Formal models for consent-based privacy

Abstract

The General Data Protection Regulation (GDPR) has changed the way businesses handle personal data. The GDPR is a set of conditions within the European Union (EU) law on data protection and privacy. The law requires software systems that store and manage personal data to use only the necessary information (‘data minimization’) and manage the information fairly and appropriately (‘lawfulness, fairness and transparency’). Furthermore, personal data that can lead to direct or indirect identification must be kept safe. Therefore, the risk management of personal data within software mainly depends on the developers' experience. The consent under the GDPR is an agreement between organizations (‘data controllers’) and individuals (‘data subjects’), which provides provisions for protecting personal data. The data controller must gain explicit consent from the data subject before collecting and processing the data. Hence, consent management is an essential component of a software system. This research proposes a set of formal models for consent management that take Privacy by Design (PbD) into account. We used the Event-B method to formalize the proposed models close to a real system. The Rodin platform proved each Event-B model to be corrected and deadlock-free. We also described how developers could transform Event-B models into the actual codes and demonstrated this result by mapping Event-B models into class diagrams. The proposed models meet consent compliance and privacy awareness requirements. In particular, the models cover certain aspects of privacy, including managing the consent of data subjects and controlling authorized access based on the data subject's consent.