Abstract
In this paper, we present YaPPL—a Privacy Preference Language explicitly designed to fulfill consent-related requirements of the GDPR as well as to address technical givens of IoT scenarios. We analyze what criteria consent must meet in order to be legally sufficient and translate these into a formal representation of consent as well as into functional requirements that YaPPL must fulfill. Taking into account further nonfunctional requirements particularly relevant in the IoT context, we then derive a specification of YaPPL, which we prototypically implemented in a reusable software library and successfully instantiated in a proof of concept scenario, paving the way for viable technical implementations of legally sufficient consent mechanisms in the IoT.
Original language | English |
---|---|
Title of host publication | Data Privacy Management, Cryptocurrencies and Blockchain Technology |
DOIs | |
Publication status | Published - 2018 |
Fields of Science and Technology Classification 2012
- 102 Computer Sciences
- 505 Law