Compliance Using Metadata

Rigo Wenning*, Sabrina Kirrane

*Korrespondierende*r Autor*in für diese Arbeit

Publikation: Beitrag in Buch/KonferenzbandBeitrag in Sammelwerk

25 Downloads (Pure)


Everybody talks about the data economy. Data is collected stored, processed and re-used. In the EU, the GDPR creates a framework with conditions (e.g. consent) for the processing of personal data. But there are also other legal provisions containing requirements and conditions for the processing of data. Even today, most of those are hard-coded into workflows or database schemes, if at all. Data lakes are polluted with unusable data because nobody knows about usage rights or data quality. The approach presented here makes the data lake intelligent. It remembers usage limitations and promises made to the data subject or the contractual partner. Data can be used as risk can be assessed. Such a system easily reacts on new requirements. If processing is recorded back into the data lake, the recording of this information allows to prove compliance. This can be shown to authorities on demand as an audit trail. The concept is best exemplified by the SPECIAL project (Scalable Policy-aware Linked Data Architecture For PrivacyPrivacy, TransparencyTransparency and ComplianceCompliance). SPECIAL has several use cases, but the basic framework is applicable beyond those cases.
Titel des SammelwerksSemantic Applications. Methodology, Technology, Corporate Use
Herausgeber*innenT. Hoppe, B. Humm, A. Reibold
ErscheinungsortBerlin, Heidelberg
ISBN (Print)978-3-662-55432-6
PublikationsstatusVeröffentlicht - 2018

Österreichische Systematik der Wissenschaftszweige (ÖFOS)

  • 102
  • 102001 Artificial Intelligence
  • 102015 Informationssysteme
  • 502050 Wirtschaftsinformatik
  • 505002 Datenschutz