TY  - CONF
AU  - Stach, Christoph
AU  - Steimle, Frank
A2  - Hung, Chih-Cheng
A2  - Papadopoulus, George A.
A2  - Petrlic, Ronald
A2  - Sorge, Christoph
T1  - Recommender-based Privacy Requirements Elicitation – EPICUREAN: An Approach to Simplify Privacy Settings in IoT Applications with Respect to the GDPR
T2  - Proceedings of the 34ᵗʰ ACM/SIGAPP Symposium On Applied Computing
PB  - ACM
AD  - Limassol
Y1  - 2019/april
SP  - 1500
EP  - 1507
M3  - https://doi.org/10.1145/3297280.3297432
KW  - privacy requirements elicitation; recommender system; knowledge modeling; clustering; association rules; privacy system; IoT; eHealth
N2  - Due to the Internet of Things (IoT), a giant leap towards a quantified self is made, i.e., more and more aspects of our lives are being captured, processed, and analyzed. This has many positive implications, e.g., Smart Health services help to relieve patients as well as physicians and reduce treatment costs. However, the price for such services is the disclosure of a lot of private data. For this reason, Smart Health services were particularly considered by the European General Data Protection Regulation (GDPR): a data subject's explicit consent is required when such a service processes his or her data. However, the elicitation of privacy requirements is a shortcoming in most IoT privacy systems. Either the user is overwhelmed by too many options or s/he is not sufficiently involved in the decision process. For this reason, we introduce EPICUREAN, a recommender-based privacy requirements elicitation approach. EPICUREAN uses modeling and data mining techniques to determine and recommend appropriate privacy settings to the user. The user is thus considerably supported but remains in full control over his or her private data.
ER  -