A Privacy-Aware Conceptual Model for Handling Personal Data

  • Thibaud Antignac
  • Riccardo Scandariato
  • Gerardo Schneider
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9952)


Handling personal data adequately is one of the biggest challenges of our era. Consequently, law and regulations are in the process of being released, like the European General Data Protection Regulation (GDPR), which attempt to deal with these challenging issue early on. The core question motivating this work is how software developers can validate their technical design vis-a-vis the prescriptions of the privacy legislation. In this paper, we outline the technical concepts related to privacy that need to be taken into consideration in a software design. Second, we extend a popular design notation in order to support the privacy concepts illustrated in the previous point. Third, we show how some of the prescriptions of the privacy legislation and standards may be related to a technical design that employs our enriched notation, which would facilitate reasoning about compliance.


Privacy Conceptual model Data flow diagrams 



This research has been supported by the Swedish funding agency SSF under the grant DataBIn: Data Driven Secure Business Intelligence.


  1. 1.
    Abe, A., Simpson, A.: Formal models for privacy. In: EDBT/ICDT Workshops. CEUR Workshop Proceedings, vol. 1558 (2016).
  2. 2.
    Bambauer, J., Muralidhar, K., Sarathy, R.: Fool’s gold: an illustrated critique of differential privacy. Vanderbilt J. Entert. Tech. Law 16(4), 701–755 (2014)Google Scholar
  3. 3.
    Cavoukian, A.: Privacy by design: origins, meaning, and prospects. In: Privacy Protection Measures and Technologies in Business Organisation: Aspects and Standards, p. 170 (2011)Google Scholar
  4. 4.
    Cohen, E.: Information transmission in computational systems. SIGOPS Oper. Syst. Rev. 11(5), 133–139 (1977)CrossRefGoogle Scholar
  5. 5.
    D’Acquisto, G., Domingo-Ferrer, J., Kikiras, P., Torra, V., de Montjoye, Y.A., Bourka, A.: Privacy by design in big data. ENISA report, December 2015Google Scholar
  6. 6.
    Danezis, G., Domingo-Ferrer, J., Hansen, M., Hoepman, J.H., Le Métayer, D., Tirtea, R., Schiffner, S.: Privacy and data protection by design. ENISA report, January 2015Google Scholar
  7. 7.
    Deng, M., Wuyts, K., Scandariato, R., Preneel, B., Joosen, W.: A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requirements Eng. 16(1), 3–32 (2010)CrossRefGoogle Scholar
  8. 8.
    Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Ebadi, H., Sands, D., Schneider, G.: Differential Privacy: Now it’s Getting Personal. In: POPL 2015, pp. 69–81. ACM (2015)Google Scholar
  10. 10.
    European Commission: Proposal for a general data protection regulation. In: Codecision Legislative Procedure for a Regulation 2012/0011 (COD). European Commission, Brussels, Belgium, January 2012Google Scholar
  11. 11.
    Jensen, K., Kristensen, L.M.: Coloured Petri Nets: Modelling and Validation of Concurrent Systems. Springer Science & Business Media, Heidelberg (2009)CrossRefzbMATHGoogle Scholar
  12. 12.
    McSherry, F.D.: Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In: ACM SIGMOD 2009, pp. 19–30. ACM (2009)Google Scholar
  13. 13.
    Pearson, S., Mont, M.C.: Sticky policies: an approach for managing privacy across multiple parties. IEEE Comput. 44(9), 60–68 (2011)CrossRefGoogle Scholar
  14. 14.
    Petri, C.A.: Kommunikation mit automaten. Ph.D. thesis, Institut für instrumentelle Mathematik, Bonn (1962)Google Scholar
  15. 15.
    Shostack, A.: Threat Modeling: Designing for Security. Wiley, Hoboken (2014)Google Scholar
  16. 16.
    Stevens, W.P., Myers, G.J., Constantine, L.L.: Structured design. IBM Syst. J. 13(2), 115–139 (1974)CrossRefGoogle Scholar
  17. 17.
    Tschantz, M.C., Wing, J.M.: Formal methods for privacy. In: Cavalcanti, A., Dams, D.R. (eds.) FM 2009. LNCS, vol. 5850, pp. 1–15. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  18. 18.
    Tsormpatzoudi, P., Berendt, B., Coudert, F.: Privacy by design: from research and policy to practice– the challenge of multi-disciplinarity. In: Berendt, B., et al. (eds.) APF 2015. LNCS, vol. 9484, pp. 199–212. Springer, Heidelberg (2016). doi: 10.1007/978-3-319-31456-3_12 CrossRefGoogle Scholar
  19. 19.
    Warren, S.D., Brandeis, L.D.: The right to privacy. In: Harvard Law Review, pp. 193–220 (1890)Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Thibaud Antignac
    • 1
  • Riccardo Scandariato
    • 1
  • Gerardo Schneider
    • 1
  1. 1.Department of Computer Science and EngineeringChalmers | University of GothenburgGothenburgSweden

Personalised recommendations