Technical Requirements and Approaches in Personal Data Control

被引：4

作者：

Sim, Junsik ^{[1
]}

Kim, Beomjoong ^{[1
]}

Jeon, Kiseok ^{[1
]}

Joo, Moonho ^{[1
]}

Lim, Jihun ^{[1
]}

Lee, Junghee ^{[1
]}

Choo, Kim-Kwang Raymond ^{[2
]}

机构：

[1] Korea Univ, 145 Anam Ro, Seoul 02841, South Korea

[2] Univ Texas San Antonio, San Antonio, TX 78249 USA

来源：

ACM COMPUTING SURVEYS | 2023年 / 55卷 / 09期

关键词：

Personal data; control rights; compliance; CONSENT MANAGEMENT; MOBILE HEALTH; DATA PRIVACY; GDPR; SYSTEM;

D O I：

10.1145/3558766

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

There has been a trend of moving from simply de-identification to providing extended data control to their owner (e.g., data portability and right to be forgotten), partly due to the introduction of the General Data Protection Regulation (GDPR). Hence, in this paper, we survey the literature to provide an in-depth understanding of the existing approaches for personal data control (e.g., we observe that most existing approaches are generally designed to facilitate compliance), as well as the privacy regulations in Europe, United Kingdom, California, South Korea, and Japan. Based on the review, we identify the associated technical requirements, as well as a number of research gaps and potential future directions (e.g., the need for transparent processing of personal data and establishment of clear procedure in ensuring personal data control).

引用

页数：30

共 127 条

[1]

ABINE (Delete me & Blur), 2021, ABINE DEL ME BLUR AB

[2]

Access My Info, 2021, ACC MY INF CIT LAB

[3]

AccountKiller, 2021, ACCOUNTKILLER WANT D

[4] Nudges for Privacy and Security: Understanding and Assisting Users' Choices Online [J].