A method for data minimization in personal information sharing

A fundamental privacy principle, which is enforced in many privacy-enhancing technologies, is data minimization, i.e. the amount of personal data that are revealed to others and extend to which they are processed should be minimized. Privacy-enhancing identity management is important for processing personal data, the purpose of which is to protect personal data. This is especially relevant for communication via Internet where users are leaving much personal data. Privacy issues should be embedded into a system’s core functionality. Minimization of data should be maintained and controlled throughout the systems lifecycle, from the early stages of system analysis and design to implementation. The primary goal of this paper is to present a conceptual modelling method, including the framework, modelling process and the basic modelling constructs, which enables minimization of data. Data cannot be analysed separately without taken into account the processes that cause the changes of data as well as goals. Analysis of relevant data contributes to the problem of data minimization in privacy-enhancing technologies.

[1]  Kai Rannenberg,et al.  Privacy and Identity Management for Life , 2011, Privacy and Identity Management for Life.

[2]  Hans Hedbom,et al.  Benefits of Privacy-Enhancing Identity Management , 2008 .

[3]  Remigijus Gustas Modeling Approach for Integration and Evolution of Information System Conceptualizations , 2011, Int. J. Inf. Syst. Model. Des..

[4]  Leszek A. Maciaszek,et al.  Requirements analysis and system design: developing information systems with UML , 2001 .

[5]  Alistair Cockburn,et al.  Writing Effective Use Cases , 2000 .

[6]  Nicola Guarino,et al.  Towards an Ontological Foundation for Services Science: The Legal Perspective , 2011, Approaches to Legal Ontologies.

[7]  Prima Gustiené Development of a new service-oriented modelling method for information systems analysis and design , 2010 .

[8]  Jan L. G. Dietz,et al.  Enterprise ontology - theory and methodology , 2006 .

[9]  Michael Friedewald,et al.  Privacy: What Are We Actually Talking About? - A Multidisciplinary Approach , 2010, PrimeLife.

[10]  David J. Danelski,et al.  Privacy and Freedom , 1968 .

[11]  Jan L. G. Dietz,et al.  DEMO: Towards a discipline of organisation engineering , 2001, Eur. J. Oper. Res..

[12]  Remigijus Gustas,et al.  A New Method for Conceptual Modelling of Information Systems , 2008, ISD.

[13]  John A. Zachman,et al.  A Framework for Information Systems Architecture , 1987, IBM Syst. J..

[14]  Remigijus Gustas,et al.  Conceptual Modeling Method for Separation of Concerns and Integration of Structure and Behavior , 2012, Int. J. Inf. Syst. Model. Des..

[15]  Eva Söderström,et al.  Information Systems Engineering: From Data Analysis to Process Networks , 2008 .

[16]  Martin Fowler,et al.  Analysis patterns - reusable object models , 1996, Addison-Wesley series in object-oriented software engineering.

[17]  Gustas Remigijus,et al.  Pragmatic-Driven Approach for Service-Oriented Analysis and Design , 2008 .