Managing Consent in Workflows under GDPR

Slide 1

Slide 1 text

Managing Consent in Workﬂows under GDPR ‣Slides at https://irem.dev Saliha Irem BESIK [email protected] Supervisor: Prof. Johann-Christoph Freytag, Ph.D. @irembesik

Slide 2

Slide 2 text

G E N E R A L D ATA P R O T E C T I O N R E G U L AT I O N S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 2 ✦ data protection regulation for all individuals within European Union ✦ since 25 May 2018 ‣ Organizations processing personal data must comply with GDPR! ‣ Protection: Protect personal data Goals ‣ Control: Give data subjects control over personal data personal data: any information relating to an identifiable natural person (‘data subject’)

Slide 3

Slide 3 text

‣ Processing of personal data must have lawful basis Consent GDPR Article 6 - Lawfulness of processing Vital Interest Contract Public Interest Legitimate Interest Legal obligation S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 3

Slide 4

Slide 4 text

‣ Processing of personal data must have lawful basis Consent GDPR Article 6 - Lawfulness of processing Processing shall be lawful […] if data subject has given consent to the processing of his personal data for one or more specific purposes Contract purpose: the reason for which personal data is processed (e.g. marketing, treatment etc.) Legal obligation Vital Interest Public Interest Legitimate Interest S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 3

Slide 5

Slide 5 text

C O N S E N T & R E V O C AT I O N U N D E R G D P R ”any freely given, speciﬁc, informed and unambiguous […] clear affirmative action” by a data subject agrees to the processing of his / her personal data GDPR Article 4 §11 - Definitions S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 4 Valid Consent

Slide 6

Slide 6 text

C O N S E N T & R E V O C AT I O N U N D E R G D P R ”any freely given, speciﬁc, informed and unambiguous […] clear affirmative action” by a data subject agrees to the processing of his / her personal data GDPR Article 4 §11 - Definitions GDPR Article 7 § 3 - Conditions for consent The data subject have right to withdraw his / her consent at any time S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 4 Valid Consent Revocation

Slide 7

Slide 7 text

O U T L I N E Motivation: Privacy by Design via Workflows Research Problem Summary § Outlook Approach Foundation S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 5

Slide 8

Slide 8 text

O U T L I N E Research Problem Approach Summary § Outlook Foundation Motivation: Privacy by Design via Workﬂows S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 5

Slide 9

Slide 9 text

GDPR says: Consider privacy at design phase… Good News: Workflows might help! M O T I VAT I O N : P R I VA C Y B Y D E S I G N A Workflow includes a series of tasks to achieve a goal ‣ also how tasks are performed, in what order, and by whom S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 6

Slide 10

Slide 10 text

Workflow (Model) ≈ Business Process Modeling Notation (BPMN) Model P R I VA C Y B Y D E S I G N V I A W O R K F L O W S Da a S e Da a Objec Te A a P La e Ta S a E e E d E e E c e Ga e a I c e Ga e a Pa a e Ga e a Se e ce F Me a e F Da a A c a A c a BPMN Core Elements S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 7

Slide 11

Slide 11 text

R E S E A R C H P R O B L E M privacy-aware? handles consent & revocation? S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 8

Slide 12

Slide 12 text

R E S E A R C H P R O B L E M privacy-aware? How to handle revocation? How to handle consent? handles consent & revocation? S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 8

Slide 13

Slide 13 text

R E S E A R C H P R O B L E M privacy-aware? How to handle revocation? How to handle consent? handles consent & revocation? Approach: Design Patterns S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 8

Slide 14

Slide 14 text

O U T L I N E Motivation Research Problem Summary § Outlook Approach Foundation Data-Aware Workﬂow Consent Policy Consent Form S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 9

Slide 15

Slide 15 text

Which sources needed to handle consent ? F O U N D AT I O N S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 10

Slide 16

Slide 16 text

Which sources needed to handle consent ? 1- Data-Aware Workﬂow Which purposes require consent to be lawful 2- Consent Policy Which data attributes are (potentially) used for which purpose in the Workflow F O U N D AT I O N Which information should be given to data subject for a valid consent 3- Consent Form S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 10

Slide 17

Slide 17 text

BPMN Core Elements Da a S e Da a Objec Te A a P La e Ta S a E e E d E e E c e Ga e a I c e Ga e a Pa a e Ga e a Se e ce F Me a e F Da a A c a A c a Workflow S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 11

Slide 18

Slide 18 text

+ Data-Aware Workflow BPMN Core Elements Da a S e Da a Objec Te A a P La e Ta S a E e E d E e E c e Ga e a I c e Ga e a Pa a e Ga e a Se e ce F Me a e F Da a A c a A c a Workflow S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 11

Slide 19

Slide 19 text

+ Data-Aware Workflow BPMN Core Elements Da a S e Da a Objec Te A a P La e Ta S a E e E d E e E c e Ga e a I c e Ga e a Pa a e Ga e a Se e ce F Me a e F Da a A c a A c a Workflow * Different types of Data Handling in BPMN are stated in [1] [1] Besik, Saliha Irem, and Johann-Christoph Freytag. "Ontology-Based Privacy Compliance Checking for Clinical Workflows." Data Annotation S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 11

Slide 20

Slide 20 text

C O N S E N T P O L I C Y • the modality of data processing, obligatory or voluntary (requires consent) S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 12

Slide 21

Slide 21 text

pc = (purpose, requiresConsent) •purpose is the reason for which data is accessed; •requiresConsent ∈ {true, false} C O N S E N T P O L I C Y • the modality of data processing, obligatory or voluntary (requires consent) S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 12

Slide 22

Slide 22 text

pc = (purpose, requiresConsent) •purpose is the reason for which data is accessed; •requiresConsent ∈ {true, false} P1: An explicit consent is required for newborn hearing screening. Example: C O N S E N T P O L I C Y • the modality of data processing, obligatory or voluntary (requires consent) S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 12

Slide 23

Slide 23 text

Slide 24

Slide 24 text

pc = (purpose, requiresConsent) •purpose is the reason for which data is accessed; •requiresConsent ∈ {true, false} (newborn-hearing-screening, true) P1: An explicit consent is required for newborn hearing screening. Example: C O N S E N T P O L I C Y • the modality of data processing, obligatory or voluntary (requires consent) S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 12

Slide 25

Slide 25 text

C O N S E N T F O R M ”any freely given, speciﬁc, informed and unambiguous […] clear affirmative action” S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 13

Slide 26

Slide 26 text

C O N S E N T F O R M ”any freely given, speciﬁc, informed and unambiguous […] clear affirmative action” S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 13

Slide 27

Slide 27 text

C O N S E N T F O R M Valid consent ”any freely given, speciﬁc, informed and unambiguous […] clear affirmative action” S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 13 Data Controller: natural person who determines the purposes and means of the processing Data Controller Purpose

Slide 28

Slide 28 text

C O N S E N T F O R M Valid consent ”any freely given, speciﬁc, informed and unambiguous […] clear affirmative action” S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 13 We, as Hospital X, use your personal data for newborn hearing screening. Example: Data Controller: natural person who determines the purposes and means of the processing Data Controller Purpose

Slide 29

Slide 29 text

C O N S E N T F O R M Valid consent ”any freely given, speciﬁc, informed and unambiguous […] clear affirmative action” S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 13 We, as Hospital X, use your personal data for newborn hearing screening. Example: Data Controller: natural person who determines the purposes and means of the processing Hospital X newborn hearing screening Data Controller Purpose

Slide 30

Slide 30 text

C O N S E N T F O R M Valid consent When multiple purposes, consent should be given for all! ”any freely given, speciﬁc, informed and unambiguous […] clear affirmative action” S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 13 We, as Hospital X, use your personal data for newborn hearing screening. Example: Data Controller: natural person who determines the purposes and means of the processing Hospital X newborn hearing screening Data Controller Purpose Separate / Aggregated Consent Forms

Slide 31

Slide 31 text

O U T L I N E Motivation Research Problem Approach Consent Pattern Summary § Outlook Foundation Examples Revocation Pattern S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 14

Slide 32

Slide 32 text

How to handle consent? Policy: purpose requires consent Consent Pattern S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 15

Slide 33

Slide 33 text

How to handle consent? Policy: purpose requires consent Consent Pattern S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 15

Slide 34

Slide 34 text

How to handle consent? Policy: purpose requires consent Consent Form Data Controller Purpose Data Subject Consent Pattern requested S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 15

Slide 35

Slide 35 text

How to handle consent? Policy: purpose requires consent Consent Form Data Controller Purpose Data Subject Consent Pattern received S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 15

Slide 36

Slide 36 text

How to handle revocation? Revocation Pattern S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 16

Slide 37

Slide 37 text

How to handle revocation? Revocation Pattern S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 16

Slide 38

Slide 38 text

E X A M P L E # 1 - A G G R E G AT E D C O N S E N T Policy: purposeB & purposeC require consent S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 17

Slide 39

Slide 39 text

E X A M P L E # 1 - A G G R E G AT E D C O N S E N T “Potential” Issue: Consent is obtained yet never used Policy: purposeB & purposeC require consent S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 17 when to ask consent?

Slide 40

Slide 40 text

E X A M P L E # 1 - A G G R E G AT E D C O N S E N T Policy: purposeB & purposeC require consent S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 17 when to ask consent? Strategy: ask it just before data operation to minimize this risk

Slide 41

Slide 41 text

E X A M P L E # 1 - A G G R E G AT E D C O N S E N T Policy: purposeB & purposeC require consent S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 17

Slide 42

Slide 42 text

E X A M P L E # 1 - A G G R E G AT E D C O N S E N T Policy: purposeB & purposeC require consent Aggregated Consent Form Consent Form Data Controller Purpose: Data Subject purposeB purposeC S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 17

Slide 43

Slide 43 text

E X A M P L E # 2 - S E PA R AT E C O N S E N T Policy: pA & pB require consent S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 18 Aggregated vs Separate Consent Form?

Slide 44

Slide 44 text

E X A M P L E # 2 - S E PA R AT E C O N S E N T Policy: pA & pB require consent S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 18 Aggregated vs Separate Consent Form? “Potential” Issue: Consent is obtained yet never used

Slide 45

Slide 45 text

E X A M P L E # 2 - S E PA R AT E C O N S E N T Policy: pA & pB require consent S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 18

Slide 46

Slide 46 text

E X A M P L E # 2 - S E PA R AT E C O N S E N T Policy: pA & pB require consent S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 18 Consent Form Purpose pA

Slide 47

Slide 47 text

E X A M P L E # 2 - S E PA R AT E C O N S E N T Policy: pA & pB require consent S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 18 Consent Form Purpose pB

Slide 48

Slide 48 text

E X A M P L E # 3 - R E V O C AT I O N S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 19 Policy: pA & pB require consent

Slide 49

Slide 49 text

E X A M P L E # 3 - R E V O C AT I O N S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 19

Slide 50

Slide 50 text

E X A M P L E # 3 - R E V O C AT I O N Collapsed Sub-Process S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 19 increases readability

Slide 51

Slide 51 text

S U M M A RY ‣ Organizations processing personal data must consider consent & revocation ‣ Privacy-by-design via workflows privacy-aware? S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 20 ‣What are needed to handle consent in workflows? ‣Data-Aware Workﬂow Consent Policy Consent Form

Slide 52

Slide 52 text

O U T L O O K ๏ Analysis of the optimality of the design patterns ๏ Automatic transformation S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 21 ‣ Approach: Design Patterns ‣ Consent Pattern ‣ Revocation Pattern

Slide 53

Slide 53 text

O U T L O O K ๏ Analysis of the optimality of the design patterns ๏ Automatic transformation Thank you!!! S.I. Besik, Managing Consent in Workflows under GDPR, February 20, ’20 / 21 21 ‣ Approach: Design Patterns ‣ Consent Pattern ‣ Revocation Pattern