Run-Time Monitoring of Data-Handling Violations
Organisations are coming under increasing pressure to respect and protect personal data privacy, especially with the European Union’s General Data Protection Regulation (GDPR) now in effect. As legislation and regulation evolve to incentivise such data-handling protection, so too does the business case for demonstrating compliance both in spirit and to the letter. Compliance will require ongoing checks as modern systems are constantly changing in terms of digital infrastructure services and business offerings, and the interaction between human and machine. Therefore, monitoring for compliance during run-time is likely to be required. There has been limited research into how to monitor how well a system respects consents given, and withheld, pertaining to handling and onward sharing. This paper proposes a finite-state-machine method for detecting violations of preferences (consents and revocations) expressed by Data Subjects regarding use of their personal data, and also violations of any related obligations that might be placed upon data handlers (data controllers and processors). Our approach seeks to enable detection of both accidental and malicious compromises of privacy properties. We also present a concept demonstrator to show the feasibility of our approach and discuss its design and technical implementation.
KeywordsPrivacy Run-time monitoring Policy-violation checking
This research was conducted as a part of the PROTECTIVE project. This project has received funding from the European Union’s Horizon 2020 research and innovation program under grant agreement No. 700071. This output reflects the views only of the author(s), and the European Union cannot be held responsible for any use which may be made of the information contained therein.
The EnCoRe project  was an interdisciplinary research project, a collaboration between UK industry and academia, partially funded by the UK Technology Strategy Board (TP/12/NS/P0501A), the UK Engineering and Physical Sciences Research Council and the UK Economic and Social Research Council (EP/G002541/1).
- 1.Barth, A., Datta, A., Mitchell, J.C., Nissenbaum, H.: Privacy and contextual integrity: framework and applications. In: 2006 IEEE Symposium on Security and Privacy, 15-p. IEEE (2006)Google Scholar
- 2.Basin, D., Debois, S.: and Thomas Hildebrandt. Compliance under the GDPR, On purpose and by necessity (2018)Google Scholar
- 4.British Parliament. Data Protection Act. London Stationery Office (1998)Google Scholar
- 5.Brooks, S., Brooks, S., Garcia, M., Lefkovitz, N., Lightman, S., Nadeau, E.: An Introduction to Privacy Engineering and Risk Management in Federal Systems. US Department of Commerce, National Institute of Standards and Technology (2017)Google Scholar
- 6.Cavoukian, A.: Privacy by design. 7 foundational principles (2011). www.ipc.on.ca/wp-content/uploads/Resources/7foundationalprinciples.pdf
- 7.Cavoukian, A., et al.: Privacy by design documentation for software engineers version 1.0. (PbD-SE). Organization for the Advancement of Structured Information Standards (OASIS), Burlington (2014)Google Scholar
- 9.Daniel, F., et al.: Business compliance governance in service-oriented architectures. In: International Conference on Advanced Information Networking and Applications, AINA 2009, pp. 113–120. IEEE (2009)Google Scholar
- 11.EnCoRe project partners. Encore: Ensuring consent and revocation (2008). http://www.hpl.hp.com/breweb/encoreproject/index.html
- 12.European Commission. General Data Protection Regulation (2018). https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en
- 14.Fisk, G., Ardi, C., Pickett, N., Heidemann, J., Fisk, M., Papadopoulos, C.: Privacy principles for sharing cyber security data. In: 2015 IEEE Security and Privacy Workshops (SPW), pp. 193–197. IEEE (2015)Google Scholar
- 15.Garg, D., Jia, L., Datta, A.: Policy auditing over incomplete logs: theory, implementation and applications. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 151–162. ACM (2011)Google Scholar
- 18.Luckham, D.: The power of events: an introduction to complex event processing in distributed enterprise systems. In: Bassiliades, N., Governatori, G., Paschke, A. (eds.) RuleML 2008. LNCS, vol. 5321, p. 3. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88808-6_2CrossRefGoogle Scholar
- 20.Mulo, E., Zdun, U., Dustdar, S.: Monitoring web service event trails for business compliance. In: 2009 IEEE International Conference on Service-oriented Computing and Applications (SOCA), pp. 1–8. IEEE (2009)Google Scholar
- 22.Papanikolaou, N., Creese, S., Goldsmith, M., Mont, M.C., Pearson, S.: Encore: towards a holistic approach to privacy. In: Proceedings of the 2010 International Conference on Security and Cryptography (SECRYPT), pp. 1–6. IEEE (2010)Google Scholar
- 23.Roscoe, B.: The theory and practice of concurrency (1998)Google Scholar
- 24.Sarbanes-Oxley Act. Sarbanes-oxley act of 2002. Public Law (107–204) (2002)Google Scholar
- 25.Soto-Mendoza, V., Serrano-Alvarado, P., Desmontils, E., Garcia-Macias, J.A.: Policies composition based on data usage context. In: Sixth International Workshop on Consuming Linked Data (COLD 2015) at ISWC (2015)Google Scholar
- 27.Tran, H., et al.: An end-to-end framework for business compliance in process-driven SOAs. In: 2010 12th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC), pp. 407–414. IEEE (2010)Google Scholar