Machine Understandable Policies and GDPR Compliance Checking

Piero A. Bonatti, Sabrina Kirrane, Iliana M. Petrova, Luigi Sauro

Publication: Scientific journalJournal articlepeer-review

Abstract

The European General Data Protection Regulation (GDPR) calls for technical and organizational measures to support its implementation. Towards this end, the SPECIAL H2020 project aims to provide a set of tools that can be used by data controllers and processors to automatically check if personal data processing and sharing complies with the obligations set forth in the GDPR. The primary contributions of the project include: (i) a policy language that can be used to express consent, business policies, and regulatory obligations; and (ii) two different approaches to automated compliance checking that can be used to demonstrate that data processing performed by data controllers/processors complies with consent provided by data subjects, and business processes comply with regulatory obligations set forth in the GDPR.
Original languageEnglish
JournalKI - Künstliche Intelligenz
DOIs
Publication statusPublished - 2020

Austrian Classification of Fields of Science and Technology (ÖFOS)

  • 102
  • 102001 Artificial intelligence
  • 102015 Information systems
  • 502050 Business informatics
  • 505002 Data protection

Cite this