Data Protection by Design Tool for Automated GDPR Compliance Verification Based on Semantically Modeled Informed Consent

Chhetri, Tek Raj; Kurteva, Anelia; DeLong, Rance J; Hilscher, Rainer; Korte, Kai; Fensel, Dieter

doi:10.3390/s22072763

Cited by 25 publications

(27 citation statements)

References 52 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…a complex but fully accessible deep learning model with billions of parameters). 9 Hupont et al (2022) provide an overview of documentation obligations to satisfy transparency requirements included in the proposed EU AI Act. 10 Some research argues that the explainability vs. performance trade-off is not so relevant in cases where the objective function is explainable.…”

Section: Annex a Presentations Relevant To Accountability In Ai From ...mentioning

confidence: 99%

Advancing accountability in AI

2023

OECD Digital Economy Papers

View full text Add to dashboard Cite

show abstract

Section: Annex a Presentations Relevant To Accountability In Ai From ...mentioning

confidence: 99%

Advancing accountability in AI

2023

OECD Digital Economy Papers

View full text Add to dashboard Cite

show abstract

“…The smashHitCore ontology [45] is developed to perform GDPR compliance verification checks based on consent and contracts. In this paper, we only describe and present the semanticbased contract model, while the semantic representation of consent is presented in [24].…”

Section: Semantic-based Contract Modelmentioning

confidence: 99%

“…Furthermore, in comparison to the diverse consent ontologies that are available, as shown in [8], there are few ontologies that model contracts based on GDPR. Following this and our previous work in [24], we present a KG-based solution for digital contracting, which has the following functionalities: (i) binding GDPR with data sharing contracts and (ii) performing CCV checks on contracts.…”

Section: Introductionmentioning

confidence: 98%

“…In UC1 and UC2 as discussed above, the usage of web technologies in combination with semantic technologies ensures information reusability, reliability, and inference to support the end users on the web [23]. The use of KGs for consent-based GDPR compliance has already proven to be beneficial in our previous work presented in [24]. In our earlier work [24], we proposed and developed a scalable data protection by design tools for automated compliance verification and auditability based on informed consent using KGs.…”

Section: Introductionmentioning

confidence: 99%

“…The use of KGs for consent-based GDPR compliance has already proven to be beneficial in our previous work presented in [24]. In our earlier work [24], we proposed and developed a scalable data protection by design tools for automated compliance verification and auditability based on informed consent using KGs. This research focuses on performing GDPR contract compliance verification, where consent is not enough, for example, in online services [6].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Automated GDPR Contract Compliance Verification Using Knowledge Graphs

et al. 2022

Self Cite

View full text Add to dashboard Cite

In the past few years, the main research efforts regarding General Data Protection Regulation (GDPR)-compliant data sharing have been focused primarily on informed consent (one of the six GDPR lawful bases for data processing). In cases such as Business-to-Business (B2B) and Business-to-Consumer (B2C) data sharing, when consent might not be enough, many small and medium enterprises (SMEs) still depend on contracts—a GDPR basis that is often overlooked due to its complexity. The contract’s lifecycle comprises many stages (e.g., drafting, negotiation, and signing) that must be executed in compliance with GDPR. Despite the active research efforts on digital contracts, contract-based GDPR compliance and challenges such as contract interoperability have not been sufficiently elaborated on yet. Since knowledge graphs and ontologies provide interoperability and support knowledge discovery, we propose and develop a knowledge graph-based tool for GDPR contract compliance verification (CCV). It binds GDPR’s legal basis to data sharing contracts. In addition, we conducted a performance evaluation in terms of execution time and test cases to validate CCV’s correctness in determining the overhead and applicability of the proposed tool in smart city and insurance application scenarios. The evaluation results and the correctness of the CCV tool demonstrate the tool’s practicability for deployment in the real world with minimum overhead.

show abstract