Extensible consent management architectures for data trusts
Extensible consent management architectures for data trusts
Sensitive personal information of individuals and non-personal information of organizations or communities often needs to be legitimately exchanged among different stakeholders, to provide services, maintain public health, law and order, and so on. While such exchanges are necessary, they also impose enormous privacy and security challenges. Data protection laws like GDPR for personal data and Indian Non-personal data protection draft specify conditions and the \textit{legal capacity} in which personal and non-personal information can be solicited and disseminated further. But there is a dearth of formalisms for specifying legal capacities and jurisdictional boundaries, so that open-ended exchange of such data can be implemented. This paper proposes an extensible framework for consent management in Data Trusts in which data can flow across a network through "role tunnels" established based on corresponding legal capacities.
cs.CY
Ayappane, Balambiga
a3c98ec4-5bda-4cba-a7a3-168d3462c87c
Vaidyanathan, Rohith
01410d0e-f705-47a1-8fee-c6609aad9e67
Srinivasa, Srinath
b4e35d32-beae-4c6e-a4f8-3ee56e75d648
Deshmukh, Jayati
5903b0c1-b4d1-4fbf-b687-610d4fde3990
28 September 2023
Ayappane, Balambiga
a3c98ec4-5bda-4cba-a7a3-168d3462c87c
Vaidyanathan, Rohith
01410d0e-f705-47a1-8fee-c6609aad9e67
Srinivasa, Srinath
b4e35d32-beae-4c6e-a4f8-3ee56e75d648
Deshmukh, Jayati
5903b0c1-b4d1-4fbf-b687-610d4fde3990
[Unknown type: UNSPECIFIED]
Abstract
Sensitive personal information of individuals and non-personal information of organizations or communities often needs to be legitimately exchanged among different stakeholders, to provide services, maintain public health, law and order, and so on. While such exchanges are necessary, they also impose enormous privacy and security challenges. Data protection laws like GDPR for personal data and Indian Non-personal data protection draft specify conditions and the \textit{legal capacity} in which personal and non-personal information can be solicited and disseminated further. But there is a dearth of formalisms for specifying legal capacities and jurisdictional boundaries, so that open-ended exchange of such data can be implemented. This paper proposes an extensible framework for consent management in Data Trusts in which data can flow across a network through "role tunnels" established based on corresponding legal capacities.
Text
2309.16789v1
- Author's Original
More information
Published date: 28 September 2023
Additional Information:
An earlier version of this paper was published in ISIC 2021
Keywords:
cs.CY
Identifiers
Local EPrints ID: 492183
URI: http://eprints.soton.ac.uk/id/eprint/492183
PURE UUID: 81dc6a0d-7647-41b4-a5b1-0aee85e40975
Catalogue record
Date deposited: 19 Jul 2024 16:38
Last modified: 20 Jul 2024 02:14
Export record
Altmetrics
Contributors
Author:
Balambiga Ayappane
Author:
Rohith Vaidyanathan
Author:
Srinath Srinivasa
Author:
Jayati Deshmukh
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics