Privacy-by-design Regulation in Software Engineering (PRiSE)

The new EU General Data Protection Regulation (GDPR) adopted in April 2016 consists of a considerable amount of open-ended rules, whose practical implementation depends on context. This stands in stark contrast with the technical requirements for software engineering, which should be precise for all situations. This interdisciplinary project aims to bridge this gap by leveraging CiTiP's expertise on data protection impact assessment and DistriNet's LINDDUN privacy framework. The results will be valorized as the PRiSE technical framework, containing an integrated risk assessment methodology, a support tool for the definition of legal and technical mitigation measures and for the assurance of legal accountability throughout the software development life cycle. This outcome will answer the high demand from industry on how to implement privacy and data protection in software systems, triggered by the entering into force of the GDPR in May 2018.

Keywords:Privacy engineering, General Data Protection Regulation, Privacy-by-design, LINDDUN

Disciplines:Law, Applied mathematics in specific fields, Computer architecture and networks, Distributed computing, Information sciences, Information systems, Programming languages, Scientific computing, Theoretical computer science, Visual computing, Other information and computing sciences