Consent Withdrawal Processes in Information Systems

In May 2018 ‘consent‘ to the processing of Personal Identifiable Information (PII) was enshrined in legislation in Europe through the enactment of the General Data Protection Regulation (GDPR) [15] placing new demands on Information Systems (IS) for the management of consent withdrawal. This research proposes to identify the relationships between the underlying technology, organization and environment variables for Consent Withdrawal Management (CWM) in IS. This will be achieved through several case studies with consent management practitioners, using qualitative methods, process model analyses, and evaluation. The resulting research output will be a reference process model artefact and methodology that can be utilized in approaches to designing, deploying or improving information systems for the consent withdrawal requirements of GDPR.

[1]  Fred Niederman,et al.  The "Theoretical Lens" Concept: We All Know What it Means, but do We All Know the Same Thing? , 2019, Commun. Assoc. Inf. Syst..

[2]  Petros Ieromonachou,et al.  User resistance in IT: A literature review , 2016, Int. J. Inf. Manag..

[3]  Markus Helfert,et al.  Transparent Cloud Privacy: Data Provenance Expression in Blockchain , 2019, CLOSER.

[4]  N. Cross Designerly Ways of Knowing: Design Discipline Versus Design Science , 2001, Design Issues.

[5]  Richard T. Watson,et al.  Analyzing the Past to Prepare for the Future: Writing a Literature Review , 2002, MIS Q..

[6]  Fred D. Davis Perceived Usefulness, Perceived Ease of Use, and User Acceptance of Information Technology , 1989, MIS Q..

[7]  Tuure Tuunanen,et al.  Design Science Research Evaluation , 2012, DESRIST.

[8]  Varun Grover,et al.  Organizational readiness for digital innovation: Development and empirical calibration of a construct , 2019, Inf. Manag..

[9]  Alan R. Hevner,et al.  Design Science Research Contributions: Finding a Balance between Artifact and Theory , 2018, J. Assoc. Inf. Syst..

[10]  Keng Siau,et al.  An Experimental Study on Ubiquitous commerce Adoption: Impact of Personalization and Privacy Concerns , 2008, J. Assoc. Inf. Syst..

[11]  Adam Croom,et al.  MyData - A Nordic Model for human-centered personal data management and processing , 2017 .

[12]  Agustí Verde Parera,et al.  General data protection regulation , 2018 .

[13]  Christine Legner,et al.  Understanding Data Protection Regulations from a Data Management Perspective: A Capability-Based Approach to EU-GDPR , 2019, Wirtschaftsinformatik.

[14]  Gregory Vial,et al.  Understanding digital transformation: A review and a research agenda , 2019, J. Strateg. Inf. Syst..

[15]  Alan R. Hevner,et al.  Design Science in Information Systems Research , 2004, MIS Q..

[16]  Alan R. Hevner,et al.  Accumulation and Evolution of Design Knowledge in Design Science Research: A Journey Through Time and Space , 2020 .

[17]  Qi Deng,et al.  A Review of Design Science Research in Information Systems: Concept, Process, Outcome, and Evaluation , 2018, Pac. Asia J. Assoc. Inf. Syst..

[18]  Leyla Bilge,et al.  Can I Opt Out Yet?: GDPR and the Global Illusion of Cookie Control , 2019, AsiaCCS.

[19]  Robert Bird,et al.  Digital forensics and the GDPR: examining corporate readiness , 2017 .

[20]  Nicholas Walliman,et al.  Social research methods , 2006 .

[21]  Salvatore T. March,et al.  Design and natural science research on information technology , 1995, Decis. Support Syst..

[22]  Yang Xiang,et al.  Privacy Enhancing Technologies in the Internet of Things: Perspectives and Challenges , 2019, IEEE Internet of Things Journal.

[23]  David Gefen,et al.  The role of privacy assurance mechanisms in building trust and the moderating role of privacy concern , 2015, Eur. J. Inf. Syst..

[24]  Michael P. Clough,et al.  Fundamental Issues Regarding the Nature of Technology , 2019, Science & Education.

[25]  Constantinos Patsakis,et al.  Forgetting personal data and revoking consent under the GDPR: Challenges and proposed solutions , 2018, J. Cybersecur..

[27]  Jan vom Brocke,et al.  Evaluations in the Science of the Artificial - Reconsidering the Build-Evaluate Pattern in Design Science Research , 2012, DESRIST.

[28]  John W. Creswell,et al.  Designing and Conducting Mixed Methods Research , 2006 .

[29]  Sarah Spiekermann,et al.  Privacy-by-Design through Systematic Privacy Impact Assessment - a Design Science Approach , 2012, ECIS.

[30]  Qian Fu,et al.  Can a Blockchain-Based Maas Create Business Value? , 2019, Proceedings.

[31]  Jeffrey P. Baker,et al.  The Technology–Organization–Environment Framework , 2012 .

[32]  Wanda J. Orlikowski,et al.  Technology and Institutions: What Can Research on Information Technology and Research on Organizations Learn from Each Other? , 2001, MIS Q..

[33]  S. Jamieson Likert scales: how to (ab)use them , 2004, Medical education.