A Management Platform for Citizen’s Data Protection Regulation

  • Alberto Huertas CeldránEmail author
  • Manuel Gil Pérez
  • Izidor Mlakar
  • Jose M. Alcaraz Calero
  • Félix J. García Clemente
  • Gregorio Martínez Pérez
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1122)


The evolution of information and communications technology, and particularly the Internet of Things as the basis for the setting up of the Smart Cities, are provoking a worldwide revolution in terms of data protection management. A clear example of this shift can be seen in the European Union which is adapting the regulation to meet current society requirements, although similar initiatives are being undertaken by the rest of continents. However, existing data regulation and management solutions offer isolated tools that cover particular rights and laws and are actually not conceived to be integrated with libraries widely used by organizations to implement data management processes. To cover the previous gap, we propose a novel platform which is geared toward the protection of citizen’s sensitive data according to their data protection preferences and the rights provided by current data protection regulation laws. Finally, we present a case study to demonstrate how our platform manages data anonymization, protecting a private citizen’s right.


Personalized data protection Management platform Data protection policies EU GDPR 



This work has been partially supported by the Irish Research Council, under the government of Ireland post-doc fellowship (grant code GOIPD/2018/466); and by a post-doctoral INCIBE grant within the “Ayudas para la Excelencia de los Equipos de Investigación Avanzada en Ciberseguridad” Program, with code INCIBEI-2015-27352.


  1. 1.
    Wachter, S.: Normative challenges of identification in the Internet of Things: privacy, profiling, discrimination, and the GDPR. Comput. Law Secur. Rev. 34(3), 436–449 (2018)CrossRefGoogle Scholar
  2. 2.
    Government of India: DataSmart Cities: Empowering Cities through Data. Smart Cities Mission-Ministry of Housing and Urban Affairs, December 2018.
  3. 3.
    Official Journal of the European Union: General Data Protection Regulation (GDPR). EU Regulation 2016/679, April 2016.
  4. 4.
    The European H2020-ICT MUSA Project: Multi-cloud Secure Applications (2015–2017).
  5. 5.
    Eclipse Foundation Inc.: OpenCert, June 2019.
  6. 6.
    Mai, P.X., et al.: Modeling security and privacy requirements: a use case-driven approach. Inf. Softw. Technol. 100, 165–182 (2018)CrossRefGoogle Scholar
  7. 7.
    Lucic, D., Boban, M., Mileta, D.: An impact of general data protection regulation on a smart city concept. In: 41st International Convention on Information and Communication Technology, Electronics and Microelectronics, pp. 390–394, May 2018Google Scholar
  8. 8.
    Determann, L., Gupta, C.: Indian Personal Data Protection Act, 2018: Draft Bill and Its History, Compared to EU GDPR and California Privacy Law. UC Berkeley Public Law Research Paper, pp. 1–27 (2019)Google Scholar
  9. 9.
    Brazilian Federal Senate: General Data Protection Law No. 13,709/2018, August 2018.
  10. 10.
    Greenleaf, G.: China’s Personal Information Standard: The Long March to a Privacy Law (2018).
  11. 11.
    China’s National Information Security Standardization Technical Committee: Personal Information Security Specification (drafted version), February 2019.
  12. 12.
    International Association of Privacy Professionals (IAPP): 2018 Privacy Tech Vendor Report vol 2.4e (2018).
  13. 13.
    Baycloud Systems Ltd.: Baycloud Consent Platform: Consent Makes the Law.
  14. 14.
    European Commission: Proposal for an ePrivacy Regulation, June 2019.
  15. 15.
    Nymity Inc.: Nymity’ GDPR Toolkit for Demonstrable GDPR Compliance.
  16. 16.
    OneTrust, LLC: The Leading Privacy Management Software Platform.
  17. 17.
    Semenko, Y., Saucez, D.: Distributed privacy preserving platform for ridesharing services. In: Wang, G., Feng, J., Bhuiyan, M.Z.A., Lu, R. (eds.) SpaCCS 2019. LNCS, vol. 11611, pp. 1–14. Springer, Cham (2019). Scholar
  18. 18.
    AuraPortal GDPR: A Global Business Process Management (BPM) Software Leader.
  19. 19.
    The OpenGDPR Project: Open-Source Initiative to Protect Consumers’ Privacy and Data Rights (2017).

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Waterford Institute of TechnologyWaterfordIreland
  2. 2.University of MurciaMurciaSpain
  3. 3.University of MariborMariborSlovenia
  4. 4.University of the West of ScotlandPaisleyScotland

Personalised recommendations