English
Related papers

Related papers: Machine Understandable Policies and GDPR Complianc…

200 papers

Recent regulations, such as the European General Data Protection Regulation (GDPR), put stringent constraints on the handling of personal data. Privacy, like security, is a non-functional property, yet most software design tools are focused…

Software Engineering · Computer Science 2020-11-25 Hanaa Alshareef , Sandro Stucki , Gerardo Schneider

The European Union's General Data Protection Regulation (GDPR) strengthened several rights for individuals (data subjects). One of these is the data subjects' right to access their personal data being collected by services (data…

Computers and Society · Computer Science 2024-07-08 Nicola Leschke , Daniela Pöhn , Frank Pallas

Fairness monitoring is critical for detecting algorithmic bias, as mandated by the EU AI Act. Since such monitoring requires sensitive user data (e.g., ethnicity), the AI Act permits its processing only with strict privacy measures, such as…

Human-Computer Interaction · Computer Science 2026-02-03 Changyang He , Parnian Jahangirirad , Lin Kyi , Asia J. Biega

Making sure that users understand privacy policies that impact them is a key challenge for a real GDPR deployment. Research studies are mostly carried in English, but in Europe and elsewhere, users speak a language that is not English.…

Cryptography and Security · Computer Science 2023-02-13 Francesco Ciclosi , Silvia Vidor , Fabio Massacci

The use of software applications is inevitable as they provide different services to users. The software applications collect, store users' data, and sometimes share with the third party, even without the user consent. One can argue that…

Cryptography and Security · Computer Science 2020-08-10 Abdulrahman Alhazmi , Nalin Asanka Gamagedara Arachchilage

Modern privacy regulations provide a strict mandate for data processing entities to implement appropriate technical measures to demonstrate compliance. In practice, determining what measures are indeed "appropriate" is not trivial,…

Cryptography and Security · Computer Science 2023-06-28 Oleksandra Klymenko , Stephen Meisenbacher , Florian Matthes

This PhD thesis discusses how European law could improve privacy protection in the area of behavioural targeting. Behavioural targeting, also referred to as online profiling, involves monitoring people's online behaviour, and using the…

Computers and Society · Computer Science 2025-12-16 Frederik Johannes Zuiderveen Borgesius

The Internet of Things (IoT) raises specific issues in terms of information and consent, which makes the implementation of the General Data Protection Regulation (GDPR) challenging in this context. In this report, we propose a generic…

Computers and Society · Computer Science 2018-12-18 Mathieu Cunche , Daniel Le Métayer , Victor Morel

Regulatory compliance is a well-studied area, including research on how to model, check, analyse, enact, and verify compliance of software. However, while the theoretical body of knowledge is vast, empirical evidence on challenges with…

Software Engineering · Computer Science 2021-03-03 Muhammad Usman , Michael Felderer , Michael Unterkalmsteiner , Eriks Klotins , Daniel Mendez , Emil Alegroth

Artificial intelligence (AI) generally and machine learning (ML) specifically demonstrate impressive practical success in many different application domains, e.g. in autonomous driving, speech recognition, or recommender systems. Deep…

Artificial Intelligence · Computer Science 2018-01-02 Andreas Holzinger , Chris Biemann , Constantinos S. Pattichis , Douglas B. Kell

Compliance at web scale poses practical challenges: each request may require a regulatory assessment. Regulatory texts (e.g., the General Data Protection Regulation, GDPR) are cross-referential and normative, while runtime contexts are…

Artificial Intelligence · Computer Science 2025-10-31 Jiseong Chung , Ronny Ko , Wonchul Yoo , Makoto Onizuka , Sungmok Kim , Tae-Wan Kim , Won-Yong Shin

Purpose is crucial for privacy protection as it makes users confident that their personal data are processed as intended. Available proposals for the specification and enforcement of purpose-aware policies are unsatisfactory for their…

Cryptography and Security · Computer Science 2015-07-30 Riccardo De Masellis , Chiara Ghidini , Silvio Ranise

Machine learning is becoming an ever present part in our lives as many decisions, e.g. to lend a credit, are no longer made by humans but by machine learning algorithms. However those decisions are often unfair and discriminating…

Computers and Society · Computer Science 2024-05-28 Elias Baumann , Josef Lorenz Rumberger

A new Cyber Resilience Act (CRA) was recently agreed upon in the European Union (EU). The paper examines and elaborates what new requirements the CRA entails by contrasting it with the older General Data Protection Regulation (GDPR).…

Software Engineering · Computer Science 2025-10-16 Jukka Ruohonen , Kalle Hjerppe , Eun-Young Kang

Organisations can use artificial intelligence to make decisions about people for a variety of reasons, for instance, to select the best candidates from many job applications. However, AI systems can have discriminatory effects when used for…

Computers and Society · Computer Science 2022-11-29 Marvin van Bekkum , Frederik Zuiderveen Borgesius

The purpose of the General Data Protection Regulation (GDPR) is to provide improved privacy protection. If an app controls personal data from users, it needs to be compliant with GDPR. However, GDPR lists general rules rather than exact…

Software Engineering · Computer Science 2020-08-17 Ming Fan , Le Yu , Sen Chen , Hao Zhou , Xiapu Luo , Shuyue Li , Yang Liu , Jun Liu , Ting Liu

The European Union's General Data Protection Regulation (GDPR) requires websites to ask for consent to the use of cookies for \emph{specific purposes}. This enlarges the relevant design space for consent dialogs. Websites could try to…

Human-Computer Interaction · Computer Science 2020-03-04 Dominique Machuletz , Rainer Böhme

Artificial intelligence (AI) has the potential to transform healthcare, but it requires access to health data. Synthetic data that is generated through machine learning models trained on real data, offers a way to share data while…

Computers and Society · Computer Science 2025-08-13 Vibeke Binz Vallevik , Anne Kjersti C. Befring , Severin Elvatun , Jan Franz Nygaard

The many initiatives on trustworthy AI result in a confusing and multipolar landscape that organizations operating within the fluid and complex international value chains must navigate in pursuing trustworthy AI. The EU's AI Act will now…

Artificial Intelligence · Computer Science 2024-08-23 Julio Hernandez , Delaram Golpayegani , Dave Lewis

Third-party tracking, the collection and sharing of behavioural data about individuals, is a significant and ubiquitous privacy threat in mobile apps. The EU General Data Protection Regulation (GDPR) was introduced in 2018 to protect…

Computers and Society · Computer Science 2021-12-22 Konrad Kollnig , Reuben Binns , Max Van Kleek , Ulrik Lyngs , Jun Zhao , Claudine Tinsman , Nigel Shadbolt