Login (DCU Staff Only)
Login (DCU Staff Only)

DORAS | DCU Research Repository

Explore open access research and scholarly works from DCU

Advanced Search

A GDPR international transfer compliance framework based on an extended data privacy vocabulary (DPV)

Hickey, David orcid logoORCID: 0000-0002-9999-5583 and Brennan, Rob orcid logoORCID: 0000-0001-8236-362X (2021) A GDPR international transfer compliance framework based on an extended data privacy vocabulary (DPV). In: 34th International Conference on Legal Knowledge and Information Systems (JURIX 2021), 8-10-Dec 2021, Vilnius, Lithuania. ISBN 978-1-64368-252-5

Abstract
This paper describes a new model, using a privacy vocabulary standard (the Data Privacy Vocabulary, DPV) to audit and monitor GDPR compliance of international transfers of personal data. New terms were identified which I have proposed as extensions to the DPV. A prototype software tool was built based on the model, and synthetic use-cases created to test the capabilities of the model and tool (together a compliance framework). This framework was created because the rules around international transfer compliance are complex and changing, there is an absence of a common approach to ensuring compliance, few (if any) tools exist to assist, and those that do lack interoperability. Evaluation results demonstrate that the proposed model improves compliance in terms of identification and standardization from less than 35% to over 90% in test use-cases. The tool received very positive feedback from the data protection practitioners who participated in the evaluation, and an initial version of the tool is now in use in one financial services organization. While currently the tool only addresses international transfers, in theory the framework can be extended through further work to the broader area of compliance of all aspects of the GPDR (being based on the DPV).
Metadata
Item Type:Conference or Workshop Item (Paper)
Event Type:Conference
Refereed:Yes
Additional Information:https://www.iospress.com/search?query=jurix&page=1
Uncontrolled Keywords:GDPR, International Transfer, Compliance, DPV, Data Protection, Privacy
Subjects:UNSPECIFIED
DCU Faculties and Centres:DCU Faculties and Schools > Faculty of Engineering and Computing > School of Computing
Research Institutes and Centres > ADAPT
Published in: Schweighofer, E., (ed.) Legal Knowledge and Information Systems. Frontiers of Artificial Intelligence and Applications 346. IOS Press. ISBN 978-1-64368-252-5
Publisher:IOS Press
Copyright Information:© 2021 The Authors
ID Code:26372
Deposited On:06 Dec 2021 18:36 by Vidatum Academic . Last Modified 06 Dec 2021 18:36
Documents

Full text available as:

[thumbnail of AGDPRInternationalTransferComplianceFramework_applicationCategory.pdf]
Preview
PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
1MB
Downloads

Downloads

Downloads per month over past year

Archive Staff Only: edit this record