Back to top

Appropriate Technical and Organizational Measures - Identifying Privacy Engineering Approaches to Meet GDPR Requirements

Last modified Jul 19, 2019
   No tags assigned

Data portability is one of the new provisions that have been introduced with the General Data Protection
Regulation (GDPR) in May 2018. Given certain limitations, the data subject can request a digital copy of
her own personal data. Practical guidelines describe how to handle such data portability requests, but do not
support in identifying which data has to be handed out. We apply a rigorous method to extract the necessary
information properties to fulfill data portability requests. We then use these properties to define an abstract
service for data portability. This service is evaluated in seven expert interviews.


Link to file:

Files and Subpages

Name Type Size Last Modification Last Editor
Huth AMCIS2019.pdf 473 KB 23.09.2019