Guidelines for GDPR compliance in Big Data systems

Abstract

The implementation of the GDPR that aims at protecting European citizens’ privacy is still a real challenge. In particular, in Big Data systems where data are voluminous and heterogeneous, it is hard to track data evolution through its complex life cycle ranging from collection, ingestion, storage and analytics. In this context, from 2016 to 2021 research has been conducted and several security tools designed. However, they are either specific to particular applications or address partially the regulation articles. To identify the covered parts, the missed ones and the necessary metrics for comparing different works, we propose a framework for GDPR compliance. The framework identifies the main components for the regulation implementation by mapping requirements aligned with GDPR’s provisions to IT design requirements. Based on this framework, we compare the main GDPR solutions in the Big Data domain and we propose a guideline for GDPR verification and implementation in Big Data systems.