On Compound Purposes and Compound Reasons for Enabling Privacy
van Staden and Olivier
2011
Citation information
W. J. C. van Staden and M. S. Olivier. “On Compound Purposes and Compound Reasons for Enabling Privacy”. In: Journal of Universal Computer Science 17.3 (2011), pp. 426–450Abstract
This paper puts forward a verification method for compound purposes and compound reasons to be used during purpose limitation.
When it is absolutely necessary to collect privacy related information, it is essential that privacy enhancing technologies (PETs) protect access to data - in general accomplished by using the concept of purposes bound to data. Compound purposes and reasons are an enhancement of purposes used during purpose limitation and binding and are more expressive than purposes in their general form. Data users specify their access needs by making use of compound reasons which are defined in terms of (compound) purposes. Purposes are organised in a lattice with purposes near the greatest lower bound (GLB) considered weak (less specific) and purposes near the least upper bound (LUB) considered strong (most specific).
Access is granted based on the verification of the statement of intent (from the data user) against the compound purpose bound to the data; however, because purposes are in a lattice, the data user is not limited to a statement of intent that matches the purposes bound to the data exactly - the statement can be a true reflection of their intent with the data. Hence, the verification of compound reasons against compound purposes cannot be accomplished by current published verification algorithms.
Before presenting the verification method, compound purposes and reasons, as well as the structures used to represent them, and the operators that are used to define compounds is presented. Finally, some thoughts on implementation are provided.
Definitive version
The definitive version of the paper is available from the publisher.DOI: 10.3217/jucs-017-03-0426
BibTeX reference
@article(compounds,author={van Staden, Wynand J C and Martin S Olivier},
title={On Compound Purposes and Compound Reasons for Enabling Privacy},
journal={Journal of Universal Computer Science},
volume={17}, number={3},
pages={426--450},
year={2011} )