1. Methods and Tools for GDPR Compliance through
Privacy and Data
Protection 4 Engineering
PDPbD Framework
Improving Privacy and Data
Protection by Design
CEA
2020/03/10
2. Case Study: Smart Grid system
Overall description of the target Smart Grid system
2020/03/10 CEA PDP4E 2
5. Demoing PDPbDesign Framework
PDP4E 5
2. Develop a data-oriented model
3. Built-in privacy techniques for data-oriented models
4. Develop a process-oriented model
5. Built-in privacy techniques for process-oriented models
Continue the development cycle
2020/03/10 CEA
DesignOK
DesignNotOK
1. Select GDPR requirements to be satisfied
6. 1. Select GDPR Requirements to
be satisfied
PDP4E 6
2020/03/10 CEA
7. 1. Select GDPR Requirements to be
satisfied
GDPR-Req1.1:
Processing "Store Measurementinfo" shall be lawful if the data subject "Customer" has
given consent "ConsentForStoreMeasurementInfo" to the processing of his or her
personal data "MeasurementInfo " for one or more specific purposes R-02
GDPR-Req10:
Personal Data "MeasurementInfo" shall be adequate, relevant and limited to what is
necessary in relation to the purpose "R-02" for which they are processed
PDP4E 7
2020/03/10 CEA
8. 2. Develop a data-oriented
model
PDP4E 8
2020/03/10 CEA
9. 2. Develop a data-oriented model
Data-oriented model features:
Different data types:
Generic Data
Composite Data: for generic Data
Decomposition
Table: a tag for imported Tables
Data Link: reference external sources
Opaque Data: data non-interpretable, e.g.,
cyphered text
Tool support for modelling:
Automatic decomposition go to Tool
PDP4E 9
2020/03/10 CEA
10. 2. Develop a data-oriented model
Framework support for modelling:
Import Data Base (Tables)
Model elements search, selection, edition
go to Tool
PDP4E 10
2020/03/10 CEA
11. 2. Develop a data-oriented model
Framework support for modelling:
Import Data Base (Tables)
Model elements search, selection, edition
go to Tool
PDP4E 11
2020/03/10 CEA
12. 3. Built-in privacy techniques for
data-oriented models
PDP4E 12
2020/03/10 CEA
13. 3. Built-in privacy techniques for data-
oriented models
Data-oriented strategies (27550 – Privacy Engineering)
PDP4E 13
2020/03/10 CEA
14. 3. Built-in privacy techniques for data-
oriented models
K-anonymity:
Quasi-identifiers
PDP4E 14
2020/03/10 CEA
15. 3. Built-in privacy techniques for data-
oriented models
K-anonymity:
Example
PDP4E 15
2020/03/10 CEA
16. 3. Built-in privacy techniques for data-
oriented models
Built-in strategy for K-anonymity:
Support to verify the property go to Tool
PDP4E 16
2020/03/10 CEA
17. 3. Built-in privacy techniques for data-
oriented models
Built-in strategy for K-anonymity:
Support to verify the property go to Tool
PDP4E 17
2020/03/10 CEA
18. 3. Built-in privacy techniques for data-
oriented models
Built-in strategy for K-anonymity:
GDPR-Req10:
Personal Data "MeasurementInfo" shall be adequate, relevant and limited to what is
necessary in relation to the purpose "R-02" for which they are processed
Links can be settled to show Requirement coverage.
PDP4E 18
2020/03/10 CEA
19. 4. Develop a process-oriented
model
PDP4E 19
2020/03/10 CEA
20. 4. Develop a process-oriented model
Implementation of a Data Flow Diagram (DFD)
Process
External Entities
Data Store
Data Flow Edges
Input / Output Pins
PDP4E 20
2020/03/10 CEA
21. 4. Develop a process-oriented model
The DFD implementation is a Domain Specific Modelling Language (DSML)
Based upon Papyrus UML Activities
A profile is developed:
Extension of UML Activity
Specialization to introduce Domain Knowledge
Basis for Model-driven design
Support provided for modelling:
Transformation Requirement-to-DFD
Reuse of data-oriented model elements
Automatic application of profile types go to Tool
PDP4E 21
2020/03/10 CEA
22. 4. Develop a process-oriented model
Support for Process refinement
Detailed model: the tasks of a process
A Behaviour associated to each Process
Consistency between refinements Go to Tool
PDP4E 22
2020/03/10 CEA
23. 5. Built-in privacy techniques for
process-oriented models
PDP4E 23
2020/03/10 CEA
24. 5. Built-in privacy techniques for
process-oriented models
Process-oriented strategies (27550 – Privacy Engineering)
PDP4E 24
2020/03/10 CEA
25. 5. Built-in privacy techniques for
process-oriented models
Conditions for Consent (GDPR):
Where processing is based on consent, the controller shall be able to demonstrate that the data
subject has consented to processing of his or her personal data.
If the data subject’s consent is given in the context of a written declaration which also concerns other
matters, the request for consent shall be presented in a manner which is clearly distinguishable from
the other matters, in an intelligible and easily accessible form, using clear and plain language. Any part
of such a declaration which constitutes an infringement of this Regulation shall not be binding.
The data subject shall have the right to withdraw his or her consent at any time. The withdrawal of
consent shall not affect the lawfulness of processing based on consent before its withdrawal. 3Prior to
giving consent, the data subject shall be informed thereof. It shall be as easy to withdraw as to give
consent.
When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia,
the performance of a contract, including the provision of a service, is conditional on consent to the
processing of personal data that is not necessary for the performance of that contract.
PDP4E 25
2020/03/10 CEA
26. 5. Built-in privacy techniques for
process-oriented models
DSML integrating GDPR fundamental notions and relations
The PDPbD Framework is enriched with
PDP4E 26
2020/03/10 CEA
27. 5. Built-in privacy techniques for
process-oriented models
Built-in technique: Consent Pattern Instantiation
The pattern introduces GDPR consent notions
The pattern is applied on a target DFD model
The user is guided through the instantiation
The model is accordingly completed
go to Tool
PDP4E 27
2020/03/10 CEA
28. 5. Built-in privacy techniques for
process-oriented models
Built-in technique: Consent Pattern Instantiation
The instantiated pattern provides a view of stakeholders:
Decisive role in GDPR compliance
Automatic model completion
Model elements editable
go to Tool
PDP4E 28
2020/03/10 CEA
29. 5. Built-in privacy techniques for
process-oriented models
Built-in technique: Consent Pattern Instantiation
GDPR-Req1.1:
Processing "Store Measurementinfo" shall be lawful if the data subject "Customer" has
given consent "ConsentForStoreMeasurementInfo" to the processing of his or her personal
data "MeasurementInfo " for one or more specific purposes R-02
Links can be settled to show Requirement coverage.
PDP4E 29
2020/03/10 CEA
30. Methods and Tools for GDPR Compliance through
Privacy and Data
Protection 4 Engineering
For more information, visit:
www.pdp4e-project.org
Thank you for your attention
Questions?
Contributions:
gabriel.pedroza@cea.fr
Patrick.Tessier@cea.fr