Paper 2
LPL, Towards a GDPR-Compliant Privacy Language: Formal Definition and UsageAuthors: Armin Gerl, Nadia Bennani, Harald Kosch, Lionel Brunie |
AbstractThe upcoming General Data Protection Regulation (GDPR) imposes several new legal requirements for privacy management in information systems. In this paper, we introduce LPL, an extensible Layered Privacy Language that allows to express and enforce these new privacy properties such as personal privacy, user consent, data provenance, and retention management. We present a formal description of LPL. Based on a set of usage examples, we present how LPL expresses and enforces the main features of the GDPR and application of state-of-the-art anonymization techniques. Keywords: Anonymization, GDPR, LPL, Personal privacy, Privacy language, Privacy model, Privacy-preservation, Provenance. |