YaPPL - A Lightweight Privacy Preference Language for Legally Sufficient and Automated Consent Provision in IoT Scenarios

Max-R Ulbricht, Frank Pallas

Research output: Chapter in Book/Report/Conference proceeding/Legal commentaryChapter in BookResearchpeer-review

Abstract

In this paper, we present YaPPL—a Privacy Preference Language explicitly designed to fulfill consent-related requirements of the GDPR as well as to address technical givens of IoT scenarios. We analyze what criteria consent must meet in order to be legally sufficient and translate these into a formal representation of consent as well as into functional requirements that YaPPL must fulfill. Taking into account further nonfunctional requirements particularly relevant in the IoT context, we then derive a specification of YaPPL, which we prototypically implemented in a reusable software library and successfully instantiated in a proof of concept scenario, paving the way for viable technical implementations of legally sufficient consent mechanisms in the IoT.
Original languageEnglish
Title of host publicationData Privacy Management, Cryptocurrencies and Blockchain Technology
DOIs
Publication statusPublished - 2018

Fields of Science and Technology Classification 2012

  • 102 Computer Sciences
  • 505 Law

Cite this