{"title":"CrowdRE,用户反馈和GDPR:以最小的努力方式通过适当的技术和组织措施解决GDPR影响","authors":"Eduard C. Groen, M. Ochs","doi":"10.1109/REW.2019.00038","DOIUrl":null,"url":null,"abstract":"In 2018, the General Data Protection Regulation (GDPR) came into force, imposing strict laws aimed to protect the privacy of natural persons in member states of the European Union. However, the implications of the GDPR with respect to gathering, storing, and analyzing online user feedback — which is an important source of information for Crowd-based Requirements Engineering (CrowdRE) — have not been assessed yet. User feedback has been found to contain personal data, so the GDPR applies. It may be used for CrowdRE if conditions regarding data storage and handling are met and if, when used commercially, the duty to inform is carried out and the data subjects' rights and freedoms are respected. This can be a burden on the application of CrowdRE and might even inhibit its adoption. We propose a heuristic-based solution to anonymize the most prevalent types of personal data while crawling user feedback so that the data processing is no longer subject to GDPR.","PeriodicalId":166923,"journal":{"name":"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"CrowdRE, User Feedback and GDPR: Towards Tackling GDPR Implications with Adequate Technical and Organizational Measures in an Effort-Minimal Way\",\"authors\":\"Eduard C. Groen, M. Ochs\",\"doi\":\"10.1109/REW.2019.00038\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In 2018, the General Data Protection Regulation (GDPR) came into force, imposing strict laws aimed to protect the privacy of natural persons in member states of the European Union. However, the implications of the GDPR with respect to gathering, storing, and analyzing online user feedback — which is an important source of information for Crowd-based Requirements Engineering (CrowdRE) — have not been assessed yet. User feedback has been found to contain personal data, so the GDPR applies. It may be used for CrowdRE if conditions regarding data storage and handling are met and if, when used commercially, the duty to inform is carried out and the data subjects' rights and freedoms are respected. This can be a burden on the application of CrowdRE and might even inhibit its adoption. We propose a heuristic-based solution to anonymize the most prevalent types of personal data while crawling user feedback so that the data processing is no longer subject to GDPR.\",\"PeriodicalId\":166923,\"journal\":{\"name\":\"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/REW.2019.00038\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/REW.2019.00038","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
CrowdRE, User Feedback and GDPR: Towards Tackling GDPR Implications with Adequate Technical and Organizational Measures in an Effort-Minimal Way
In 2018, the General Data Protection Regulation (GDPR) came into force, imposing strict laws aimed to protect the privacy of natural persons in member states of the European Union. However, the implications of the GDPR with respect to gathering, storing, and analyzing online user feedback — which is an important source of information for Crowd-based Requirements Engineering (CrowdRE) — have not been assessed yet. User feedback has been found to contain personal data, so the GDPR applies. It may be used for CrowdRE if conditions regarding data storage and handling are met and if, when used commercially, the duty to inform is carried out and the data subjects' rights and freedoms are respected. This can be a burden on the application of CrowdRE and might even inhibit its adoption. We propose a heuristic-based solution to anonymize the most prevalent types of personal data while crawling user feedback so that the data processing is no longer subject to GDPR.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
