Dataset Open Access
Design principles for the General Data Protection Regulation (GDPR): A formal concept analysis and its evaluation
Damian A. Tamburri
Data and software are nowadays one and the same: for this very reason, the European Union (EU) and other governments introduce frameworks for data protection — a key example being the General Data Protection Regulation (GDPR). However, GDPR compliance is not straightforward: its text is not written by software or information engineers but rather, by lawyers and policy-makers. As a design aid to information engineers aiming for GDPR compliance, as well as an aid to software users’ understanding of the regulation, this article offers a systematic synthesis and discussion of it, distilled by the mathematical analysis method known as Formal Concept Analysis (FCA). By its principles, GDPR is synthesised as a concept lattice, that is, a formal summary of the regulation, featuring 144372 records — its uses are manifold. For example, the lattice captures so-called attribute implications, the implicit logical relations across the regulation, and their intensity. These results can be used as drivers during systems and services (re-)design, development, operation, or information systems’ refactoring towards more GDPR consistency.
| All versions | This version | |
|---|---|---|
| Views | 111 | 111 |
| Downloads | 8 | 8 |
| Data volume | 235.6 MB | 235.6 MB |
| Unique views | 97 | 97 |
| Unique downloads | 8 | 8 |
- Publication date:
- July 15, 2020
- DOI:
-
- Keyword(s):
- Privacy-by-design; GDPR; Formal-concept analysis
- Grants:
-
European Commission:
- ANITA - Advanced tools for fighting oNline Illegal TrAfficking (787061)
- Communities:
- License (for files):
- Creative Commons Attribution 4.0 International