Conference paper

A Case Study on the Implementation of the Right of Access in Privacy Dashboards


Authors listTolsdorf, Jan; Fischer, Michael; Lo Iacono, Luigi

Appeared inPrivacy Technologies and Policy

Editor listGruschka, N.

Publication year2021

Pages23-46

ISBN978-3-030-76662-7

eISBN978-3-030-76663-4

DOI Linkhttps://doi.org/10.1007/978-3-030-76663-4_2

Conference9th Annual Privacy Forum (APF 2021)

Title of seriesLecture Notes in Computer Science

Number in series12703


Abstract

The right of access under Art. 15 of the General Data Protection Regulation (GDPR) grants data subjects the right to obtain comprehensive information about the processing of personal data from a controller, including a copy of the data. Privacy dashboards have been discussed as possible tools for implementing this right, and are increasingly found in practice. However, investigations of real world implementations are sparse. We therefore qualitatively examined the extent to which privacy dashboards of ten online services complied with the essential requirements of Art. 15 GDPR. For this, we compared the information provided in dashboards with the information provided in privacy statements and data exports. We found that most privacy dashboards provided a decent initial overview, but lacked important information about purposes, recipients, sources, and categories of data that online users consider to be sensitive. In addition, both the privacy dashboards and the data exports lacked copies of personal data that were processed according to the online services’ own privacy statements. We discuss the strengths and weaknesses of current implementations in terms of their ability to fulfill the objective of Art. 15 GDPR, namely to create awareness about data processing. We conclude by providing an outlook on what steps would be necessary for privacy dashboards to facilitate the exercise of the right of access and to provide real added value for online users.




Citation Styles

Harvard Citation styleTolsdorf, J., Fischer, M. and Lo Iacono, L. (2021) A Case Study on the Implementation of the Right of Access in Privacy Dashboards, in Gruschka, N. (ed.) Privacy Technologies and Policy. Cham: Springer. pp. 23-46. https://doi.org/10.1007/978-3-030-76663-4_2

APA Citation styleTolsdorf, J., Fischer, M., & Lo Iacono, L. (2021). A Case Study on the Implementation of the Right of Access in Privacy Dashboards. In Gruschka, N. (Ed.), Privacy Technologies and Policy. (pp. 23-46). Springer. https://doi.org/10.1007/978-3-030-76663-4_2


Last updated on 2025-05-08 at 12:20