Towards A Conceptual Model For Privacy Policies

by Marco Casassa Mont, Siani Pearson, Michael Goldsmith, Nick Papanikolaou
Abstract:
This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-level, focusing on the technical implementation of access controls to personal data held by an enterprise. High-level approaches tend to address privacy as an afterthought in ordinary business practice, and involve ad hoc enforcement practices; low-level approaches often leave out important legal and business considerations focusing solely on technical management of privacy policies. Hence, neither is a panacea and the low level approaches are often not adopted in real environments. Our conceptual model provides a means to express privacy policy requirements as well as users’ privacy preferences. It enables structured reasoning regarding containment and implementation between various policies at the high level, and enables easy traceability into the low-level policy implementations. Thus it offers a means to reason about correctness that links low-level privacy management mechanisms to stakeholder requirements, thereby encouraging exploitation of the low-level methods. The work and approach discussed in this paper is currently carried out in the context of the UK EnCoRe (Ensuring Consent and Revocation) collaborative project.
Reference:
Towards A Conceptual Model For Privacy Policies (Marco Casassa Mont, Siani Pearson, Michael Goldsmith, Nick Papanikolaou), Technical report, HP Laboratories, 2010.
Bibtex Entry:
@TECHREPORT{CasassaMont2010b,
  author = {Marco {Casassa Mont} and Siani Pearson and Michael Goldsmith and
	Nick Papanikolaou},
  title = {Towards A Conceptual Model For Privacy Policies},
  institution = {HP Laboratories},
  year = {2010},
  type = {HP Labs Technical Report},
  number = {HPL-2010-82},
  __markedentry = {[Nick]},
  abstract = {This paper proposes a conceptual model for privacy policies that takes
	into account privacy requirements arising from different stakeholders,
	with legal, business and technical backgrounds. Current approaches
	to privacy management are either high-level, enforcing privacy of
	personal data using legal compliance, risk and impact assessments,
	or low-level, focusing on the technical implementation of access
	controls to personal data held by an enterprise. High-level approaches
	tend to address privacy as an afterthought in ordinary business practice,
	and involve ad hoc enforcement practices; low-level approaches often
	leave out important legal and business considerations focusing solely
	on technical management of privacy policies. Hence, neither is a
	panacea and the low level approaches are often not adopted in real
	environments. Our conceptual model provides a means to express privacy
	policy requirements as well as users' privacy preferences. It enables
	structured reasoning regarding containment and implementation between
	various policies at the high level, and enables easy traceability
	into the low-level policy implementations. Thus it offers a means
	to reason about correctness that links low-level privacy management
	mechanisms to stakeholder requirements, thereby encouraging exploitation
	of the low-level methods. The work and approach discussed in this
	paper is currently carried out in the context of the UK EnCoRe (Ensuring
	Consent and Revocation) collaborative project.},
  owner = {nikos},
  timestamp = {2011.10.30}
}