Purpose control : did you process the data for the intended purpose?

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

39 Citations (Scopus)
2 Downloads (Pure)


Data protection legislation requires personal data to be collected and processed only for lawful and legitimate purposes. Unfortunately, existing protection mechanisms are not appropriate for purpose control: they only prevent unauthorized actions from occurring and do not guarantee that the data are actually used for the intended purpose. In this paper, we present a flexible framework for purpose control, which connects the intended purpose of data to the business model of an organization and detects privacy infringements by determining whether the data have been processed only for the intended purpose.
Original languageEnglish
Title of host publicationSecure Data Management (8th VLDB Workshop, SDM 2011, Seattle, WA, USA, September 2, 2011, Proceedings)
EditorsW. Jonker, M. Petkovic
Place of PublicationBerlin
ISBN (Print)978-3-642-23555-9
Publication statusPublished - 2011

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743


Dive into the research topics of 'Purpose control : did you process the data for the intended purpose?'. Together they form a unique fingerprint.

Cite this