Dataset Open Access

Design principles for the General Data Protection Regulation (GDPR): A formal concept analysis and its evaluation

Damian A. Tamburri

DataCite XML Export

<?xml version='1.0' encoding='utf-8'?>
<resource xmlns:xsi="" xmlns="" xsi:schemaLocation="">
  <identifier identifierType="DOI">10.5281/zenodo.4534173</identifier>
      <creatorName>Damian A. Tamburri</creatorName>
      <affiliation>Tu/e - JADS</affiliation>
    <title>Design principles for the General Data Protection Regulation (GDPR): A formal concept analysis and its evaluation</title>
    <subject>Privacy-by-design; GDPR; Formal-concept analysis</subject>
    <date dateType="Issued">2020-07-15</date>
  <resourceType resourceTypeGeneral="Dataset"/>
    <alternateIdentifier alternateIdentifierType="url"></alternateIdentifier>
    <relatedIdentifier relatedIdentifierType="DOI" relationType="IsVersionOf">10.5281/zenodo.4534172</relatedIdentifier>
    <relatedIdentifier relatedIdentifierType="URL" relationType="IsPartOf"></relatedIdentifier>
    <rights rightsURI="">Creative Commons Attribution 4.0 International</rights>
    <rights rightsURI="info:eu-repo/semantics/openAccess">Open Access</rights>
    <description descriptionType="Abstract">&lt;p&gt;Data and software are nowadays one and the same: for this very reason, the European Union (EU) and other governments introduce frameworks for data protection &amp;mdash; a key example being the General Data Protection Regulation (GDPR). However, GDPR compliance is not straightforward: its text is not written by software or information engineers but rather, by lawyers and policy-makers. As a design aid to information engineers aiming for GDPR compliance, as well as an aid to software users&amp;rsquo; understanding of the regulation, this article offers a systematic synthesis and discussion of it, distilled by the mathematical analysis method known as Formal Concept Analysis (FCA). By its principles, GDPR is synthesised as a concept lattice, that is, a formal summary of the regulation, featuring 144372 records &amp;mdash; its uses are manifold. For example, the lattice captures so-called attribute implications, the implicit logical relations across the regulation, and their intensity. These results can be used as drivers during systems and services (re-)design, development, operation, or information systems&amp;rsquo; refactoring towards more GDPR consistency.&lt;/p&gt;</description>
      <funderName>European Commission</funderName>
      <funderIdentifier funderIdentifierType="Crossref Funder ID">10.13039/501100000780</funderIdentifier>
      <awardNumber awardURI="info:eu-repo/grantAgreement/EC/H2020/787061/">787061</awardNumber>
      <awardTitle>Advanced tools for fighting oNline Illegal TrAfficking</awardTitle>
All versions This version
Views 3434
Downloads 33
Data volume 88.3 MB88.3 MB
Unique views 2828
Unique downloads 33


Cite as