Conference PaperPDF Available

Privacy by Design to Comply with GDPR: A Review on Third-Party Data Processors

Authors:
Christian Kurtz at Hamburg University
Christian Kurtz
Martin Semmann
Martin Semmann
Martin Semmann
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Tilo Böhmann at Hamburg University
Tilo Böhmann
Download full-text PDF
Read full-text
Download citation

Abstract

As the General Data Protection Regulation (GDPR) within the European Union comes into effect, organizations need to cope with novel legal requirements regarding the processing of user data and particularly how other, in the service integrated, organizations can process these. Information systems (IS) and their design as mashing up services of various providers (ecosystems) is state of practice. The GDPR raises for companies the question of how they can ensure that operations conform with external data processors according to the regulation. The approach of Privacy by Design (PbD), which is also included in the GDPR, offers for organizations a way to operationalize these legal requirements. Therefore, we conduct the first, rigorous, and systematic literature review of PbD. Specifically, we focus on works that seek implementation of PbD in organizations, located in ecosystems. The results show a surprising dearth of research in this field, although GDPR explicitly emphasizes this critical issue.
Content uploaded by Christian Kurtz
Author content
All content in this area was uploaded by Christian Kurtz on Mar 05, 2025
Content may be subject to copyright.
Privacy by Design to Comply with GDPR
Twenty-fourth Americas Conference on Information Systems, New Orleans, 2018
1
Privacy by Design to Comply with GDPR: A
Review on Third-Party Data Processors
Completed Research
Christian Kurtz
University of Hamburg
christian.kurtz@uni-hamburg.de
Martin Semmann
University of Hamburg
martin.semmann@uni-hamburg.de
Tilo Böhmann
University of Hamburg
tilo.boehmann@uni-hamburg.de
Abstract
As the General Data Protection Regulation (GDPR) within the European Union comes into effect,
organizations need to cope with novel legal requirements regarding the processing of user data and
particularly how other, in the service integrated, organizations can process these. Information systems (IS)
and their design as mashing up services of various providers (ecosystems) is state of practice. The GDPR
raises for companies the question of how they can ensure that operations conform with external data
processors according to the regulation. The approach of Privacy by Design (PbD), which is also included in
the GDPR, offers for organizations a way to operationalize these legal requirements. Therefore, we conduct
the first, rigorous, and systematic literature review of PbD. Specifically, we focus on works that seek
implementation of PbD in organizations, located in ecosystems. The results show a surprising dearth of
research in this field, although GDPR explicitly emphasizes this critical issue.
Keywords
Privacy by Design, Literature Review, Ecosystem, General Data Protection Regulation.
Introduction
The GDPR, enforced in May 2018, is a regulation on data protection in the European Union. The regulation
serves for the protection of the human right to privacy in the digital world. The accumulation of numerous
data about an individual and the resultant data processing can have negative consequences on individual
privacy. Therefore, the new regulation aims to protect data in order to protect privacy (Danezis et al. 2015).
The GDPR integrates the concept “Data protection by design and by default” (Regulation 2016, Chapter 4
Article 25). In this article, it is stated that the data controller must implement in the context and within the
given conditions technical and organizational measures for data regulation by default. The pre-existing
approach of PbD points out that privacy should be a proactively paramount consideration at the design
stage of IS (Cavoukian 2009). Using this approach, the goal can be achieved of protecting users’ privacy.
The framework of PbD suggests that such an approach can be subdivided more specifically. Basically, it
proposes the following seven foundational principles (Cavoukian 2009):
1. Proactive not Reactive; Preventative not Remedial: By proactively adopting strong privacy practices,
events which have an invasive effect on privacy are anticipated and prevented.
2. Privacy as the Default Setting: Personal information is by default protected without the need for the user
to take any action. The fair information practices Purpose Specification, Collection Limitation,
Data Minimization, and Use, Retention and Disclosure Limitation are taken into account.
3. Privacy Embedded into Design: Privacy is considered in the design and architecture of IT systems and
business practices as a core functionality. It should be embedded holistically in terms of considering the
context, integrative as respecting all stakeholders, and creative as re-defining previous designs.
Privacy by Design to Comply with GDPR
Twenty-fourth Americas Conference on Information Systems, New Orleans, 2018
2
4. Full Functionality Positive-Sum, not Zero-Sum: All legitimate objectives of an organization are achieved
with full functionality. A multi-functional solution is investigated where no trade-off is performed to the
detriment of privacy.
5. End-to-End Security Full Lifecycle Protection: Strong security actions are taken throughout the entire
lifecycle. The management of personal information and included principles are carried out, such as
destroying data at regular intervals.
6. Visibility and Transparency Keep it Open: All stakeholders in business practices and technologies
operating according the promises and objectives. For this, visibility and transparency are needed for
establishing accountability and trust. In this principle, the three fair information practices
Accountability, Openness, and Compliance are considered.
7. Respect for the User Keep it User Centric: The design should always consider the interests and needs of
users. This principle implies the four fair information practices: Consent users’ consent regarding
collection, usage, and disclosure of personal information; Accuracy the need for complete, correct,
and actual personal information; Access providing user access to their data; and Compliance
interpreted as organizations having to take actions and communicating them regarding users’ privacy.
Taking these principles into account, the approach of PbD (Cavoukian 2009) has already been used as a
method to implement privacy in organizational actions. Thus, the concept was already in place before the
GDPR came into force. As described above, “Data protection by design and by default” (Regulation 2016,
Chapter 4 Article 25) is now legally binding. Therefore, this review aims to examine the state of
implementation of PbD because it is a way to operationalize the legislation (Regulation 2016, Chapter 4
Article 25). Another aspect of data regulation in the GDPR is to regulate data processing (Regulation 2016,
Chapter 4 Article 28). It is specified that organizations bear responsibility with regard to actions taken by
“processors”. These can be both internal and external actors of an organization who process data
(Regulation 2016, Chapter 1 Article 4). This regulation is important for organizations because the ongoing
dissemination of interconnected service systems contain several organizations in the value chain in terms
of ecosystems (Ostrom et al. 2015; Peters et al. 2016). Also, research on service has shifted from focusing
on single services towards systems of services (Spohrer et al. 2007, Vargo and Lusch 2011, Chandler and
Lusch 2015, Bhmann et al. 2014). This systemic ecosystem perspective implies a dynamic configuration
across multiple actors that jointly integrate resources to create value for the beneficiary (Lusch and Vargo
2014). Due to these structures, there is a need for solutions and ways that companies can ensure that the
embedded, external data processors act according the GDPR. In this article, we aim to determine whether
the above-mentioned PbD principles have been a guidance so far for organizations. Therefore, we conduct
the first, rigorous and systematic literature review of the application of PbD, where we focus on studies that
seek implementation of PbD in organizations. In doing so, we concentrate on Principle 6 of the PbD
framework. This principle calls for all stakeholders, whether internal or external, to act in accordance with
the framework of PbD. This is in line with our focus on the regulation regarding data processors (Regulation
2016, Chapter 1 Article 4). In this respect, the introduction is followed by the data collection section. In this
passage, the characteristics of this literature review are specified, followed by the data analysis. Building on
the findings, we analyze the literature with a focus on Principle 6 of PbD regarding the handling of data
processors. It is followed by a discussion where a research agenda is derived. The paper finishes with a
conclusion and aspects for future research.
Data Collection
In this paper, we explore the articles on PbD (Cavoukian 2009) with the focus placed on studies which deal
with the implementation of Principle 6. We aim to inform researchers about the current state of existing
PbD studies by following a rigorous review process (Vom Brocke et al. 2009; Webster and Watson 2002).
In Table 1, the characteristics of this literature review are highlighted: The focus (1) lies on the research
outcomes and applications in the context of PbD with the goal (2) to clarify central issues which have been
worked on so far. A conceptual and methodological organization (3) is chosen to cluster works that relate
to the touch points in the ecosystem. We take up an espousal position (4) which is reasoned because the
purpose is to summarize the studies and also to synthesize the research outcomes. Our review and findings
address the entire IS community (5) but also researchers of other fields, bridging the gap between
philosophers, lawyers, and IT researchers results in interdisciplinary work. Furthermore, practitioners in
Privacy by Design to Comply with GDPR
Twenty-fourth Americas Conference on Information Systems, New Orleans, 2018
3
terms of organizations are also addressed. The level of coverage (6) is exhaustive with selective citations,
considering relevant sources regarding PbD but describing only one sample.
Characteristics
Categories
(1) focus
research methods
theories
applications
(2) goal
integration
criticism
central issues
(3) organization
historical
conceptual
methodological
(4) perspective
neutral representation
espousal of position
(5) audience
general scholars
practitioners/
politicians
General public
(6) coverage
exhaustive and selective
representative
central/ pivotal
Table 1. Taxonomy of the literature review (following Cooper (1988, p. 109))
To explore the state of research regarding PbD, we conducted an in-depth review of the literature in several
stages. We constructed a rigorous literature review in five steps:
1. We identified the databases ACM Digital Library, AISeL, EBSCO Business Source Complete, EBSCO
EconLit, IEEEXplore, ProQuest, and ScienceDirect. With the selection of these databases, we covered a
broad set of research areas.
2. In the search terms, the concept of PbD is considered. The method of “privacy enhancing technologies” is
not considered as a keyword - it deals with the technical method of implementing privacy (Koops and
Leenes 2014). The method of “Privacy Impact Assessments” for evaluating the effects of a project on
privacy is also not used as a keyword (Kung et al. 2015; Wright and De Hert 2012). Overall, PbD stretches
the frame across them due to the application in technologies, architectures, business operations, and
networked information ecosystems (Cavoukian 2009).
3. The identified databases have been queried on the basis of a search. All articles were scanned, which take
the search term “Privacy by Design” into account in the title, abstract or keywords. In addition, peer-
reviewed articles should be considered already as high-quality classified which was not possible for three
databases. Table 2 shows the number of articles per database that have resulted.
Database
ACM Digital
Library
AISeL
EBSCO Business
Source Complete
EBSCO
EconLit
IEEE
Xplore
ProQuest
Science
Direct
Peer
Reviewed
No
Yes
Yes
Yes
No
Yes
No
Hits
39
2
48
5
74
38
20
Table 2. Articles per Database
4. The next step included delete duplicate articles, which resulted in 188 articles being reviewed (Table 3).
5. The 188 articles were checked in the title, abstract, keywords, as well as for whether the concept of PbD
(Cavoukian 2009) was taken into account. The articles that were only descriptive regarding the concept
and take no form of implementation into account, were removed. This resulted in 96 studies (Table 3).
Hits
To review
Reviewed (Full-Paper)
To analyze
226
188
96
39
Table 3. Selection Process
6. Out of the 96 articles, a deeper analysis was carried out where the entire article was checked. In addition,
the articles from which another picture existed after determining that the title, abstract, and keywords
were removed. This removal process also included works which only incidentally dealt with the concept
in the article. Also, papers were excluded which indicated that they considered PbD, however focused on
Security by Design. Furthermore, studies were sorted with respect to unsuitable format (e.g. one-sided or
workshop descriptions). In this literature review a backward and forward search was not carried out due
to the fact that the focus was on articles which emphasize designing or implementing PbD artifacts. After
completion of the above selection procedures, 39 articles remained (Table 3) which are analyzed below.
Privacy by Design to Comply with GDPR
Twenty-fourth Americas Conference on Information Systems, New Orleans, 2018
4
Data Analysis
Based on the papers identified as relevant, we conducted a thorough analysis. We applied four categories
to differentiate the 39 papers. First, the sector was taken into account. We identified the sectors
Advertising, Health, Infrastructure, Security, Social, and Transport. Furthermore, the category
Multiple is assigned if more than one sector is considered in the article. Moreover, studies which
considered no sector are assigned to the category General. Second, the research background which the
authors refer to is presented. This classification is divided into the categories Application and Platform
Design, Application Design, Architecture Design, Platform Design, Service Design, Software
Development, Software Engineering, System Design, and Technology. The category “Technology”
contains the articles which do not consider the implementation from a technical, computer science point of
view, but rather from a social or legal viewpoint. The third category represents the artifacts developed
within the papers. In doing so, we refer to the common categories of artifacts in designing science research
(March and Smith 1995): Concept (Con.), Model (Mod.), Method (Met.), and Instantiation (Ins.).
Article
Sector
Artifact
Coverage Principle 6
Con.
Mod.
Met.
Ins.
PI
OS
DD
De
Ev
Aïvodji et al. (2016)
Transport
X
Bier and Krempel (2012)
Multiple
X
X
Caiza et al. (2017)
General
X
X
Callegati et al. (2015)
Transport
X
X
Cavoukian et al. (2012)
Security
X
X
X
X
X
Cavoukian and Kursawe (2012)
Infrast.
X
X
X
X
Colesky et al. (2016)
General
X
X
X
X
Degeling et al. (2016)
General
X
X
Diamantopoulou et al. (2017)
General
X
X
X
X
Diver and Schafer (2017)
General
X
Hartzog and Stutzman (2013)
Social
X
X
X
Jaime et al. (2015)
Security
X
X
X
Jutla et al. (2013)
General
X
X
X
X
Jutla and Bodorik (2015)
General
X
X
X
X
X
Kroener and Wright (2014)
General
X
X
Kung et al. (2011)
Transport
X
X
Kung et al. (2015)
Security
X
X
X
Liegl et al. (2016)
Infrast.
X
X
X
X
Martín et al. (2014)
General
X
X
Métayer (2013)
Transport
X
Milutinovic and De Decker (2016)
Health
X
X
X
Mohammad et al. (2015)
Infrast.
X
Morizio (2016)
General
X
Morton and Sasse (2012)
General
X
X
X
X
Nordgren (2015)
Health
X
X
Notario et al. (2015)
General
X
X
X
O’Connor et al. (2017)
Health
X
X
X
Perera et al. (2016)
General
X
X
X
X
Popescu and Baruh (2013)
Advertising
X
X
X
Romanou (2017)
Multiple
X
X
X
Rowan and Dehlinger (2014)
General
X
X
X
Rubinstein and Good (2013)
Multiple
X
X
X
Schoonmaker (2016)
Transport
X
X
Siljee (2015)
General
X
X
Sun et al. (2013)
Transport
X
X
X
Vallez et al. (2017)
Social
X
Van Der Sype and Maalej (2014)
General
X
X
X
van Lieshout et al. (2011)
Infrast.
X
X
Ye et al. (2014)
Social
X
Table 4. Categorization of relevant articles
An article could include more than just one artifact. The fourth classification determines how the above-
Privacy by Design to Comply with GDPR
Twenty-fourth Americas Conference on Information Systems, New Orleans, 2018
5
mentioned sixth principle, respectively the data processing of third parties, is considered in an article. For
identifying the categories, we take the Design Science Research Methodology Process Model into account
(Peffers et al. 2007). Here, five of the six common design process elements (excluding “Communication”)
are regarded as a possibility to determine the consideration dealing with third parties in an article. The first
category “Problem Identification (PI)” points out if in articles an awareness in respect of operating with
third parties is mentioned. The second category “Objectives of a Solution (OS)” is assigned when authors
derive requirements for the integration of data processors in their study. An article belongs to the third
category “Design and Development (DD)” when the requirements are modeled and developed in the form
of, for example, system design or software development. The fourth category “Demonstration (De)”
represents that in an implementation, the handling to data processors is regulated. This can be done by a
proof of concept or a demonstrating a prototype. The fifth category “Evaluation (Ev)” is allocated to an
article if the regulated interaction with third parties is implemented in a continuous real scenario.
In the following, we will provide an overview of the articles, their classifications, and connections between
them (see Table 4). First, we delve into the sectors of the articles to analyze which are covered. It is
noticeable that 16 articles are classified as not sector specific (General). In contrast to this, the other
articles take different sectors into account, including sector-specific requirements. This is necessary
because no one PbD artefact fits all sectors solutions. Three of the articles consider several sectors. In total,
the coverage of sectors is very specific and areas such as insurance are not covered by the 39 articles at all.
Thus, because GDPR is independent from sectors, general approaches seem worthwhile developing.
The second classification indicates what type of artifact respectively has been covered in an article. The
majority of papers 26 of the 39 propose at least two artefacts. It should also be noted that 14 studies
include instantiations in the form of, for example, proof of concepts or prototypes. Unsurprisingly, none of
the papers propose concepts, because PbD is considered as a guiding concept in the papers. Nevertheless,
this shows that no further conceptual development has taken place since the initial publication of PbD.
We analyzed the coverage of principle 6 as the responsibility for actions taken by third parties, referred to
in the GDPR as data processors, in the last category. Surprisingly, 13 papers do not take third parties into
account and instead focus solely on internal stakeholders. Because the aim of this research is to explicitly
focus on design-oriented research, DSRM helps to identify to what extent the papers contribute to research
on PbD. The results show that 16 papers address the issue of data processing by third parties as relevant
and potentially impacting privacy. An additional 12 papers extend this problem and derive requirements
on how to deal with third parties as data processors. None of the existing research efforts currently go
beyond these requirements. Consequently, no artifacts resulting in a design and development phase are
proposed, nor are demonstrations or structured evaluations.
Based on this initial analysis, we further analyzed all papers that explicitly dealt with the problem
identification (Table 5) as well as objectives of a solution (Table 6) for third-party data processors. The
articles which relate to Problem Identification mainly involve the research background Technology (8
of 14). The reason for this is that the category Technology represents the above-mentioned social or legal
viewpoint of the studies, where the focus is not on specific technical implementation. Due to this focus, the
classification of the articles within the DSRM process do not go beyond the problem identification. Overall,
it can be said that the listed articles give mainly an indication that the interaction with third parties should
be regulated without adding more details on how such regulation should be implemented (Table 5).
Article
Research
Background
Problem Identification regarding Principle 6
Hartzog and
Stutzman (2013)
Technology
Design of four principles for protecting online information, the problem of third
party requests in the context of social technologies are mentioned
Kroener and Wright
(2014)
Software
Engineering
Addressing of implementation guidelines for software engineers in which the
accountability of third parties has to be regarded
Kung et al. (2011)
Application Design
Examination of three principles within the PbD concept in the context of intelligent
transport service applications; transparency mechanisms for handling third parties
Kung et al. (2015)
System Design
Development of a surveillance system with several third parties, requirement is
raised that certifiers to proof third parties and their data protection mechanisms
Liegl et al. (2016)
Technology
Approaches for ethical, legal, and social issues in information technology are
addressed in a case study, call for considering third parties in this context
Milutinovic and De
Decker (2016)
System Design
System proposal in eHealth sector, third parties are included in the system design
Morton and Sasse
(2012)
Technology
Framework of activities for effective privacy practice, problem identification
regarding the transfer of customer information to third parties without permission
Privacy by Design to Comply with GDPR
Twenty-fourth Americas Conference on Information Systems, New Orleans, 2018
6
Nordgren (2015)
Technology
Analysis and discussion of ethical implications in personal health monitoring,
transmission of data to third parties is addressed as critical
Popescu and Baruh
(2013)
Technology
Description of two privacy-aware proposals advancing the mobile marketing
ecosystem, consideration of third parties processing user data
Romanou (2017)
Technology
Demonstration of the need to implement the PBD concept, problem of third parties
respectively in the industry of data selling is depicted
Rubinstein and
Good (2013)
Technology
Derivation and illustration of several privacy principles, modular software which
originates a variety of third parties is criticized
Schoonmaker (2016)
Technology
Assessment to the area of autonomous vehicles, problem of third parties is indicated
who collect and use data in the context of location-based services
Siljee (2015)
Software
Engineering
Examination of two privacy transparency patterns, possibility to depict in these
patterns third parties and which data they process
van Lieshout et al.
(2011)
System Design
Conducting a case study to explore the potential impact of PbD. The authors name
third-party services as potential privacy risks
Table 5. Problems identified regarding principle 6
The articles which contain Objectives of a Solution go one step further in the design process than the
articles in the category Problem Identification mentioned in the above section. These articles take into
account the identification of practical objectives and requirements that must be met (Table 6). However,
several requirements are named that correspond to the fact that several objectives can be derived from the
seven principles of PbD. It becomes apparent that solely one paper focuses on the consequences for the
protection of users' data when implementing third parties in software development (Van Der Sype and
Maalej 2014). All other papers tackle the issue of third parties besides general design of systems.
Accordingly, derived requirements do not extensively cover privacy issues.
Article
Research
Background
Objectives of a Solution regarding Principle 6
Cavoukian et al.
(2012)
System Design
Design of a biometric encryption system, description of a control which enables the
anonymity of users in the context of data processing in third-party databases
Cavoukian and
Kursawe (2012)
System Design
Requirements in the case of smart meters are presented, objectives how to handle
third parties are derived
Colesky et al. (2016)
Software
Engineering
Exploration of PbD strategies, strategies describe the handling of third-party
organizations implemented in systems
Diamantopoulou et
al. (2017)
System Design
Proposal and Description of privacy process patterns, requirements regarding third
parties are derived in these patterns (e.g. unlinkability and undetectability)
Jaime et al. (2015)
System Design
Design of a privacy-aware surveillance system, access limitation and disclosure of
data to third parties are listed as requirements for the system design
Jutla et al. (2013)
Application
Design
Description of privacy extensions for visualizing privacy requirements, requirement
is listed to identify and to handle third parties
Jutla and Bodorik
(2015)
Architecture
Design
Description of a privacy architecture, techniques are listed and examined for
preventing third-party injection
Notario et al. (2015)
System Design
Examination of a methodology for privacy engineering, risk-based privacy analysis,
impact assessment as solution to create transparency with regard to third-party risks
O’Connor et al.
(2017)
Technology
Practical approaches for designing IoT technologies within the health domain,
appointment of a user agreement requirement to provide third parties with user data
Perera et al. (2016)
Application and
Platform Design
Set of guidelines to assess privacy capabilities and gaps of IoT app. are proposed,
problem claims that third parties can combine personal details through the
aggregation from multiple sources - objectives of a solution are as a guideline derived
Rowan and
Dehlinger (2014)
Software
Development
Overview of the tool for the privacy policy auto-generation, data collection, and
procedures in the interplay with third parties are included
Van Der Sype and
Maalej (2014)
Software
Development
Derivation of requirements and guidelines for app developers on how to contribute
to the protection of users, examination with focus on implementation of third parties
Table 6. Objectives of solutions regarding principle 6
By taking the other classifications in the context of the coverage of principle 6, different findings are
examined. In the classification of sectors, it is evident that in all mentioned sectors, the category “Problem
Identification”. Thus, in all mentioned sectors exist the relevance of solutions taking third parties into
account. There are two findings in the classification of the research focus regarding the regulation of third-
party processing. First, nine articles which have the research focus “Technology” cover principle 6. More
precisely, eight of them are categorized as articles which respond to the “Problem Identification”. This
means that the articles which have the research focus “Technology” are rather descriptive works, which can
be assigned less to the implementation and realization in computer science. Furthermore, articles with the
focus “Service Design” or “Platform Design” do not cover the handling regarding third parties at all.
Privacy by Design to Comply with GDPR
Twenty-fourth Americas Conference on Information Systems, New Orleans, 2018
7
Discussion
At the beginning of this article, we discussed the GDPR with which the goal is to be achieved to protect
privacy in the form of data regulation. In the main focus of our review stands the involvement of external
data processors in organizations. The question was whether the above-mentioned principles of PbD,
particularly in consideration of principle 6, have been an operational guidance so far for companies? An
effort was made to answer this question with the help of the Design Science Research Methodology Process
Model. According the results of the analysis, none of the reviewed articles go beyond the second process
step "Objectives of a Solution (OS)". This means that the process steps “Design and Development”,
“Demonstration”, or “Evaluation” have not yet been covered. Thus, based on the PbD approach exist no
studies which implement handling third parties on an advanced level. This is a critical point because
regulations for data protection by design and by default in combination with the responsibility of
organizations for actions taken by data processors in the GDPR will enter into force in May 2018.
Furthermore, by analyzing the articles, further shortcomings become apparent. Thus, we derive a research
agenda to examine ways for organizations to be compliant with the requirements raised by GDPR.
Research Agenda
I. Consolidate research perspective to establish common foundations for Privacy by Design
II. Derive and validate core requirements for Privacy by Design to comply with GDPR
III. Expand design science research efforts beyond derivation of requirements
IV. Develop concepts to ensure transparency in and between organizations
V. Develop benchmarking for the evaluation of data processors
VI. Develop decision support tools to enable developers to carefully decide on integrating data processors
in the form of third parties and resulting consequences regarding to be compliant with the GDPR
Table 7. Research agenda for the implementation of PbD regarding data processors
As the analysis shows, the issue of PbD is relevant to a broad range of disciplines and research traditions.
These efforts are right now unconnected and do not develop a consolidated research perspective. Thus, an
initial focus of research on the issue of data processing in ecosystems should seek to consolidate the
different research streams to establish a common foundation (I). Moreover, as the analysis shows, only few
papers focus on third parties but rather tackle this facet incidentally. A focused approach should seek to
reflect on requirements derived to propose a comprehensive set of requirements to ensure compliance with
GDPR (II). At the beginning, we pointed out the relevance of the regulation due to existing organizational
structures where data processors are common. The review clearly shows that so far, no solutions have been
offered on how companies should handle PbD dealing with data processors. Thirteen studies do not address
the handling regarding third parties at all. The lack of feasible, accepted designs and implementations for
dealing with third parties is a major research gap that this review reveals. The studies published are
fragmented and are still at the beginning regarding the handling of third parties. Practical solutions and
evaluations are not yet available at all. Consequently, future research should seek to expand design-oriented
research beyond deriving requirements to design actual solutions that can be validated and evaluated (III).
Such efforts could, for example, lead to concepts that ensure transparency (IV) within and between
organizations. Due to modular structures, these data processing services can be integrated rather simply.
At this point, organizations which must comply with the GDPR should be aware of how users data is treated
by implemented services. Building on this aspect, a privacy-related benchmarking (V) of third parties could
lead to more sound decisions on the application of third parties. Based on the afore-mentioned potential
research directions, an integrated perspective could lead to decision support for organizations (VI) from a
strategic as well as operational level on the integration of third parties. Such a tool could guide design
decisions by explicating consequences and GDPR compliance. The development of such a tool thus needs
to be based on the prior research steps, to ensure appropriateness and usefulness.
Conclusion and Future Research
PbD can have different entry points for embedding privacy, in terms of GDPR embedding “data protection
by design and by default”, in systems, technologies, and organizations. Various studies have been published
which have taken the technical implementation of PbD into account. However, privacy in the entire
Privacy by Design to Comply with GDPR
Twenty-fourth Americas Conference on Information Systems, New Orleans, 2018
8
organization must be considered. In doing so, privacy must be a basic value that is anchored in an
organization's mission statement, similar to the value of sustainability. This corresponds to the call that was
made in the specification of the PbD concept as “[p]rivacy must be incorporated into networked data
systems and technologies, by default. Privacy must become integral to organizational priorities, project
objectives, design processes, and planning operations. Privacy must be embedded into every standard,
protocol and process that touches our lives.” (Cavoukian 2009, p. 1). Only such an anchoring by integrating
privacy-aware partner organizations, can ensure products and services which take privacy in the form of
data regulation into account proactively, by default in a full lifecycle.
In Principle 6 (Cavoukian 2009), it is emphasized that it is to assure that the third parties involved in the
organizations practices must also act in accordance with the PbD principles. Only by acting and considering
such a comprehensive approach can guarantee the effectiveness of PbD. This is now also relevant for the
companies themselves, as they can be made responsible for it in the future regarding the GDPR. As this
literature review shows, such a strong anchor is missing. Only few papers explicitly address third parties
and their integration in organization practices in order to process data according to the GDPR. First aspects
have already been examined (Table 5, Table 6). To deal with this shortcoming, we propose a comprehensive
research agenda that enables and guides researchers as well as practitioners to a decision process that
explicitly addresses consequences and the impact on compliance regarding GDPR. Because this regulation
becomes effective in May 2018, convincing solutions for the issues raised are urgently needed.
Acknowledgement
This research was sponsored by the Hamburg Ministry of Science, Research and Equality in the project
Information Governance Technologies under the reference LFF-FV 34.
REFERENCES
Aïvodji, U. M., Gambs, S., Huguet, M.-J., and Killijian, M.-O. 2016. "Meeting Points in Ridesharing: A
Privacy-Preserving Approach," Transportation Research Part C: Emerging Technologies (72), pp. 239
253.
Bier, C., and Krempel, E. 2012. "Common Privacy Patterns in Video Surveillance and Smart Energy," 2012
7th International Conference on Computing and Convergence Technology (ICCCT), pp. 610615.
Böhmann, T., Leimeister, J. M. and Möslein, K. (2014) 'Service Systems Engineering', Business &
Information Systems Engineering, 6(2), 7379.
Caiza, J. C., Martín, Y.-S., Del Alamo, J. M., and Guam, D. S. 2017. "Organizing Design Patterns for Privacy:
A Taxonomy of Types of Relationships," in: Proceedings of the 22nd European Conference on Pattern
Languages of Programs. Irsee, Germany: ACM, pp. 111.
Callegati, F., Campi, A., Melis, A., Prandini, M., and Zevenbergen, B. 2015. "Privacy-Preserving Design of
Data Processing Systems in the Public Transport Context," PACIS (7:4).
Cavoukian, A. 2009. "Privacy by Design," Information and privacy commissioner of Ontario, Canada).
Cavoukian, A. 2012. "Operationalizing Privacy by Design." Association for Computing Machinery, pp. 77.
Cavoukian, A., Chibba, M., and Stoianov, A. 2012. "Advances in Biometric Encryption: Taking Privacy by
Design from Academic Research to Deployment," Review of Policy Research (29:1), pp. 3761.
Cavoukian, A., and Kursawe, K. 2012. "Implementing Privacy by Design: The Smart Meter Case," 2012
International Conference on Smart Grid (SGE), pp. 18.
Chandler, J. D. and Lusch, R. F. (2015) 'Service systems a broadened framework and research agenda on
value propositions, engagement, and service experience', Journal of Service Research, 18(1), 622.
Chandramouli, K., Arguedas, V. F., and Izquierdo, E. 2013. "Knowledge Modeling for Privacy-by-Design in
Smart Surveillance Solution," 10th IEEE Int. Conf. on Adv. Video and Signal Based Surv., pp. 171176.
Colesky, M., Hoepman, J. H., and Hillen, C. 2016. "A Critical Analysis of Privacy Design Strategies," 2016
IEEE Security and Privacy Workshops (SPW), pp. 3340.
Conger, S., Pratt, J. H., and Loch, K. D. 2013. "Personal Information Privacy and Emerging Technologies,"
Information Systems Journal (23:5), pp. 401417.
Cooper, H. M. 1988. "Organizing Knowledge Syntheses," Knowledge in society (1:1), p. 104.
Danezis, G., Domingo-Ferrer, J., Hansen, M., Hoepman, J., Le Métayer, D., Tirtea, R., and Schiffner, S.
2015. "Privacy and Data Protection by Designfrom Policy to Engineering, European Union Agency for
Network and Information Security (Enisa), 2015."
Privacy by Design to Comply with GDPR
Twenty-fourth Americas Conference on Information Systems, New Orleans, 2018
9
Degeling, M., Lentzsch, C., Nolte, A., Herrmann, T., and Loser, K. U. 2016. "Privacy by Socio-Technical
Design: A Collaborative Approach for Privacy Friendly System Design," IEEE 2nd CIC, pp. 502505.
Diamantopoulou, V., Argyropoulos, N., Kalloniatis, C., and Gritzalis, S. 2017. "Supporting the Design of
Privacy-Aware Business Processes Via Privacy Process Patterns," 2017 11th RCIS, pp. 187198.
Diver, L., and Schafer, B. 2017. "Opening the Black Box: Petri Nets and Privacy by Design," International
Review of Law, Computers & Technology (31:1), pp. 6890.
Friedman, B. 1997. Human Values and the Design of Computer Technology. Cambridge University Press.
Hartzog, W., and Stutzman, F. 2013. "Obscurity by Design," Washington Law Review (88:2), pp. 385418.
Jaime, F., Maña, A., Ma, Z., Wagner, C., Hovie, D., and Bossuet, M. 2015. "Building a Privacy Accountable
Surveillance System," 3rd Int. Conf. on Model-Driven Engineering and Software Dev., pp. 646654.
Jutla, D. N., and Bodorik, P. 2015. "Pause: A Privacy Architecture for Heterogeneous Big Data
Environments," 2015 IEEE International Conference on Big Data (Big Data), pp. 19191928.
Jutla, D. N., Bodorik, P., and Ali, S. 2013. "Engineering Privacy for Big Data Apps with the Unified Modeling
Language," 2013 IEEE International Congress on Big Data, pp. 3845.
Karwatzki, S., Trenz, M., Tuunainen, V. K., and Veit, D. 2017. "Adverse Consequences of Access to
Individuals’ Information," European Journal of Information Systems), pp. 1–28.
Koops, B.-J., and Leenes, R. 2014. "Privacy Regulation Cannot Be Hardcoded. A Critical Comment on the
'Privacy by Design' Provision in Data-Protection Law," Int. Rev. of Law, Comp. & Tech. (28:2), p. 159.
Koops, B. J., Hoepman, J. H., and Leenes, R. 2013. "Open-Source Intelligence and Privacy by Design,"
Computer Law & Security Review (29:6), pp. 676688.
Kopp, H., Mödinger, D., Hauck, F., Kargl, F., and Bösch, C. 2017. "Design of a Privacy-Preserving
Decentralized File Storage with Financial Incentives," IEEE Eur. Symp. on Sec. and Privacy, pp. 1422.
Kroener, I. and Wright, D. 2014. "A Strategy for Operationalizing Privacy by Design," Inf. Soc. (30:5), pp.
355365.
Kroon, U. 2013. "Ma3tch: Privacy and Knowledge: 'Dynamic Networked Collective Intelligence'," 2013
IEEE International Conference on Big Data, pp. 2331.
Kung, A., Freytag, J. C., and Kargl, F. 2011. "Privacy-by-Design in Its Applications," 2011 IEEE International
Symposium on a World of Wireless, Mobile and Multimedia Networks, pp. 16.
Kung, A., Jouvray, C., and Coudert, F. 2015. "Salt Frameworks to Tackle Surveillance and Privacy
Concerns," 2015 3rd Int. Conf. on Model-Driven Engineering and Software Development, pp. 665673.
Leitner, M., Bonitz, A., Herzog, B., Hotzendorfer, W., Kenngott, C., Kuhta, T., Terbu, O., Vogl, S., and
Zehetbauer, S. 2016. "A Versatile, Secure and Privacy-Aware Tool for Online Participation," EDOCW,
pp. 14.
Liegl, M., Boden, A., Buscher, M., Oliphant, R., and Kerasidou, X. 2016. "Designing for Ethical Innovation:
A Case Study on Elsi Co-Design in Emergency," Int. Journal of Human-Computer St. (95), pp. 8095.
Lusch, R. F. and Vargo, S. L. (2014) Service-dominant logic: Premises, perspectives, possibilities,
Cambridge University Press.
March, S. T., and Smith, G. F. 1995. "Design and Natural-Science Research on Information Technology,"
Decision Support Systems (15:4), pp. 251266.
Martín, Y. S., del Alamo, J. M., and Yelmo, J. C. 2014. "Engineering Privacy Requirements Valuable Lessons
from Another Realm," 2014 IEEE 1st ESPRE, pp. 1924.
Métayer, D. L. 2013. "Privacy by Design: A Formal Framework for the Analysis of Architectural Choices,"
in: Proc. of the third ACM conf. on data and application security and privacy: ACM, pp. 95104.
Milutinovic, M., and De Decker, B. 2016. "Ethical Aspects in Ehealth - Design of a Privacy-Friendly System,"
Journal of Information Communication & Ethics in Society (14:1), pp. 4969.
Mohammad, A., Stader, J., and Westhoff, D. 2015. "A Privacy-Friendly Smart Metering Architecture with
Few-Instance Storage," I4CS, pp. 17.
Morizio, P. 2016. "Understanding Privacy-Control Arrangements Based on a Theory of Interactive
Computation in B2c Service Models," 2016 HICSS, pp. 53485357.
Morton, A., and Sasse, M. A. 2012. "Privacy Is a Process, Not a Pet: A Theory for Effective Privacy Practice,"
in: Proceedings of the 2012 New Security Paradigms Workshop. Bertinoro, Italy: ACM, pp. 87104.
Nordgren, A. 2015. "Privacy by Design in Personal Health Monitoring," Health Care (23:2), pp. 148164.
Notario, N., Crespo, A., Martín, Y. S., Alamo, J. M. D., Métayer, D. L., Antignac, T., Kung, A., Kroener, I.,
and Wright, D. 2015. "Pripare: Integrating Privacy Best Practices into a Privacy Engineering
Methodology," IEEE Security and Privacy Workshops, pp. 151158.
O’Connor, Y., Rowan, W., Lynch, L., and Heavin, C. 2017. "Privacy by Design: Informed Consent and
Internet of Things for Smart Health," Procedia Computer Science (113), pp. 653658.
Privacy by Design to Comply with GDPR
Twenty-fourth Americas Conference on Information Systems, New Orleans, 2018
10
Ostrom, A. L., Parasuraman, A., Bowen, D. E., Patricio, L., Voss, C. A., and Lemon, K. 2015. "Service
Research Priorities in a Rapidly Changing Context," Journal of Service Research (18:2), pp. 127159.
Peffers, K., Tuunanen, T., Rothenberger, M. A., and Chatterjee, S. 2007. "A Design Science Research
Methodology for Information Systems Research," Journal of Management Inf. Sys. (24:3), pp. 4577.
Perera, C., McCormick, C., Bandara, A. K., Price, B. A., and Nuseibeh, B. 2016. "Privacy-by-Design
Framework for Assessing Internet of Things Applications and Platforms," in: Proceedings of the 6th
International Conference on the Internet of Things. Stuttgart, Germany: ACM, pp. 8392.
Peters, C., Maglio, P., Badinelli, R., Harmon, R. R., Maull, R., Spohrer, J. C., Tuunanen, T., Vargo, S. L.,
Welser, J. J., Demirkan, H., Griffith, T. L., and Moghaddam, Y. 2016. "Emerging Digital Frontiers for
Service Innovation," Communications of the Association for Information Systems (39), pp. 136149.
Popescu, M., and Baruh, L. 2013. "Captive but Mobile: Privacy Concerns and Remedies for the Mobile
Environment," Information Society (29:5), pp. 272286.
Razaghpanah, A., Nithyanand, R., Vallina-Rodriguez, N., Sundaresan, S., Allman, M., Kreibich, C., and Gill,
P. 2018. "Apps, Trackers, Privacy, and Regulators: A Global Study of the Mobile Tracking Ecosystem,").
Regulation, G. D. P. 2016. "Regulation (Eu) 2016/679 of the European Parliament and of the Council of 27
April 2016 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on
the Free Movement of Such Data, and Repealing Directive 95/46," Of. J. of the EU (OJ) (59), pp. 188.
Reznichenko, A., and Francis, P. 2014. "Private-by-Design Advertising Meets the Real World," in:
Proceedings of the 2014 ACM SIGSAC. Scottsdale, Arizona, USA: ACM, pp. 116128.
Romanou, A. 2017. "The Necessity of the Implementation of Privacy by Design in Sectors Where Data
Protection Concerns Arise," Computer Law & Security Review.
Rowan, M., and Dehlinger, J. 2014. "Encouraging Privacy by Design Concepts with Privacy Policy Auto-
Generation in Eclipse (Page)," Proc. of the Workshop Eclipse Technology eXchange: ACM, pp. 914.
Rubinstein, I. S., and Good, N. 2013. "Privacy by Design: A Counterfactual Analysis of Google and Facebook
Privacy Incidents," Berkeley Technology Law Journal (28:2), pp. 13331413.
Schoonmaker, J. 2016. "Proactive Privacy for a Driverless Age," Inf. & Com. Tech. Law (25:2), pp. 96128.
Senst, T., Eiselein, V., Badii, A., Einig, M., Keller, I., and Sikora, T. 2013. "A Decentralized Privacy-Sensitive
Video Surveillance Framework," 2013. 18th Inter. Conference on Digital Signal Processing, pp. 16.
Siljee, J. 2015. "Privacy Transparency Patterns," in: Proceedings of the 20th European Conference on
Pattern Languages of Programs. Kaufbeuren, Germany: ACM, pp. 111.
Spohrer, J., Maglio, P., Bailey, J. and Gruhl, D. (2007) 'Steps toward a science of service systems',
Computer, 40(3), 7177.
Sun, Z., Zan, B., Ban, X., and Gruteser, M. 2013. "Privacy Protection Method for Fine-Grained Urban Traffic
Modeling Using Mobile Sensors," Transportation Research: Part B: Methodological (56), pp. 5069.
Vallez, N., Espinosa-Aranda, J., Rico-Saavedra, J., Parra-Patino, J., Deniz, O., Pagani, A., Krauss, S., Reiser,
R., Stricker, D., Moloney, D., Dehghani, A., Dunne, A., Pena, D., Waeny, M., Santos, P., Sorci, M.,
Llewellynn, T., Fedorczak, C., Larmoire, T., Roche, E., Herbst, M., Seirafi, A., and Seirafi, K. 2017. "Eyes
of Things," IEEE IC2E, pp. 292297.
Vallina-Rodriguez, N., Sundaresan, S., Razaghpanah, A., Nithyanand, R., Allman, M., Kreibich, C., and Gill,
P. 2016. "Tracking the Trackers," arXiv preprint arXiv:1609.07190).
Van Der Sype, Y. S., and Maalej, W. 2014. "On Lawful Disclosure of Personal User Data: What Should App
Developers Do?" 2014 IEEE 7th Int. Workshop on Requirements Engineering and Law, pp. 2534.
van Lieshout, M., Kool, L., van Schoonhoven, B., and de Jonge, M. 2011. "Privacy by Design: An Alternative
to Existing Practice in Safeguarding Privacy," Info (13:6), pp. 5568.
Vargo, S. L. and Lusch, R. F. (2011) 'It's all B2B... and beyond: Toward a systems perspective of the market',
Industrial Marketing Management, 40(2), 181187.
Vicini, S., Alberti, F., Notario, N., Crespo, A., Pastoriza, J. R. T., and Sanna, A. 2016. "Co-Creating Security-
and-Privacy-by-Design Systems," 2016 11th ARES, pp. 768775.
Vom Brocke, J., Simons, A., Niehaves, B., Riemer, K., Plattfaut, R., and Cleven, A. 2009. "Reconstructing
the Giant: On the Importance of Rigour in Documenting the Literature Search Process," ECIS, pp.
22062217.
Webster, J., and Watson, R. T. 2002. "Analyzing the Past to Prepare for the Future: Writing a Literature
Review," MIS Quarterly (26:2), pp. XiiiXxiii.
Ye, T., Moynagh, B., Albatal, R., and Gurrin, C. 2014. "Negative Faceblurring: A Privacy-by-Design
Approach to Visual Lifelogging with Google Glass," in: Proceedings of the 23rd ACM International
Conference on Information and Knowledge Management, pp. 20362038.
... For example, in 2019, Teixeira, Silva and Pereira [41] carried out a study to identify the critical success factors for implementing the GDPR. In 2018, Kutz, Semmann and Böhmann [20] reviewed Privacy by Design (PbD), focusing on studies that seek to implement PbD in organizations located in ecosystems. ...
... The study contributes to identifying affected areas and solutions that organizations could apply to achieve GDPR compliance. In 2018, Kutz, Semmann and Böhmann [20] conducted an RSL on Privacy by Design (PbD), focusing on publications that sought the implementation of PbD in Organizations located in ecosystems. The results showed a surprising lack of research in this field, even with the law's emphasis on this critical issue. ...
... Write clear consensus communications [1], [10], [13], [14], [20] 5 D4 ...
View
... However, numerous participants noted the burden of implementing GDPR requirements, with one survey participant in particular (P1) highlighting that prioritizing privacy in software development processes "requires an overhaul". Additionally, while PBD can benefit GDPR compliance efforts, Kurtz et al. note a scarcity of research in this area and note particular challenges with PBD for GDPR implementations, such as ensuring third party libraries also adhere to privacy principles [70]. ...
An Exploratory Mixed-Methods Study on General Data Protection Regulation (GDPR) Compliance in Open-Source Software
Preprint
Full-text available
  • Jun 2024
Background: Governments worldwide are considering data privacy regulations. These laws, e.g. the European Union's General Data Protection Regulation (GDPR), require software developers to meet privacy-related requirements when interacting with users' data. Prior research describes the impact of such laws on software development, but only for commercial software. Open-source software is commonly integrated into regulated software, and thus must be engineered or adapted for compliance. We do not know how such laws impact open-source software development. Aims: To understand how data privacy laws affect open-source software development. We studied the European Union's GDPR, the most prominent such law. We investigated how GDPR compliance activities influence OSS developer activity (RQ1), how OSS developers perceive fulfilling GDPR requirements (RQ2), the most challenging GDPR requirements to implement (RQ3), and how OSS developers assess GDPR compliance (RQ4). Method: We distributed an online survey to explore perceptions of GDPR implementations from open-source developers (N=56). We further conducted a repository mining study to analyze development metrics on pull requests (N=31462) submitted to open-source GitHub repositories. Results: GDPR policies complicate open-source development processes and introduce challenges for developers, primarily regarding the management of users' data, implementation costs and time, and assessments of compliance. Moreover, we observed negative perceptions of GDPR from open-source developers and significant increases in development activity, in particular metrics related to coding and reviewing activity, on GitHub pull requests related to GDPR compliance. Conclusions: Our findings motivate policy-related resources and automated tools to support data privacy regulation implementation and compliance efforts in open-source software.
View
... Both are ranked as the respondents' highest specific concerns (Hao, 2019). Moreover, numerous European countries are ahead of the U.S. in adopting safeguards with, for example, the implementation of the General Data Protection Regulation (GDPR), which the European Parliament enacted in May 2018 to address data protection and privacy of personal information of European citizens (Grojean, 2018;Kurtz et al., 2018). ...
Giving to Get Well: Patients’ Willingness to Manage and Share Health Information on AI-Driven Platforms
Article
Full-text available
  • Jan 2023
The digitalization of healthcare makes for the widespread availability of patient-provided data. Artificial Intelligence (AI) relies on this data. In this information-intensive environment, it is imperative to understand the contributing factors of an individual’s willingness to manage and share personal health information (PHI). Drawing from the health belief model, we identify the factors that motivate individuals to manage and share their PHI in an AI-driven health platform to obtain its intended benefits. We recognize security risks and present the use of a blockchain database as a representative means of securely managing and controlling an individual’s PHI. Data collected from a nationally representative sample of allergy sufferers indicate that the health belief model strongly predicts willingness to share PHI on a personalized AI-supported platform. Our study makes significant contributions by investigating the factors that motivate patients to use an AI-driven health platform to manage their health.
View
Leveraging Automation in Software Quality Assurance: Enhancing Efficiency and Reducing Defects
Article
Full-text available
  • Nov 2022
As the complexity of modern software systems continues to escalate, organizations face increasing pressure to enhance the efficiency, reliability, and speed of their software quality assurance (SQA) processes. In this dynamic and rapidly evolving landscape, automation has emerged as a transformative tool, providing robust solutions to streamline workflows, minimize manual intervention, and elevate overall software quality. This paper delves into the expanding role of automation in SQA, exploring a comprehensive range of automated testing tools, frameworks, and methodologies specifically designed to mitigate human error, accelerate testing cycles, and yield more reliable software products that meet stringent quality standards. The discussion highlights several key benefits of automation, including scalability, which allows organizations to execute thousands of test cases simultaneously, thus significantly reducing the time required for comprehensive testing. Additionally, repeatability ensures consistent test execution across multiple environments, which is essential for maintaining software integrity during frequent updates and releases. Enhanced accuracy minimizes the risk of human error, which is particularly critical in high-stakes industries such as finance, healthcare, and cybersecurity. However, the paper does not shy away from addressing the significant challenges associated with implementing automation in SQA. High initial setup costs, complexities in tool integration, and the ongoing maintenance of automation scripts pose substantial barriers for many organizations. These challenges necessitate careful planning and resource allocation, as well as the development of specialized skills within QA teams to manage and optimize automated testing processes effectively. Furthermore, the paper outlines effective strategies for incorporating automation into existing QA processes, emphasizing a phased approach that considers the unique context, needs, and maturity levels of each organization. Best practices for fostering continuous improvement and defect reduction throughout the software development lifecycle are recommended, including the seamless integration of automated tests within agile and DevOps frameworks.
View
AI-Augmented Forensic Tools for Investigating Cybersecurity Breaches
Article
Full-text available
  • Jun 2021
In the rapidly evolving landscape of cybersecurity, the sophistication of cyber threats continues to outpace traditional forensic investigation methods. This paper explores the integration of Artificial Intelligence (AI) into forensic tools to enhance the investigation of cybersecurity breaches. We analyze various AI techniques, including machine learning, natural language processing, and anomaly detection, that can significantly improve the efficiency and accuracy of digital forensic investigations. By leveraging these AI-augmented tools, investigators can automate data collection, enhance pattern recognition, and uncover hidden relationships within vast datasets, leading to quicker and more reliable breach analysis. This study presents a comprehensive framework for AI-driven forensic methodologies, highlighting their potential to transform cybersecurity investigations. We provide case studies that demonstrate the effectiveness of AI-augmented tools in real-world breach scenarios, revealing how they can expedite incident response and bolster organizational resilience. Ultimately, this paper underscores the necessity of integrating AI into digital forensics to adapt to the complexities of contemporary cyber threats and to fortify the overall cybersecurity posture of organizations.
View
Next-Generation Encryption Algorithms for Securing Smart Grid
Article
Full-text available
  • Jul 2020
The evolution of smart grid technologies has brought significant improvements in energy management, distribution efficiency, and consumer engagement. However, these advancements also introduce complex security challenges, particularly in the realm of communication networks. This paper explores next-generation encryption algorithms tailored for securing communications within smart grid infrastructures. We analyze the vulnerabilities associated with traditional encryption methods in the context of smart grids, such as susceptibility to attacks and latency issues. We propose innovative encryption techniques that leverage advanced cryptographic primitives, including lattice-based cryptography and homomorphic encryption, which offer robust security while maintaining operational efficiency. Our approach emphasizes the importance of lightweight cryptographic solutions suitable for resource-constrained devices in smart grid environments. We evaluate the proposed algorithms through simulation studies, demonstrating their effectiveness in mitigating security threats while ensuring the integrity, confidentiality, and availability of smart grid communications. The findings suggest that adopting these next-generation encryption algorithms can significantly enhance the resilience of smart grid systems against emerging cyber threats.
View
Adaptive Cryptographic Protocols for Securing 5G Networks
Article
Full-text available
  • Aug 2022
The advent of fifth-generation (5G) networks has revolutionized the telecommunications landscape, promising enhanced speed, reduced latency, and unprecedented connectivity. However, these advancements also expose 5G networks to a myriad of security threats, necessitating robust and adaptive cryptographic protocols to safeguard sensitive data and ensure the integrity of communications. This paper explores the design and implementation of adaptive cryptographic protocols specifically tailored for 5G environments. By leveraging advanced algorithms and machine learning techniques, the proposed protocols dynamically adjust encryption parameters based on real-time network conditions, user behaviors, and threat landscapes. Through comprehensive simulations and case studies, we demonstrate the efficacy of these adaptive protocols in mitigating risks associated with various attack vectors, including man-in-the-middle attacks, data interception, and unauthorized access. The results indicate significant improvements in security performance, including enhanced resistance to intrusion attempts and optimized resource utilization. Our findings contribute to the growing body of knowledge on securing next-generation networks and provide a foundation for future research in adaptive cryptography.
View
PERSONAL DATA BREACH ON THE INTERNET: A CASE STUDY ON GOOGLE FONT
Article
  • Dec 2024
Web pages have maintained their popularity from the moment the internet entered our lives becoming a social media catalogue for every sector. Websites facilitated and accelerated many processes such as reaching target audiences, advertising, or sales. Thus, the presence of every sector in the social environment was ensured. With the development of information technology, design opportunities have also developed and the visuality and attractiveness of web pages have gradually increased. Video and text effects are at the top of the design possibilities. Apart from the attractive possibilities of these developing design possibilities, they have also been used for malicious purposes such as stealing or damaging information. This study addresses how the use of Google Fonts conflicts with the European Union's General Data Protection Regulation (GDPR) and the ways to solve this problem. The GDPR has introduced strict rules on the protection and processing of personal data. However, Google Fonts, which is widely used by web developers and designers, sends users' IP addresses to Google's servers without explicitly stating how this data is processed. This is contrary to the GDPR principles of transparency and data minimization. This article elaborates on the privacy implications of using Google Fonts as well as the GDPR violations. As a solution, this study introduces alternatives such as local font hosting, open-source font libraries, and associated best practices. It also emphasizes the significance of the adoption of privacy-oriented design principles by web developers and designers and discusses the potential of these approaches to achieve GDPR compliance. In terms of theoretical and practical perspective, this study aims to provide a roadmap for harmonizing the use of Google Fonts and similar services with applicable privacy-related legislation.
View
View
Navigating the GDPR Compliance Conundrum: Analyzing Public Blockchain Systems and Personal Data Protection Rights
Chapter
  • Jun 2023
This chapter examines the implications of blockchain technology on the processing of personal data and its compliance with the general data protection regulation (GDPR) within the European Union. While the internet has revolutionized communication and database systems, it has also posed challenges to legally process personal data. However, the introduction of blockchain technology, with its cryptographic features and decentralized peer-to-peer ledger system, raises questions about the applicability of the GDPR. This chapter analyzes personal data processed in public blockchains, including the right to erasure. Additionally, the chapter explores the complexities of establishing accountability within distributed ledger technology, considering the innovative nature of blockchain and the traditional database framework upon which the GDPR was constructed. By examining the relationship between blockchain participants and fundamental data protection rights, this research aims to shed light on the intersection of blockchain technology and personal data protection.
View
View
Privacy by Design: Informed Consent and Internet of Things for Smart Health
Article
Full-text available
  • Dec 2017
Check: I accept the terms and conditions and privacy policy statements associated with this technological artefact! The informed consent process is becoming more of a challenge with the emergence of Internet of Things (IoT) as data may be collected without the digital health citizen being aware. It is argued in this paper that the first phase for universal usability of IoT within the smart health domain is to ensure that digital health citizens (i.e. user of technology) are fully aware of what they are consenting to when they register an account with such technological artefacts. This point is further reinforced by the proposed ‘Privacy by Design’ requirements associated with the forthcoming General Data Protection Regulation (GDPR). This paper proposes some practical approaches which should be considered when designing and developing IoT for data collection and data sharing within the health domain.
View
View
View
Organizing Design Patterns for Privacy: A Taxonomy of Types of Relationships
Conference Paper
  • Jul 2017
There has recently been an upsurge of legislative, technical and organizational frameworks in the field of privacy which recommend, and even mandate the need to consider privacy issues in the design of information systems. Privacy design patterns have been acknowledged as a useful tool to support engineers in this complex task, as they leverage best-practices which are already available in the engineering community. There are currently different privacy pattern catalogs coexisting, however, an ongoing effort is being made to unify these scattered contributions into one comprehensive system of patterns. To this end, the relationships between the privacy patterns must be expressed consistently. However, the catalogs available describe pattern relationships at different, incompatible levels of detail, or do not describe them at all. To solve this problem, this paper presents a taxonomy of types of relationships that can be used to describe the relationships between privacy patterns. This taxonomy has been validated against each individual catalog to ensure its applicability in the unified privacy pattern system.
View
Association for Computing Machinery
Article
  • Feb 2016
HydroMorph is an interactive display based on shapes formed by a stream of water. Inspired by the membrane formed when a water stream hits a smooth surface (e.g. a spoon), we developed a system that dynamically controls the shape of a water membrane. This paper describes the design and implementation of our system, explores a design space of interactions around water shapes, and proposes a set of user scenarios in applications across scales, from the faucet to the fountain. Through this work, we look to to enrich our interaction with water, an everyday material, with the added dimension of transformation.
View
The necessity of the implementation of Privacy by Design in sectors where data protection concerns arise
Article
  • Jun 2017
  • Comput Law Secur Rep
This article examines the extent to which Privacy by Design can safeguard privacy and personal data within a rapidly evolving society. This paper will first briefly explain the theoretical concept and the general principles of Privacy by Design, as laid down in the General Data Protection Regulation. Then, by indicating specific examples of the implementation of the Privacy by Design approach, it will be demonstrated why the implementation of Privacy by Design is a necessity in a number of sectors where specific data protection concerns arise (biometrics, e-health and video-surveillance) and how it can be implemented.
View
Opening the black box: Petri nets and Privacy by Design
Article
  • Jan 2017
Building on the growing literature in algorithmic accountability, this paper investigates the use of a process visualisation technique known as the Petri net to achieve the aims of Privacy by Design. The strength of the approach is that it can help to bridge the knowledge gap that often exists between those in the legal and technical domains. Intuitive visual representations of the status of a system and the flow of information within and between legal and system models mean developers can embody the aims of the legislation from the very beginning of the software design process, while lawyers can gain an understanding of the inner workings of the software without needing to understand code. The approach can also facilitate automated formal verification of the models’ interactions, paving the way for machine-assisted privacy by design and, potentially, more general ‘compliance by design’. Opening up the ‘black box’ in this way could be a step towards achieving better algorithmic accountability.
View
Privacy transparency patterns
Conference Paper
  • Jul 2015
This paper describes two privacy patterns for creating privacy transparency: the Personal Data Table pattern and the Privacy Policy Icons pattern, as well as a full overview of privacy transparency patterns. It is a first step in creating a full set of privacy design patterns, which will aid software developers with the realization of privacy by design. Privacy design patterns are design solutions to recurring privacy problems; as such they can facilitate the development of privacy-by-design solutions. Privacy design patterns as such exist, but a complete, uniform and readily applicable overview does not exist. This paper presents such an overview for privacy transparency patterns: they focus on solutions on how to create privacy transparency. Two privacy transparency patterns are fully described: the Personal Data Table pattern and the Privacy Policy Icons pattern.
View
Privacy by Socio-Technical Design: A Collaborative Approach for Privacy Friendly System Design
Conference Paper
  • Nov 2016
Lately the European data protection directive has increased the attention for privacy by design (PbD). The idea behind this system and software design approach is to not consider privacy as an add-on or legal requirement but to foster the development of privacy friendly technology right from the beginning. Current PbD approaches however mainly focus on technological aspects of privacy. They rarely consider the context in which software systems are build and used. The context however plays a vital role especially with respect to the future usage of a system in an organizational environment. We propose to use established socio-technical design approaches, in which multiple stakeholders collaborate on process models, as a basis for privacy by design. We adapt them to incorporate aspects relevant for privacy aware design and introduce a tool that can support question-based evaluation and collaborative work on processes that make use of personally identifiable information.
View