An Ontology-based Framework for International Data Transfer and GDPR Compliance
Research output: Contribution to journal › Journal article › peer-review
Cross-border data transfers and their legal aspects have created a daunting landscape for application and service providers, in which rules and regulations need to be constantly monitored and addressed, especially in dynamic scenarios such as cloud brokerage or cloud/edge continuum operations. Even if regulations such as the General Data Protection Regulation (GDPR) have started to mature and be understood by the IT industry, further complexity has been added by relatively recent court rulings (such as the Schrems II decision) that create new challenges for the IT domain. The latter is heavily oriented towards a fully automated operational environment thus the consideration of the legality of a data transfer is necessary to comply with current regulations. The aim of this work is to semantically model several concepts surrounding international data transfers and based on the current changes and formulate them around a newly defined ontology (CIDaTa). The work exploits 23 existing ontologies, as dictated by the Linked Data paradigm, and introduces 50 links between them. This will aid in answering questions regarding the legality of a transfer or the necessary steps needed to achieve it. Example questions set to the framework are demonstrated that can enhance the understanding of the implications of a data transfer, enabling future additions that can lead to more automated management of these transfers.
|Journal||International Journal of Metadata, Semantics, and Ontology|
|Number of pages||21|
|Publication status||Submitted - Feb 2023|