Affiliation:
1. Ontology Engineering Group, Universidad Politécnica de Madrid, Spain
Abstract
This article surveys existing vocabularies, ontologies and policy languages that can be used to represent informational items referenced in GDPR rights and obligations, such as the ‘notification of a data breach’, the ‘controller’s identity’ or a ‘DPIA’. Rights and obligations in GDPR are analyzed in terms of information flows between different stakeholders, and a complete collection of 57 different informational items that are mentioned by GDPR is described. 13 privacy-related policy languages and 9 data protection vocabularies and ontologies are studied in relation to this list of informational items. ODRL and LegalRuleML emerge as the languages that can respond positively to a greater number of the defined comparison criteria if complemented with DPV and GDPRtEXT, since 39 out of the 57 informational items can be modelled. Online supplementary material is provided, including a simple search application and a taxonomy of the identified entities.
Subject
Computer Networks and Communications,Computer Science Applications,Information Systems
Reference61 articles.
1. XPref: A preference language for P3P;Agrawal;Computer Networks,2005
2. E-P3P privacy policies and privacy authorization
3. Managing semantics in XML vocabularies: an experience in the legal and legislative domain
4. C. Bartolini and R. Muthuri, Reconciling data protection rights and obligations: An ontology of the forthcoming EU regulation, in: Workshop on Language and Semantic Technology for Legal Domain, 2015.
5. Using Ontologies to Model Data Protection Requirements in Workflows
Cited by
6 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献