Automated GDPR Contract Compliance Verification Using Knowledge Graphs

Amar Tauqeer*, Anelia Kurteva, Tek Raj Chhetri, Albin Ahmeti, Anna Fensel

*Corresponding author for this work

Research output: Contribution to journalArticleAcademicpeer-review

5 Citations (Scopus)

Abstract

In the past few years, the main research efforts regarding General Data Protection Regulation (GDPR)-compliant data sharing have been focused primarily on informed consent (one of the six GDPR lawful bases for data processing). In cases such as Business-to-Business (B2B) and Business-to-Consumer (B2C) data sharing, when consent might not be enough, many small and medium enterprises (SMEs) still depend on contracts—a GDPR basis that is often overlooked due to its complexity. The contract’s lifecycle comprises many stages (e.g., drafting, negotiation, and signing) that must be executed in compliance with GDPR. Despite the active research efforts on digital contracts, contract-based GDPR compliance and challenges such as contract interoperability have not been sufficiently elaborated on yet. Since knowledge graphs and ontologies provide interoperability and support knowledge discovery, we propose and develop a knowledge graph-based tool for GDPR contract compliance verification (CCV). It binds GDPR’s legal basis to data sharing contracts. In addition, we conducted a performance evaluation in terms of execution time and test cases to validate CCV’s correctness in determining the overhead and applicability of the proposed tool in smart city and insurance application scenarios. The evaluation results and the correctness of the CCV tool demonstrate the tool’s practicability for deployment in the real world with minimum overhead.

Original languageEnglish
Article number447
JournalInformation (Switzerland)
Volume13
Issue number10
DOIs
Publication statusPublished - 24 Sept 2022

Keywords

  • data sharing
  • digital contracts
  • GDPR compliance
  • insurance
  • knowledge graph
  • ontology
  • smart cities

Fingerprint

Dive into the research topics of 'Automated GDPR Contract Compliance Verification Using Knowledge Graphs'. Together they form a unique fingerprint.

Cite this