Qualitative Privacy Description Language

Ven, Jasper van de; Dylla, Frank

doi:10.1007/978-3-319-44760-5_11

Cited by 8 publications

(7 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The first privacy policy language was P3P, which was designed to tackle online privacy concerns of consumers that arise due to difficulties in obtaining information on the privacy practices of websites [45]. Consumers could match P3P rules with the related preference PDLs APPEL-P3P and XPref to avoid websites with P3P policy rules that mismatched their privacy preferences, data use consents, or disclosure conditions [27,46]. Despite P3P's abandonment in 2018, provision of information on the privacy practices of a company [45] is still relevant for modern PDLs to address data protection [17,36,47].…”

Section: Policy Rules For Data Sovereigntymentioning

confidence: 99%

Let the Computer Say NO! The Neglected Potential of Policy Definition Languages for Data Sovereignty

Bartsch

Dehling

Lauf³

et al. 2020

SSRN Journal

View full text Add to dashboard Cite

Section: Policy Rules For Data Sovereigntymentioning

confidence: 99%

Let the Computer Say NO! The Neglected Potential of Policy Definition Languages for Data Sovereignty

Bartsch

Dehling

Lauf³

et al. 2020

SSRN Journal

View full text Add to dashboard Cite

“…According to Kasem et al [59], a privacy language is "a set of syntax and semantics that is used to express policies". Many privacy languages have been proposed in the past twenty years [59,107]. We review here the different ways in which privacy languages are used to express machine-readable privacy policies.…”

Section: Machine-readable Privacy Policiesmentioning

confidence: 99%

“…Formal privacy languages (formal languages in the following) comprise a different approach to express privacy policies. CI [73], PrivacyAPIs [67], SIMPL [65], PrivacyLFP [33], S4P [17], QPDL [107], and PILOT [75] are languages that have their syntax and semantics defined mathematically. More precisely, they use formal languages such as Linear Temporal Logic [53], First-Order Logic [53] or Authorization Logic [5].…”

Section: Contentmentioning

confidence: 99%

“…Cunche et al [71] devise a generic framework to manage informed consent in the IoT, using DS and DC policies based on PI-LOT [75]. Automatic communication of privacy policies also makes P3P [27] XML Informal ✓ Comparison ✓ ✓ CPExchange [18] XML Informal ✓ PRML [115] ✓ XML Informal ✓ APPEL [64] ✓ XML Informal ✓ ✓ ✓ E-P3P [12] XML Formal ✓ ✓ Rei [58] Formal Formal Analysis ✓ Xpref [7] ✓ XML Informal ✓ ✓ XACML [9] XML Informal ✓ ✓ EPAL [11] XML Informal ✓ Comparison ✓ CI [16] Formal Formal ✓ ✓ SIMPL [65] ✓ Formal Formal ✓ ✓ S4P [17] ✓ Formal Formal ✓ ✓ Jeeves [112] Formal Formal ✓ ✓ P2U [56] ✓ XML Informal ✓ QPDL [107] Formal Formal ✓ ✓ RBAC [94] XML Informal ✓ ✓ OSL [51] Formal Formal ✓ ✓ GeoXACML [66] XML Informal ✓ ✓ A-PPL [13] XML Informal ✓ LPL [45] ✓ XML Informal ✓ ✓ ✓ PrivacyAPIs [67] Formal Formal Analysis ✓ ✓ PrivacyLFP [33] Formal Formal ✓ ✓ PILOT [75] ✓ Formal Formal Analysis ✓ ✓…”

Section: Benefitsmentioning

confidence: 99%

See 1 more Smart Citation

SoK

Morel

Pardo

2020

Proceedings of the 19th Workshop on Privacy in the Electronic Society

View full text Add to dashboard Cite

“…814 Technology reviews: Kumaraguru and others 2007;Ven and Dylla 2016;Camenisch, Fischer-Hübner and Rannenberg 2011, p.295. 815 Hilty and others 2007, p.532.…”

Section: Privacy Policies and Policy Languages For Pmmmentioning

confidence: 99%

Moving beyond consent in data privacy law. An effective privacy management system for Internet services

Betkier¹

View full text Add to dashboard Cite

<p>This thesis looks for a way to overcome the failure of consent as a means of addressing privacy problems associated with online services. It argues that consent to collection and use of personal data is an imperfect mechanism for individual authorisation because data privacy in relation to online services is a dynamic, continuous process. If people are to have autonomous choice in respect of their privacy processes, then they need to be able to manage these processes themselves. After careful examination of online services which pinpoints both the privacy problems caused by online service providers and the particular features of the online environment, the thesis devises a set of measures to enable individuals to manage these processes. The tool for achieving this is a Privacy Management Model (PMM) which consists of three interlocking functions: controlling (which consent may be a part of), organising, and planning. The thesis then proposes a way of implementing these functions in the context of online services. This requires a mix of regulatory tools: a particular business model in which individuals are supported by third parties (Personal Information Administrators), a set of technical/architectural tools to manage data within the ICT systems of the online service providers, and laws capable of supporting all these elements. The proposed legal measures aim to overcome the shortcomings of procedural principles by implementing a comprehensive model in which substantive legal principle underpins a bundle of statutory-level laws which enable privacy management functions. Those are explained against the background of the General Data Protection Regulation. All of this is designed to change the way decision-makers think about Internet privacy and form the theoretical backbone of the next generation of privacy laws.</p>

show abstract

Qualitative Privacy Description Language

Cited by 8 publications

References 45 publications

Let the Computer Say NO! The Neglected Potential of Policy Definition Languages for Data Sovereignty

Let the Computer Say NO! The Neglected Potential of Policy Definition Languages for Data Sovereignty

SoK

Moving beyond consent in data privacy law. An effective privacy management system for Internet services

Contact Info

Product

Resources

About