A Requirements-based Comparison of Privacy Taxonomies

Author

Massey, Aaron K. ; Anton, Annie I.

Author_Institution

Dept. of Comput. Sci., North Carolina State Univ., Raleigh, NC

fYear

2008

fDate

9-9 Sept. 2008

Firstpage

1

Lastpage

5

Abstract

Understanding the nature of privacy regulation is a challenge that requirements engineers face when building software systems in financial, healthcare, government, or other sensitive industries. Requirements engineers have begun to model privacy requirements based on taxonomic classifications of privacy. Independently, legal research has modeled privacy harms in a taxonomic fashion. In this paper, we compare a requirements engineering taxonomy of privacy protections and vulnerabilities to a legal taxonomy of privacy harms. We seek to determine the extent to which the concepts and terminology are consistent between the two taxonomies. A consistent, standard vocabulary for privacy concepts for both requirements engineers and lawyers will improve the common understanding of privacy concepts, legal traceability and compliance auditing. We conclude that the taxonomies we analyzed are reasonably compatible. We believe this compatibility indicates that a taxonomic understanding of privacy is a promising area of research for requirements engineers.

Keywords

data privacy; security of data; systems analysis; compliance auditing; legal traceability; model privacy requirements; privacy regulation; privacy taxonomies; requirements engineers; requirements-based comparison; software systems; taxonomic classifications; Computer industry; Government; Law; Legal factors; Medical services; Privacy; Protection; Software systems; Taxonomy; Terminology;

fLanguage

English

Publisher

ieee

Conference_Titel

Requirements Engineering and Law, 2008. RELAW '08.

Conference_Location

Barcelona, Catalunya

Print_ISBN

978-1-4244-4085-6

Electronic_ISBN

978-0-7695-3630-9

Type

conf

DOI

10.1109/RELAW.2008.1

Filename

4797465