Purpose control : did you process the data for the intended purpose?

M. Petkovic; D. Prandi; N. Zannone

doi:10.1007/978-3-642-23556-6_10

Purpose control : did you process the data for the intended purpose?

M. Petkovic, D. Prandi, N. Zannone

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

41 Citations (Scopus)

3 Downloads (Pure)

Abstract

Data protection legislation requires personal data to be collected and processed only for lawful and legitimate purposes. Unfortunately, existing protection mechanisms are not appropriate for purpose control: they only prevent unauthorized actions from occurring and do not guarantee that the data are actually used for the intended purpose. In this paper, we present a flexible framework for purpose control, which connects the intended purpose of data to the business model of an organization and detects privacy infringements by determining whether the data have been processed only for the intended purpose.

Original language	English
Title of host publication	Secure Data Management (8th VLDB Workshop, SDM 2011, Seattle, WA, USA, September 2, 2011, Proceedings)
Editors	W. Jonker, M. Petkovic
Place of Publication	Berlin
Publisher	Springer
Pages	145-168
ISBN (Print)	978-3-642-23555-9
DOIs	https://doi.org/10.1007/978-3-642-23556-6_10
Publication status	Published - 2011

Publication series

Name	Lecture Notes in Computer Science
Volume	6933
ISSN (Print)	0302-9743

Access to Document

10.1007/978-3-642-23556-6_10

Cite this

Petkovic, M., Prandi, D., & Zannone, N. (2011). Purpose control : did you process the data for the intended purpose? In W. Jonker, & M. Petkovic (Eds.), Secure Data Management (8th VLDB Workshop, SDM 2011, Seattle, WA, USA, September 2, 2011, Proceedings) (pp. 145-168). (Lecture Notes in Computer Science; Vol. 6933). Springer. https://doi.org/10.1007/978-3-642-23556-6_10

@inproceedings{e3ba182979fa46c4bc27e27760594e60,

title = "Purpose control : did you process the data for the intended purpose?",

abstract = "Data protection legislation requires personal data to be collected and processed only for lawful and legitimate purposes. Unfortunately, existing protection mechanisms are not appropriate for purpose control: they only prevent unauthorized actions from occurring and do not guarantee that the data are actually used for the intended purpose. In this paper, we present a flexible framework for purpose control, which connects the intended purpose of data to the business model of an organization and detects privacy infringements by determining whether the data have been processed only for the intended purpose.",

author = "M. Petkovic and D. Prandi and N. Zannone",

year = "2011",

doi = "10.1007/978-3-642-23556-6_10",

language = "English",

isbn = "978-3-642-23555-9",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "145--168",

editor = "W. Jonker and M. Petkovic",

booktitle = "Secure Data Management (8th VLDB Workshop, SDM 2011, Seattle, WA, USA, September 2, 2011, Proceedings)",

address = "Germany",

}

Purpose control : did you process the data for the intended purpose? / Petkovic, M.; Prandi, D.; Zannone, N.
Secure Data Management (8th VLDB Workshop, SDM 2011, Seattle, WA, USA, September 2, 2011, Proceedings). ed. / W. Jonker; M. Petkovic. Berlin: Springer, 2011. p. 145-168 (Lecture Notes in Computer Science; Vol. 6933).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review