This post is a summary of “A Systematic Mapping Study on Software Quality Control Techniques for Assessing Privacy in Information Systems”, which is available here. The major result of this systematic mapping study is the identification and classification of existing SQC techniques that detect privacy-related anomalies during the development process of software-based information systems (IS). […]

Read More →

This post is a summary of the study on “Data flow analysis tools for GDPR accountability compliance”, conducted together with the Spanish Data Protection Agency and available at https://www.aepd.es/sites/default/files/2019-09/estudio-flujos-informacion-android.pdf. This will be the first of a series of posts about looking at the behaviour of Android applications (“apps”) and analysing privacy and data protection aspects. […]

Read More →

This note is a summary of the paper “A framework and roadmap for enhancing the application of privacy design patterns” [1]. Privacy patterns have gained a lot of attention to the realization of the Privacy by Design paradigm and the development of privacy-friendly information systems [2][3]. Despite of being not mature enough, they and proposals […]

Read More →

In previous posts, we talked about general aspects of what is privacy and who cares that. Two important terms in that field are “privacy” and “data protection.” While the first one is very common in the literature, the other is used in the European Union (EU) laws and regulations. Also, some ICT professionals often use “data protection” and “information […]

Read More →