Konferenzpaper

A Case Study on the Implementation of the Right of Access in Privacy Dashboards


AutorenlisteTolsdorf, Jan; Fischer, Michael; Lo Iacono, Luigi

Erschienen inPrivacy Technologies and Policy

HerausgeberlisteGruschka, N.

Jahr der Veröffentlichung2021

Seiten23-46

ISBN978-3-030-76662-7

eISBN978-3-030-76663-4

DOI Linkhttps://doi.org/10.1007/978-3-030-76663-4_2

Konferenz9th Annual Privacy Forum (APF 2021)

SerientitelLecture Notes in Computer Science

Serienzählung12703


Abstract

The right of access under Art. 15 of the General Data Protection Regulation (GDPR) grants data subjects the right to obtain comprehensive information about the processing of personal data from a controller, including a copy of the data. Privacy dashboards have been discussed as possible tools for implementing this right, and are increasingly found in practice. However, investigations of real world implementations are sparse. We therefore qualitatively examined the extent to which privacy dashboards of ten online services complied with the essential requirements of Art. 15 GDPR. For this, we compared the information provided in dashboards with the information provided in privacy statements and data exports. We found that most privacy dashboards provided a decent initial overview, but lacked important information about purposes, recipients, sources, and categories of data that online users consider to be sensitive. In addition, both the privacy dashboards and the data exports lacked copies of personal data that were processed according to the online services’ own privacy statements. We discuss the strengths and weaknesses of current implementations in terms of their ability to fulfill the objective of Art. 15 GDPR, namely to create awareness about data processing. We conclude by providing an outlook on what steps would be necessary for privacy dashboards to facilitate the exercise of the right of access and to provide real added value for online users.




Zitierstile

Harvard-ZitierstilTolsdorf, J., Fischer, M. and Lo Iacono, L. (2021) A Case Study on the Implementation of the Right of Access in Privacy Dashboards, in Gruschka, N. (ed.) Privacy Technologies and Policy. Cham: Springer. pp. 23-46. https://doi.org/10.1007/978-3-030-76663-4_2

APA-ZitierstilTolsdorf, J., Fischer, M., & Lo Iacono, L. (2021). A Case Study on the Implementation of the Right of Access in Privacy Dashboards. In Gruschka, N. (Ed.), Privacy Technologies and Policy. (pp. 23-46). Springer. https://doi.org/10.1007/978-3-030-76663-4_2


Zuletzt aktualisiert 2025-05-08 um 12:20