Privacy by Design Requirements Elicitations and Data Subjects’ Rights

Intro

Τhis material aims to provide theoretical, methodological and practical guidance on the elicitation of privacy requirements. Additionally, the material offers insights on the process for data subjects’ rights management.
More specifically, several privacy requirements elicitation methodologies are described, with particular attention on their process, modeling techniques, graphical representations and relevant software tools. Further, a workflow of activities for data subjects’ rights handling is offered.
The material mainly targets computer science and informatics specialists.

At the end of the study, the reader is expected to:

Be familiar with the current privacy requirements elicitation methodologies
Understand the privacy requirements’ elicitation activities as part of the software requirements engineering process
Understand the data retention considerations in the software development process
Know the steps for enabling the management of data subject’s rights within the software development process

⇒ See relevant slides

General References

1. Cavoukian, “Privacy by design [leading edge]” IEEE Technology and So-ciety Magazine, Vol.31, No.4, pp. 18–19, 2012.
1. Gürses, C. Troncoso, C. Diaz, “Engineering privacy by design”, Comput-ers, Privacy & Data Protection, Vol.14, No.3, 2011.
1. Deng, K. Wuyts, R. Scandariato, B. Preneel, W. Joosen, “A privacy threat analysis framework: supporting the elicitation and fulfillment of pri-vacy requirements”, Requirements Engineering, Vol.16, No.1, pp. 3-32, 2011.
1. Liu, E. Yu, J. Mylopoulos, “Security and privacy requirements analysis within a social setting”, In Proceedings of 11th IEEE International Re-quirements Engineering Conference, IEEE, 2003, pp. 151-161.
1. Yu, L. Cysneiros, “Designing for privacy and other competing require-ments”, In 2nd Symposium on Requirements Engineering for Information Security (SREIS’02), Raleigh, North Carolina, 2002, pp. 15-16.