Analyzing Website Privacy Requirements Using a Privacy Goal Taxonomy
RE '02 Proceedings of the 10th Anniversary IEEE Joint International Conference on Requirements Engineering
Data Protection Law: Approaching Its Rationale, Logic and Limits
Data Protection Law: Approaching Its Rationale, Logic and Limits
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
Why we can't be bothered to read privacy policies models of privacy economics as a lemons market
ICEC '03 Proceedings of the 5th international conference on Electronic commerce
A hybrid approach for highly available and secure storage of Pseudo-SSO credentials
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Hi-index | 0.00 |
Data protection legislation was originally defined for a context where personal information is mostly stored on centralized servers with limited connectivity and openness to 3rd party access. Currently, servers are connected to the Internet, where a large amount of personal information is continuously being exchanged as part of application transactions. This is very different from the original context of data protection regulation. Even though there are rather strict data protection laws in an increasing number of countries, it is in practice rather challenging to ensure an adequate protection for personal data that is communicated on-line. The enforcement of privacy legislation and policies therefore might require a technological basis, which is integrated with adequate amendments to the legal framework. This article describes a new approach called Privacy Policy Referencing, and outlines the technical and the complementary legal framework that needs to be established to support it.