2021
DOI: 10.3233/faia210332
|View full text |Cite
|
Sign up to set email alerts
|

A GDPR International Transfer Compliance Framework Based on an Extended Data Privacy Vocabulary (DPV)

Abstract: This paper describes a tool using an extended Data Privacy Vocabulary (the DPV) to audit and monitor GDPR compliance of international transfers of personal data. New terms were identified which have been proposed as extensions to the DPV W3C Working Group. A prototype software tool was built based on the model plus a set of validation rules, and synthetic use-cases created to test the capabilities of the model and tool (together a compliance framework). This framework was created because the rules around inter… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
4
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
2
1

Relationship

0
3

Authors

Journals

citations
Cited by 3 publications
(4 citation statements)
references
References 7 publications
0
4
0
Order By: Relevance
“…Year Mention Use Extension Contributed Domain [11] 2020 X Health [53] 2020 X Media [7,54,81] 2020 X [12,47,51,71] 2020 X [10] 2020 X Health [15,60,74] 2020 X X [17,55,29] 2021 X Health [37,6,76,62,39] 2021 X [72,20,16,73,52] 2021 X [34] 2021 X Smart products [42] 2021 X X [44,46,43,75,59,66,22] 2022 X [21] 2022 X X [69,70,57,23] 2022 X X [5] 2022 X Health [25,14,13,32,50] 2022 X [4] 2022 X IoT [40] 2022 X Health [58,…”
Section: Workmentioning
confidence: 99%
See 1 more Smart Citation
“…Year Mention Use Extension Contributed Domain [11] 2020 X Health [53] 2020 X Media [7,54,81] 2020 X [12,47,51,71] 2020 X [10] 2020 X Health [15,60,74] 2020 X X [17,55,29] 2021 X Health [37,6,76,62,39] 2021 X [72,20,16,73,52] 2021 X [34] 2021 X Smart products [42] 2021 X X [44,46,43,75,59,66,22] 2022 X [21] 2022 X X [69,70,57,23] 2022 X X [5] 2022 X Health [25,14,13,32,50] 2022 X [4] 2022 X IoT [40] 2022 X Health [58,…”
Section: Workmentioning
confidence: 99%
“…When it comes to extensions performed over DPV, most were contributed back to DPV to be integrated into DPVCG's outputs. Concerning work on GDPR requirements, there were proposed extensions focusing on consent [60,15], in particular related to the processing of electronic health record data [67], as well as on building semantic models to represent records of processing activities [74,69,73], data protection impact assessments [57], data breaches' reports [64], and international data transfer notices [42]. Moreover, extensions focusing on GDPR's data subject rights and exemptions to these rights [23] and on DGA requirements [24,18] were also contributed back to DPVCG's outputs.…”
Section: Workmentioning
confidence: 99%
“…The PDPA is Singapore's primary data protection statute and Part 6A governs data breach notifications. While the PDPA has not been examined in AI & Law literature, its subject matter connects it to prior work on the General Data Protection Regulation [8,2]. Part 6A is also complex enough to demonstrate the utility of a computational law approach.…”
Section: Formalizing the Personal Data Protection Actmentioning
confidence: 99%
“…Expressing laws computably is a classic objective of AI & Law [1] and a prerequisite to automating downstream tasks such as compliance checking [2], policy support [3], legislative simulation [4], and formal verification [3]. But faithfully translating law to logic is challenging [5], often requiring expertise in both legal and formal methods.…”
Section: Introductionmentioning
confidence: 99%