Embedding personal data minimization technologies in organizations: needs, vision and artifacts
Embedding personal data minimization technologies in organizations: needs, vision and artifacts
Samenvatting
Often collected data sets contain more personal information than needed for a certain purpose. According to privacy laws and regulations the personal data in a data set should be minimized only to the data that are required and allowed for a chosen (legitimate) data usage. Statistical Disclosure Control (SDC) is one of the main data minimization technologies. Applying minimization technologies, particularly the SDC technology, into practice and embedding them within organizational settings can be a complex and demanding task for non-experts (i.e., those without prior experience and affinity with those technologies). In case of the SDC technology, for example, this challenge stems from its complexity, its context-dependency, its multi-disciplinarity, and its liability and accountability burdens. In this contribution we explain why personal data minimization is necessary, review the types of technologies for personal data minimization, present a framework we envision for embedding SDC technology in organizations, and mention the artifacts that, based on technology adoption theories, we have developed for embedding SDC technology within organizations. The envisioned framework comprises a structural model for deploying SDC technology and an iterative process for evolutionary organizational learning. At the end, we discuss the results obtained so far and mention some future research directions.
Organisatie | Hogeschool Rotterdam |
Lectoraat | Kenniscentrum Creating 010 |
Gepubliceerd in | ICEGOV 2021: 14th International Conference on Theory and Practice of Electronic Governance ACM, New York, Pagina's: 71-79 |
Datum | 2022-01-12 |
Type | Conferentiebijdrage |
ISBN | 9781450390118 |
DOI | 10.1145/3494193.3494203 |
Taal | Engels |