelligence,Machine Learning

Ze Shi Li,Colin Werner,Neil Ernst,Daniela Damian

DOI: https://doi.org/10.1016/j.infsof.2022.106868

IF: 3.9

2022-06-01

Information and Software Technology

Abstract:Context: Complying with privacy regulations has taken on new importance with the introduction of the EU’s General Data Protection Regulation (GDPR) and other privacy regulations. Privacy measures are becoming a paramount requirement demanding software organizations’ attention as recent privacy breaches such as the Capital One data breach affected millions of customers. Software organizations, however, struggle with achieving privacy compliance. In particular, there is a lack of research into the organizational practices and challenges involved in compliance, particularly for small and medium enterprises (SMEs), which represent a sizeable portion of organizations. Many SMEs use a continuous software engineering (CSE) approach, which introduces additional adoption and application challenges. For example, the fast pace of CSE makes it harder for SMEs that are already more resource constrained to prioritize non-functional requirements such as privacy. Objective: This paper aims to fill a gap in the under-researched area of continuous compliance with privacy requirements in practice, by investigating how a continuous practicing SME dealt with GDPR compliance. Method: Using design science, we conducted an in-depth ethnographically informed study over the span of 16 months and iteratively developed two artifacts to help address the organization’s challenges in addressing GDPR compliance. Results: We identified 3 main challenges that our collaborating organization experienced when trying to comply with the GDPR. To help mitigate the challenges, we developed two design science artifacts, which include a list of privacy requirements that operationalized the GDPR principles for automated verification, and an automated testing tool that helps to verify these privacy requirements. We validated these artifacts through close collaboration with our partner organization and applying our artifacts to the partner organization’s system. Conclusions: We conclude with a discussion of opportunities and obstacles in leveraging CSE to achieve continuous compliance with the GDPR. We also highlight the importance of building a shared understanding of privacy non-functional requirements and how risk management plays an important role in an organization’s GDPR compliance.

computer science, information systems, software engineering

Chris Jay Hoofnagle,Bart van der Sloot,Frederik Zuiderveen Borgesius

DOI: https://doi.org/10.1080/13600834.2019.1573501

2019-01-02

Abstract:This paper introduces the strategic approach to regulating personal data and the normative foundations of the European Union’s General Data Protection Regulation (‘GDPR’). We explain the genesis of the GDPR, which is best understood as an extension and refinement of existing requirements imposed by the 1995 Data Protection Directive; describe the GDPR’s approach and provisions; and make predictions about the GDPR’s implications. We also highlight where the GDPR takes a different approach than U.S. privacy law. The GDPR is the most consequential regulatory development in information policy in a generation. The GDPR brings personal data into a detailed regulatory regime, that will influence personal data usage worldwide. Understood properly, the GDPR encourages firms to develop information governance frameworks, to in-house data use, and to keep humans in the loop in decision making. Companies with direct relationships with consumers have strategic advantages under the GDPR, compared to third party advertising firms on the internet. To reach these objectives, the GDPR uses big sticks, structural elements that make proving violations easier, but only a few carrots. The GDPR will complicate and restrain some information-intensive business models. But the GDPR will also enable approaches previously impossible under less-protective approaches.

Jayashree Mohan,Melissa Wasserman,Vijay Chidambaram

DOI: https://doi.org/10.1007/978-3-030-33752-0_6

2019-01-01

Abstract:AbstractWith the arrival of the European Union’s General Data Protection Regulation (GDPR), several companies are making significant changes to their systems to achieve compliance. The changes range from modifying privacy policies to redesigning systems which process personal data. Privacy policy is the main medium of information dissemination between the data controller and the users. This work analyzes the privacy policies of large-scaled cloud services which seek to be GDPR compliant. We show that many services that claim compliance today do not have clear and concise privacy policies. We identify several points in the privacy policies which potentially indicate non-compliance; we term these GDPR dark patterns. We identify GDPR dark patterns in ten large-scale cloud services. Based on our analysis, we propose seven best practices for crafting GDPR privacy policies.

Alastair McCullough

2024-09-22

Abstract:This paper adduces a novel definition of regulatory enterprise information governance as a strategic framework that acts through control mechanisms designed to assure accountability in managing decision rights over information and data assets in organizations. This new pragmatic definition takes the perspectives of both the practitioner and of the scholar. It builds upon earlier definitions to take a novel and more clearly regulatory approach and to synthesize a new definition for such governance; to build out a view of it as a scalable regulatory framework for large or complex organizations that sees governance from this new perspective as a business architecture or target operating model in this increasingly critical domain. The paper supports and enables scholarly consideration and further research. It looks at definitions of information and data; of strategy in relation to information and data; of data management; of enterprise architecture; of governance, and governance as a type of strategic endeavor, and of the nature of strategic and tactical policies and standards that form the basis for such governance.

Databases,Human-Computer Interaction,Software Engineering

Antonio Capodieci,Luca Mainetti,Stefano Lisi,Roberto Paiano,Sara Matino,Mariavittoria Ugirashebuja

DOI: https://doi.org/10.1007/s11042-024-20308-6

IF: 2.577

2024-11-06

Multimedia Tools and Applications

Abstract:The European Parliament adopted the European General Data Protection Regulation (GDPR, EU 2016/679), which revolutionized the legislative framework for personal data protection within the European Union. The GDPR mandates organizations to shift from a passive approach, relying on minimum security measures outlined in the 1994 EU Directive, to a proactive accountability-based approach. Organizations are expected to implement verification systems, foster continuous improvement, and follow principles such as privacy by design and privacy by default. The latter principle emphasizes incorporating privacy considerations throughout the entire engineering process. The challenge for organizations lies in effectively auditing their compliance with the GDPR. This study proposes a structured approach based on the business process modeling to aid in GDPR compliance. It involves identifying crucial compliance points for the GDPR. A case study is presented where the method is applied to a purchase of a health insurance policy process in the context of the Secure Safe Apulia project.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

John KC Kingston

DOI: https://doi.org/10.48550/arXiv.1809.05762

IF: 14.4

2018-09-15

Artificial Intelligence

Abstract:The General Data Protection Regulation (GDPR) is a European Union regulation that will replace the existing Data Protection Directive on 25 May 2018. The most significant change is a huge increase in the maximum fine that can be levied for breaches of the regulation. Yet fewer than half of UK companies are fully aware of GDPR - and a number of those who were preparing for it stopped doing so when the Brexit vote was announced. A last-minute rush to become compliant is therefore expected, and numerous companies are starting to offer advice, checklists and consultancy on how to comply with GDPR. In such an environment, artificial intelligence technologies ought to be able to assist by providing best advice; asking all and only the relevant questions; monitoring activities; and carrying out assessments. The paper considers four areas of GDPR compliance where rule based technologies and/or machine learning techniques may be relevant: * Following compliance checklists and codes of conduct; * Supporting risk assessments; * Complying with the new regulations regarding technologies that perform automatic profiling; * Complying with the new regulations concerning recognising and reporting breaches of security. It concludes that AI technology can support each of these four areas. The requirements that GDPR (or organisations that need to comply with GDPR) state for explanation and justification of reasoning imply that rule-based approaches are likely to be more helpful than machine learning approaches. However, there may be good business reasons to take a different approach in some circumstances.

Sean Sirur,Jason R. C. Nurse,Helena Webb,Jason R.C. Nurse

DOI: https://doi.org/10.48550/arXiv.1808.07338

2018-08-22

Computers and Society

Abstract:The EU General Data Protection Regulation (GDPR), enforced from 25th May 2018, aims to reform how organisations view and control the personal data of private EU citizens. The scope of GDPR is somewhat unprecedented: it regulates every aspect of personal data handling, includes hefty potential penalties for non-compliance, and can prosecute any company in the world that processes EU citizens' data. In this paper, we look behind the scenes to investigate the real challenges faced by organisations in engaging with the GDPR. This considers issues in working with the regulation, the implementation process, and how compliance is verified. Our research approach relies on literature but, more importantly, draws on detailed interviews with several organisations. Key findings include the fact that large organisations generally found GDPR compliance to be reasonable and doable. The same was found for small-to-medium organisations (SMEs/SMBs) that were highly security-oriented. SMEs with less focus on data protection struggled to make what they felt was a satisfactory attempt at compliance. The main issues faced in their compliance attempts emerged from: the sheer breadth of the regulation; questions around how to enact the qualitative recommendations of the regulation; and the need to map out the entirety of their complex data networks.

Miguel AP Oliveira,Stephane Manara,Bruno Molé,Thomas Muller,Aurélien Guillouche,Lysann Hesske,Bruce Jordan,Gilles Hubert,Chinmay Kulkarni,Pralipta Jagdev,Cedric R. Berger

2023-11-24

Abstract:Individuals and organizations cope with an always-growing amount of data, which is heterogeneous in its contents and formats. An adequate data management process yielding data quality and control over its lifecycle is a prerequisite to getting value out of this data and minimizing inherent risks related to multiple usages. Common data governance frameworks rely on people, policies, and processes that fall short of the overwhelming complexity of data. Yet, harnessing this complexity is necessary to achieve high-quality standards. The latter will condition any downstream data usage outcome, including generative artificial intelligence trained on this data. In this paper, we report our concrete experience establishing a simple, cost-efficient framework that enables metadata-driven, agile and (semi-)automated data governance (i.e. Data Governance 4.0). We explain how we implement and use this framework to integrate 25 years of clinical study data at an enterprise scale in a fully productive environment. The framework encompasses both methodologies and technologies leveraging semantic web principles. We built a knowledge graph describing avatars of data assets in their business context, including governance principles. Multiple ontologies articulated by an enterprise upper ontology enable key governance actions such as FAIRification, lifecycle management, definition of roles and responsibilities, lineage across transformations and provenance from source systems. This metadata model is the keystone to data governance 4.0: a semi-automatised data management process that considers the business context in an agile manner to adapt governance constraints to each use case and dynamically tune it based on business changes.

Artificial Intelligence,Information Retrieval

Gaëlle Kermorgant,Michèle Guilbot

DOI: https://doi.org/10.1007/978-3-030-14156-1_22

2019-01-01

Abstract:The General Data Protection Regulation (GDPR) is in force since May 25 2018. This has an important impact on the design and development of new technologies based on exploitation of data, in particular private data. Not complying with the requirements can have high financial consequences up to 4% of the worldwide turnover of a company as a fine. At first glance, GDPR seems to be a constraint. However the, this regulation offers also the opportunity to develop new services based on big data processing and become competitive in a domain, which is considered being the petroleum of the 21st century. The paper describes the impact and opportunities of the GDPR on the Internet of things (IoT) and connected cars by highlighting two examples:the first aims at improving road safety by calculating a risk factor based on analysis of driver behaviour, data collection and artificial intelligencethe second aims at improving road infrastructure by detecting road deficiencies or risk zone through in car data collection.

Paulius Jurcys,Marcelo Corrales Compagnucci,Mark Fenwick

2024-07-30

Abstract:The General Data Protection Regulation contains a blanket prohibition on the transfer of personal data outside of the European Economic Area unless strict requirements are met. The rationale for this provision is to protect personal data and data subject rights by restricting data transfers to countries that may not have the same level of protection as the EEA. However, the ubiquitous and permeable character of new technologies such as cloud computing, and the increased inter connectivity between societies, has made international data transfers the norm and not the exception. The Schrems II case and subsequent regulatory developments have further raised the bar for companies to comply with complex and, often, opaque rules. Many firms are, therefore, pursuing technology-based solutions in order to mitigate this new legal risk. These emerging technological alternatives reduce the need for open-ended cross-border transfers and the practical challenges and legal risk that such transfers create after Schrems. This article examines one such alternative, namely a user-held data model. This approach takes advantage of personal data clouds that allows data subjects to store their data locally and in a more decentralised manner, thus decreasing the need for cross-border transfers and offering end-users the possibility of greater control over their data.

Computers and Society

Nadzeya Kiyavitskaya,Nicola Zeni,Travis D. Breaux,Annie I. Antón,James R. Cordy,Luisa Mich,John Mylopoulos

DOI: https://doi.org/10.1007/978-3-540-87877-3_13

2008-01-01

Abstract:Government regulations are increasingly affecting the security, privacy and governance of information systems in the United States, Europe and elsewhere. Consequently, companies and software developers are required to ensure that their software systems comply with relevant regulations, either through design or re-engineering. We previously proposed a methodology for extracting stakeholder requirements, called rights and obligations, from regulations. In this paper, we examine the challenges to developing tool support for this methodology using the Cerno framework for textual semantic annotation. We present the results from two empirical evaluations of a tool called “Gaius T.” that is implemented using the Cerno framework and that extracts a conceptual model from regulatory texts. The evaluation, carried out on the U.S. HIPAA Privacy Rule and the Italian accessibility law, measures the quality of the produced models and the tool’s effectiveness in reducing the human effort to derive requirements from regulations.

Christophe Ponsard

DOI: https://doi.org/10.48550/arXiv.2204.06226

2022-04-13

Software Engineering

Abstract:Enterprise Architecture (EA) help companies to keep the evolution of their IT architecture aligned with their business evolution using a set of complementary models ranging from vision to infrastructure. In this paper, we explore how such models can be exploited to best drive this co-evolution by helping in validating different change management strategies. Considering state of the art techniques in service oriented and Cloud architecture, we propose to enrich and improve the quality of the information about the applications and software components on various qualities (e.g. performance, scalability, security, technical debt) in order to include them in the assessment process already at the Enterprise Architecture level rather than discovering them later in the change implementation phase. Our work is experimented on the LabNaf EA framework and is illustrated on a partial case study taken from an industrial project.

Yan Cheng,Xinguo Zhang,Lefei Li

DOI: https://doi.org/10.1007/978-3-030-73539-5_32

2021-01-01

Abstract:This paper analyzes the inter-relationship between the main methods in management practice, and points out that the design and optimization from enterprise architecture to business process are the core process by which an organization make its strategic requirements translated into actions. The continuous enterprise governance can also be seen as the process of collaborative promotion from enterprise architecture (EA) governance to business process management (BPM) with various local management tools and methods. The paper discusses the enterprise global modeling approach with EA model and business process model, that is, establishing the model element specification for associativity from architecture to process alignment, standardizing the unified description of all kinds of management objects and methods, and realizing the continuity modeling of the whole process from abstract strategy to business operation.

Niels Vandevenne,Jonas Van Riel,Geert Poels,Vandevenne,Van Riel,Poels

DOI: https://doi.org/10.3390/su151914342

IF: 3.9

2023-09-28

Sustainability

Abstract:Digital Transformations (DT) play an increasingly important role in academia and business, yet their significant Environmental Footprint (EF) is often overlooked, sidelining their potential for Environmental Sustainability (ES). This paper bridges this gap by integrating ES into the discourse of DT, proposing Green Enterprise Architecture (GREAN) as a method for sustainable transformation. Utilizing a Design Science Research approach, we developed an artefact outlining a comprehensive strategy for embedding ES in DT across various layers of an organization. The tool's need was validated via a systematic literature review (SLR), highlighting the significant research gap in Green Enterprise Architecture. The artefact provides concrete Courses of Action (CoAs) for incorporating ES into the organizational strategy, business, data, application, and technology layers and proposes relevant capabilities to address this. The paper further presents an ES-aware business capability modelling, an innovative business modelling approach that integrates environmental sustainability principles by using (in a novel way) the presentation and analysis methods that capability mapping offers. The proposed artefact serves as a starting point for environmentally sustainable DTs. Future research directions include in-depth exploration of each enterprise layer for ES, real-world validation of our proposed tools and concepts, and the expansion of these into a full framework.

environmental sciences,environmental studies,green & sustainable science & technology