Using Content Analysis for Privacy Requirement Extraction and Policy Formalization

Using Content Analysis for Privacy Requirement Extraction and Policy Formalization

Abstract

Privacy in cyberspace is a major concern nowadays and enterprises are required to comply with existing privacy regulations and ensure a certain level of privacy for societal and user acceptance. Privacy is also a multidisciplinary and mercury concept, which makes it challenging to define clear privacy requirements and policies to facilitate compliance check and enforcement at the technical level. This paper investigates the potential of using knowledge engineering approaches to transform legal documents to actionable business process models through the extraction of privacy requirements and formalization of privacy policies. The paper features two contributions: A literature review of existing privacy engineering approaches shows that semi-automatic support for extracting and modeling privacy policies from textual documents is often missing. A case study applying content analysis to five guideline documents on implementing privacy-preserving video surveillance systems yields promising first results towards a methodology on semi-automatic extraction and formalization of privacy policies using knowledge engineering approaches.

Grafik Top
Authors
  • Rinderle-Ma, Stefanie
  • Ma, Zhendong
  • Madlmayr, Bernhard
Grafik Top
Projects
Grafik Top
Shortfacts
Category
Paper in Conference Proceedings or in Workshop Proceedings (Full Paper in Proceedings)
Event Title
6th International Workshop on Enterprise Modelling and Information Systems Architectures
Divisions
Workflow Systems and Technology
Event Location
Innsbruck
Event Type
Workshop
Event Dates
September
Date
September 2015
Export
Grafik Top