Affiliation:
1. Korea University, Seoul, Korea
2. University of Texas at San Antonio, San Antonio, Texas
Abstract
There has been a trend of moving from simply de-identification to providing extended data control to their owner (e.g., data portability and right to be forgotten), partly due to the introduction of the General Data Protection Regulation (GDPR). Hence, in this paper, we survey the literature to provide an in-depth understanding of the existing approaches for personal data control (e.g., we observe that most existing approaches are generally designed to facilitate compliance), as well as the privacy regulations in Europe, United Kingdom, California, South Korea, and Japan. Based on the review, we identify the associated technical requirements, as well as a number of research gaps and potential future directions (e.g., the need for transparent processing of personal data and establishment of clear procedure in ensuring personal data control).
Publisher
Association for Computing Machinery (ACM)
Subject
General Computer Science,Theoretical Computer Science
Reference127 articles.
1. ABINE (Delete me & Blur). 2021. ABINE (Delete me & Blur): Abine the online privacy company. Retrieved from https://www.abine.com/.
2. AccountKiller. 2021. AccountKiller: Want to ditch your online account? Retrieved from https://www.accountkiller.com/en/home.
3. Nudges for Privacy and Security
4. Design and Implementation of a Blockchain-Based E-Health Consent Management Framework
5. Designing privacy-friendly data repositories: a framework for a blockchain that follows the GDPR