A Novel Approach to Data Revocation on the Internet
O. Kieselmann, N. Kopal, and A. Wacker. 10th DPM International Workshop on Data Privacy Management (DPM 2015), co-located with 20th European Symposium on Research in Computer Security (ESORICS 2015), page 134--149. Vienna, Austria, (September 2015)
Abstract
After publishing data on the Internet, the data publisher
loses control over it. However, there are several situations where it is
desirable to remove published information. To support this, the European
Union proposed the General Data Protection Regulation (GDPR)
which states that providers must remove the data when the corresponding
owner requests it. However, the data might already have been copied
by third parties. Therefore, Article 17 of the GDPR includes the regulation
that the provider must also inform all third parties about the
users request. Hence, the providers would need to track every access,
which is hard to achieve. This technical infeasibility is a gap between
the legislation and the current technical possibilities. To close this gap,
we propose a novel service which gives the data owner the possibility to
inform simultaneously all providers about her removal request.
10th DPM International Workshop on Data Privacy Management (DPM 2015), co-located with 20th European Symposium on Research in Computer Security (ESORICS 2015)
%0 Conference Paper
%1 kieselmanntoappearnovel
%A Kieselmann, Olga
%A Kopal, Nils
%A Wacker, Arno
%B 10th DPM International Workshop on Data Privacy Management (DPM 2015), co-located with 20th European Symposium on Research in Computer Security (ESORICS 2015)
%C Vienna, Austria
%D 2015
%K GDPR internet itegpub kieselmann kopal myown privacy revocation
%P 134--149
%T A Novel Approach to Data Revocation on the Internet
%U http://dx.doi.org/10.1007/978-3-319-29883-2_9
%X After publishing data on the Internet, the data publisher
loses control over it. However, there are several situations where it is
desirable to remove published information. To support this, the European
Union proposed the General Data Protection Regulation (GDPR)
which states that providers must remove the data when the corresponding
owner requests it. However, the data might already have been copied
by third parties. Therefore, Article 17 of the GDPR includes the regulation
that the provider must also inform all third parties about the
users request. Hence, the providers would need to track every access,
which is hard to achieve. This technical infeasibility is a gap between
the legislation and the current technical possibilities. To close this gap,
we propose a novel service which gives the data owner the possibility to
inform simultaneously all providers about her removal request.
@inproceedings{kieselmanntoappearnovel,
abstract = {After publishing data on the Internet, the data publisher
loses control over it. However, there are several situations where it is
desirable to remove published information. To support this, the European
Union proposed the General Data Protection Regulation (GDPR)
which states that providers must remove the data when the corresponding
owner requests it. However, the data might already have been copied
by third parties. Therefore, Article 17 of the GDPR includes the regulation
that the provider must also inform all third parties about the
users request. Hence, the providers would need to track every access,
which is hard to achieve. This technical infeasibility is a gap between
the legislation and the current technical possibilities. To close this gap,
we propose a novel service which gives the data owner the possibility to
inform simultaneously all providers about her removal request.},
added-at = {2015-09-01T15:47:31.000+0200},
address = {Vienna, Austria},
author = {Kieselmann, Olga and Kopal, Nils and Wacker, Arno},
biburl = {https://www.bibsonomy.org/bibtex/2035a96508509ee457391ee45a1a19af8/wacker},
booktitle = {10th DPM International Workshop on Data Privacy Management (DPM 2015), co-located with 20th European Symposium on Research in Computer Security (ESORICS 2015)},
interhash = {77530707471ba99627fe262063fbd888},
intrahash = {035a96508509ee457391ee45a1a19af8},
keywords = {GDPR internet itegpub kieselmann kopal myown privacy revocation},
month = sep,
pages = {134--149},
timestamp = {2016-03-01T17:51:01.000+0100},
title = {A Novel Approach to Data Revocation on the Internet},
url = {http://dx.doi.org/10.1007/978-3-319-29883-2_9},
year = 2015
}