21 research outputs found
TILT: A GDPR-Aligned Transparency Information Language and Toolkit for Practical Privacy Engineering
In this paper, we present TILT, a transparency information language and
toolkit explicitly designed to represent and process transparency information
in line with the requirements of the GDPR and allowing for a more automated and
adaptive use of such information than established, legalese data protection
policies do.
We provide a detailed analysis of transparency obligations from the GDPR to
identify the expressiveness required for a formal transparency language
intended to meet respective legal requirements. In addition, we identify a set
of further, non-functional requirements that need to be met to foster practical
adoption in real-world (web) information systems engineering. On this basis, we
specify our formal language and present a respective, fully implemented toolkit
around it. We then evaluate the practical applicability of our language and
toolkit and demonstrate the additional prospects it unlocks through two
different use cases: a) the inter-organizational analysis of personal
data-related practices allowing, for instance, to uncover data sharing networks
based on explicitly announced transparency information and b) the presentation
of formally represented transparency information to users through novel, more
comprehensible, and potentially adaptive user interfaces, heightening data
subjects' actual informedness about data-related practices and, thus, their
sovereignty.
Altogether, our transparency information language and toolkit allow -
differently from previous work - to express transparency information in line
with actual legal requirements and practices of modern (web) information
systems engineering and thereby pave the way for a multitude of novel
possibilities to heighten transparency and user sovereignty in practice.Comment: Accepted for publication at the ACM Conference on Fairness,
Accountability, and Transparency 2021 (ACM FAccT'21). This is a preprint
manuscript (authors' own version before final copy-editing
Scalable Discovery and Continuous Inventory of Personal Data at Rest in Cloud Native Systems
Cloud native systems are processing large amounts of personal data through
numerous and possibly multi-paradigmatic data stores (e.g., relational and
non-relational databases). From a privacy engineering perspective, a core
challenge is to keep track of all exact locations, where personal data is being
stored, as required by regulatory frameworks such as the European General Data
Protection Regulation. In this paper, we present Teiresias, comprising i) a
workflow pattern for scalable discovery of personal data at rest, and ii) a
cloud native system architecture and open source prototype implementation of
said workflow pattern. To this end, we enable a continuous inventory of
personal data featuring transparency and accountability following
DevOps/DevPrivOps practices. In particular, we scope version-controlled
Infrastructure as Code definitions, cloud-based storages, and how to integrate
the process into CI/CD pipelines. Thereafter, we provide iii) a comparative
performance evaluation demonstrating both appropriate execution times for
real-world settings, and a promising personal data detection accuracy
outperforming existing proprietary tools in public clouds.Comment: Preprint of 2022-09-09 before final copy-editing of an accepted
peer-reviewed paper to appear in the Proceedings of the 20th International
Conference on Service-Oriented Computing ICSOC 202
Towards Cross-Provider Analysis of Transparency Information for Data Protection
Transparency and accountability are indispensable principles for modern data
protection, from both, legal and technical viewpoints. Regulations such as the
GDPR, therefore, require specific transparency information to be provided
including, e.g., purpose specifications, storage periods, or legal bases for
personal data processing. However, it has repeatedly been shown that all too
often, this information is practically hidden in legalese privacy policies,
hindering data subjects from exercising their rights. This paper presents a
novel approach to enable large-scale transparency information analysis across
service providers, leveraging machine-readable formats and graph data science
methods. More specifically, we propose a general approach for building a
transparency analysis platform (TAP) that is used to identify data transfers
empirically, provide evidence-based analyses of sharing clusters of more than
70 real-world data controllers, or even to simulate network dynamics using
synthetic transparency information for large-scale data-sharing scenarios. We
provide the general approach for advanced transparency information analysis, an
open source architecture and implementation in the form of a queryable analysis
platform, and versatile analysis examples. These contributions pave the way for
more transparent data processing for data subjects, and evidence-based
enforcement processes for data protection authorities. Future work can build
upon our contributions to gain more insights into so-far hidden data-sharing
practices.Comment: technical repor
Configurable Per-Query Data Minimization for Privacy-Compliant Web APIs
The purpose of regulatory data minimization obligations is to limit personal
data to the absolute minimum necessary for a given context. Beyond the initial
data collection, storage, and processing, data minimization is also required
for subsequent data releases, as it is the case when data are provided using
query-capable Web APIs. Data-providing Web APIs, however, typically lack
sophisticated data minimization features, leaving the task open to manual and
all too often missing implementations. In this paper, we address the problem of
data minimization for data-providing, query-capable Web APIs. Based on a
careful analysis of functional and non-functional requirements, we introduce
Janus, an easy-to-use, highly configurable solution for implementing legally
compliant data minimization in GraphQL Web APIs. Janus provides a rich set of
information reduction functionalities that can be configured for different
client roles accessing the API. We present a technical proof-of-concept along
with experimental measurements that indicate reasonable overheads. Janus is
thus a practical solution for implementing GraphQL APIs in line with the
regulatory principle of data minimization.Comment: Preprint version (2022-03-18) This version of the contribution has
been accepted for publication at the 22nd International Conference on Web
Engineering (ICWE 2022), Bari, Ital
TIRA: An OpenAPI Extension and Toolbox for GDPR Transparency in RESTful Architectures
Transparency - the provision of information about what personal data is
collected for which purposes, how long it is stored, or to which parties it is
transferred - is one of the core privacy principles underlying regulations such
as the GDPR. Technical approaches for implementing transparency in practice
are, however, only rarely considered. In this paper, we present a novel
approach for doing so in current, RESTful application architectures and in line
with prevailing agile and DevOps-driven practices. For this purpose, we
introduce 1) a transparency-focused extension of OpenAPI specifications that
allows individual service descriptions to be enriched with transparency-related
annotations in a bottom-up fashion and 2) a set of higher-order tools for
aggregating respective information across multiple, interdependent services and
for coherently integrating our approach into automated CI/CD-pipelines.
Together, these building blocks pave the way for providing transparency
information that is more specific and at the same time better reflects the
actual implementation givens within complex service architectures than current,
overly broad privacy statements.Comment: Accepted for publication at the 2021 International Workshop on
Privacy Engineering (IWPE'21). This is a preprint manuscript (authors' own
version before final copy-editing
UAV-getragenes laserinduziertes Fluoreszenzspektroskopie-System zur aktiven Ferndetektion von Gefahrstoffen auf Oberflächen
LUCS ist ein innovatives drohnengestütztes Ferndetektionssystem, welches im Rahmen der DLR Sicherheitsforschung am DLR Institut für Technische Physik entwickelt wurde. Basierend auf einer laserspektroskopischen Technik ist das UAV-gestützte System insbesondere für den Einsatz zur berührungslosen Erkennung und Klassifizierung von chemischen und biologischen Gefahrstoffen auf Oberflächen ausgelegt. Mit einer Messzeit von ca. 100 ms können aus einer Detektionsdistanz zwischen 8 – 10 m innerhalb kürzester Zeit die Fluoreszenzeigenschaften des Probenmaterial untersucht werden
A Practical, Accurate, Information Criterion for Nth Order Markov Processes
The recent increase in the breath of computational methodologies has been matched with a corresponding increase in the difficulty of comparing the relative explanatory power of models from different methodological lineages. In order to help address this problem a Markovian information criterion (MIC) is developed that is analogous to the Akaike information criterion (AIC) in its theoretical derivation and yet can be applied to any model able to generate simulated or predicted data, regardless of its methodology. Both the AIC and proposed MIC rely on the Kullback–Leibler (KL) distance between model predictions and real data as a measure of prediction accuracy. Instead of using the maximum likelihood approach like the AIC, the proposed MIC relies instead on the literal interpretation of the KL distance as the inefficiency of compressing real data using modelled probabilities, and therefore uses the output of a universal compression algorithm to obtain an estimate of the KL distance. Several Monte Carlo tests are carried out in order to (a) confirm the performance of the algorithm and (b) evaluate the ability of the MIC to identify the true data-generating process from a set of alternative models
Datensouveränität für Verbraucher:innen: Technische Ansätze durch KI-basierte Transparenz und Auskunft im Kontext der DSGVO
Hinreichende Datensouveränität gestaltet sich für Verbraucher:innen in der Praxis als äußerst schwierig. Die Europäische Datenschutzgrundverordnung garantiert umfassende Betroffenenrechte, die von verwantwortlichen Stellen durch technisch-organisatorische Maßnahmen umzusetzen sind. Traditionelle Vorgehensweisen wie die Bereitstellung länglicher Datenschutzerklärungen oder der ohne weitere Hilfestellungen angebotene Download von personenbezogenen Rohdaten werden dem Anspruch der informationellen Selbstbestimmung nicht gerecht. Die im Folgenden aufgezeigten neuen technischen Ansätze insbesondere KI-basierter Transparenz- und Auskunftsmodalitäten zeigen die Praktikabilität wirksamer und vielseitiger Mechanismen. Hierzu werden die relevanten Transparenzangaben teilautomatisiert extrahiert, maschinenlesbar repräsentiert und anschließend über diverse Kanäle wie virtuelle Assistenten oder die Anreicherung von Suchergebnissen ausgespielt. Ergänzt werden außerdem automatisierte und leicht zugängliche Methoden für Auskunftsersuchen und deren Aufbereitung nach Art. 15 DSGVO. Abschließend werden konkrete Regulierungsimplikationen diskutiert