Privacy CURE: Consent Comprehension Made Easy - ICT Systems Security and Privacy Protection
Conference Papers Year : 2020

Privacy CURE: Consent Comprehension Made Easy

Olha Drozd
  • Function : Author
  • PersonId : 1021225
Sabrina Kirrane
  • Function : Author
  • PersonId : 1036908

Abstract

Although the General Data Protection Regulation (GDPR) defines several potential legal bases for personal data processing, in many cases data controllers, even when they are located outside the European Union (EU), will need to obtain consent from EU citizens for the processing of their personal data. Unfortunately, existing approaches for obtaining consent, such as pages of text followed by an agreement/disagreement mechanism, are neither specific nor informed. In order to address this challenge, we introduce our Consent reqUest useR intErface (CURE) prototype, which is based on the GDPR requirements and the interpretation of those requirements by the Article 29 Working Party (i.e., the predecessor of the European Data Protection Board). The CURE prototype provides transparency regarding personal data processing, more control via a customization, and, based on the results of our usability evaluation, improves user comprehension with respect to what data subjects actually consent to. Although the CURE prototype is based on the GDPR requirements, it could potentially be used in other jurisdictions also.
Fichier principal
Vignette du fichier
497034_1_En_9_Chapter.pdf (530.48 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-03440817 , version 1 (22-11-2021)

Licence

Identifiers

Cite

Olha Drozd, Sabrina Kirrane. Privacy CURE: Consent Comprehension Made Easy. 35th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2020, Maribor, Slovenia. pp.124-139, ⟨10.1007/978-3-030-58201-2_9⟩. ⟨hal-03440817⟩
32 View
51 Download

Altmetric

Share

More