The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Automated GDPR contract compliance verification using knowledge graphs

Automated GDPR contract compliance verification using knowledge graphs
Automated GDPR contract compliance verification using knowledge graphs
In the past few years, the main research efforts regarding General Data Protection Regulation (GDPR)-compliant data sharing have been focused primarily on informed consent (one of the six GDPR lawful bases for data processing). In cases such as Business-to-Business (B2B) and Business-to-Consumer (B2C) data sharing, when consent might not be enough, many small and medium enterprises (SMEs) still depend on contracts—a GDPR basis that is often overlooked due to its complexity. The contract’s lifecycle comprises many stages (e.g., drafting, negotiation, and signing) that must be executed in compliance with GDPR. Despite the active research efforts on digital contracts, contract-based GDPR compliance and challenges such as contract interoperability have not been sufficiently elaborated on yet. Since knowledge graphs and ontologies provide interoperability and support knowledge discovery, we propose and develop a knowledge graph-based tool for GDPR contract compliance verification (CCV). It binds GDPR’s legal basis to data sharing contracts. In addition, we conducted a performance evaluation in terms of execution time and test cases to validate CCV’s correctness in determining the overhead and applicability of the proposed tool in smart city and insurance application scenarios. The evaluation results and the correctness of the CCV tool demonstrate the tool’s practicability for deployment in the real world with minimum overhead.
Tauqeer, Amar
c6270bb4-8e58-44ee-9866-c3e0ad41228e
Kurteva, Anelia
1b024131-3c61-4876-893a-97f5d731b554
Chhetri, Tek Raj
c3431de5-4860-43e5-b09f-3dbb752c8490
Ahmeti, Albin
34c1b58b-034c-4a83-b553-f9985be51dd5
Fensel, Anna
6d0be8a7-8261-48f1-9214-fc5fc59c40d3
Tauqeer, Amar
c6270bb4-8e58-44ee-9866-c3e0ad41228e
Kurteva, Anelia
1b024131-3c61-4876-893a-97f5d731b554
Chhetri, Tek Raj
c3431de5-4860-43e5-b09f-3dbb752c8490
Ahmeti, Albin
34c1b58b-034c-4a83-b553-f9985be51dd5
Fensel, Anna
6d0be8a7-8261-48f1-9214-fc5fc59c40d3

Tauqeer, Amar, Kurteva, Anelia, Chhetri, Tek Raj, Ahmeti, Albin and Fensel, Anna (2022) Automated GDPR contract compliance verification using knowledge graphs. Information (Switzerland), 13 (10), [447]. (doi:10.3390/info13100447).

Record type: Article

Abstract

In the past few years, the main research efforts regarding General Data Protection Regulation (GDPR)-compliant data sharing have been focused primarily on informed consent (one of the six GDPR lawful bases for data processing). In cases such as Business-to-Business (B2B) and Business-to-Consumer (B2C) data sharing, when consent might not be enough, many small and medium enterprises (SMEs) still depend on contracts—a GDPR basis that is often overlooked due to its complexity. The contract’s lifecycle comprises many stages (e.g., drafting, negotiation, and signing) that must be executed in compliance with GDPR. Despite the active research efforts on digital contracts, contract-based GDPR compliance and challenges such as contract interoperability have not been sufficiently elaborated on yet. Since knowledge graphs and ontologies provide interoperability and support knowledge discovery, we propose and develop a knowledge graph-based tool for GDPR contract compliance verification (CCV). It binds GDPR’s legal basis to data sharing contracts. In addition, we conducted a performance evaluation in terms of execution time and test cases to validate CCV’s correctness in determining the overhead and applicability of the proposed tool in smart city and insurance application scenarios. The evaluation results and the correctness of the CCV tool demonstrate the tool’s practicability for deployment in the real world with minimum overhead.

Text
Automated_GDPR_Contract_compliance - Version of Record
Available under License Creative Commons Attribution.
Download (1MB)

More information

Accepted/In Press date: 20 September 2022
Published date: 1 October 2022
Additional Information: This work is supported by the Horizon 2020 project smashHit (grant number 871477).
Learn more about Web and Internet Science research

Identifiers

Local EPrints ID: 481406
URI: http://eprints.soton.ac.uk/id/eprint/481406
DOI: doi:10.3390/info13100447
PURE UUID: b0adc7e4-c3d3-48cb-a68e-9b39e8e0e750
ORCID for Tek Raj Chhetri: ORCID iD orcid.org/0000-0002-3905-7878

Catalogue record

Date deposited: 25 Aug 2023 16:52
Last modified: 17 Mar 2024 04:21

Export record

Altmetrics

Contributors

Author: Amar Tauqeer
Author: Anelia Kurteva
Author: Tek Raj Chhetri ORCID iD
Author: Albin Ahmeti
Author: Anna Fensel

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×