GDPR: What’s in a Year (and a Half)?

Ana Ferreira

Abstract

This paper aims to investigate, with a literature review, how the research community has been tackling the security and privacy requirements mandated by the General Data Protection Legislation (GDPR), over the last year and a half. We assessed what proposed solutions have been implemented since GDPR came into force, if and where they were tested in real settings, with what technologies and what specific GDPR requirements were targeted. No similar review has been found by the authors as works in the literature mostly provide recommendations for GDPR compliance or assess if current solutions are GDPR compliant. Results show that most proposed solutions focus on Consent, PrivacybyDefault/Design and are assessed on IoT and healthcare domains. However, almost none is tested and used in a real setting. Although it may be still early days for this review, it is clear that: a) there is the need for more GDPR compliant novel solutions, tests and evaluations in real settings; b) the obtained knowledge be quickly shared so that proper feedback is given to the legal authorities and business/research organizations; and c) solutions on privacy must integrate socio-technical components that can face, in an all-inclusive way, infrastructures, activities and processes, where GDPR must apply.

Download


Paper Citation


in Harvard Style

Ferreira A. (2020). GDPR: What’s in a Year (and a Half)?.In Proceedings of the 22nd International Conference on Enterprise Information Systems - Volume 2: ICEIS, ISBN 978-989-758-423-7, pages 209-216. DOI: 10.5220/0009386002090216


in Bibtex Style

@conference{iceis20,
author={Ana Ferreira},
title={GDPR: What’s in a Year (and a Half)?},
booktitle={Proceedings of the 22nd International Conference on Enterprise Information Systems - Volume 2: ICEIS,},
year={2020},
pages={209-216},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009386002090216},
isbn={978-989-758-423-7},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 22nd International Conference on Enterprise Information Systems - Volume 2: ICEIS,
TI - GDPR: What’s in a Year (and a Half)?
SN - 978-989-758-423-7
AU - Ferreira A.
PY - 2020
SP - 209
EP - 216
DO - 10.5220/0009386002090216