Personal data provides important business value, for example, in the personalization of services. In addition, companies are moving toward new business models, in which products and services are offered without charge to users, but in exchange for targeted advertising revenue. New privacy regulations require organizations to explicitly state their data practices in privacy policies, including which data types will be collected. By consenting to data collections described in a policy, the user acknowledges that he or she is granting the company the authorizations needed to access their data. When data practices change, a new version of the policy is released. This release can occur a few times a year, when requirements are rapidly changing for the collection and processing of personal data. Furthermore, the user may change his or her privacy consent by opting in or out of the policy. We propose a formal framework to support companies and users in their understanding of policies evolution under consent regime that supports both retroactive and non-retroactive consent and consent revocation. Preliminary results include an ontology for policy evolution, expressed in Description Logic, that can be used to formalize consent and data collection logs and then query for which data types can be legally accessed.
Consent verification under evolving privacy policies / Robol, M.; Breaux, T. D.; Paja, E.; Giorgini, P.. - ELETTRONICO. - (2019), pp. 422-427. ((Intervento presentato al convegno 27th IEEE International Requirements Engineering Conference, RE 2019 tenutosi a Jeju Island, South Korea nel 23th-27th September 2019 [10.1109/RE.2019.00056].
|Titolo:||Consent verification under evolving privacy policies|
|Autori:||Robol, M.; Breaux, T. D.; Paja, E.; Giorgini, P.|
|Titolo del volume contenente il saggio:||Proceedings 2019 IEEE 27th International Requirements Engineering Conference|
|Luogo di edizione:||Piscataway, NJ|
|Casa editrice:||IEEE Computer Society|
|Anno di pubblicazione:||2019|
|Codice identificativo Scopus:||2-s2.0-85076903260|
|Codice identificativo WOS:||WOS:000533929400049|
|Citazione:||Consent verification under evolving privacy policies / Robol, M.; Breaux, T. D.; Paja, E.; Giorgini, P.. - ELETTRONICO. - (2019), pp. 422-427. ((Intervento presentato al convegno 27th IEEE International Requirements Engineering Conference, RE 2019 tenutosi a Jeju Island, South Korea nel 23th-27th September 2019 [10.1109/RE.2019.00056].|
|Appare nelle tipologie:||04.1 Saggio in atti di convegno (Paper in proceedings)|
File in questo prodotto:
|08920420.pdf||Versione editoriale (Publisher’s layout)||Tutti i diritti riservati (All rights reserved)||Administrator|