Abstract

Privacy is one of the major concerns of data protection where personal data of individuals are used by enterprises for providing services. To ensure the rights of citizens, different legal authorities, including European Union, have made it mandatory for enterprises to implement certain privacy principles. An enterprise may also have its own set of privacy principles that help provide customized privacy experience to its customers, with the motive of retaining its customer base and weaning away customers from its competitors. To ensure privacy compliance with legal policies, enterprise privacy principles and expectations of customers, the system design should consider the privacy requirements emanating from all these sources. However, the requirements are often expressed in natural languages, which are difficult to interpret for system designers. In this paper, a logic-based methodology is proposed to formally express privacy requirements emanating from all three different sources. The methodology also includes an algorithm to identify and resolve conflicts among elicited privacy requirements. The proposed approach can be considered as the first step towards ensuring privacy compliance. This would help an enterprise to identify conflicting privacy requirements, resolve conflicts as per pre-defined rules and identify implementable privacy principles to enable the management of privacy compliance.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.