Revoking Personal Data in the Digital World
Kounga, Gina; Bramhall, Pete
Keyword(s): Privacy, Security and Privacy Protection
Abstract: Requiring data subjects to authorise organisations, from which they request some services, to use their personal data in order for these services be provided has become common practice. This, partly because in order to provide a service to the right individual, an organization needs to know who that individual is. But also, because personal data are an asset that organisations have an interest in keeping. In this context, individuals are in situations where they are constrained to give away their personal data without being capable of stopping these data to be used for operations that are not necessary profitable to them. In this paper, we discuss the revocation of the consent to use or access personal data. We study the technical challenges that need to be overcome in order to allow data subjects to revoke their consent as well as the requirements that should be fulfilled to provide such a revocation.
External Posting Date: November 21, 2009 [Fulltext]. Approved for External Publication
Internal Posting Date: November 21, 2009 [Fulltext]