DeepAI AI Chat
Log In Sign Up

TIRA: An OpenAPI Extension and Toolbox for GDPR Transparency in RESTful Architectures

by   Elias Grünewald, et al.

Transparency - the provision of information about what personal data is collected for which purposes, how long it is stored, or to which parties it is transferred - is one of the core privacy principles underlying regulations such as the GDPR. Technical approaches for implementing transparency in practice are, however, only rarely considered. In this paper, we present a novel approach for doing so in current, RESTful application architectures and in line with prevailing agile and DevOps-driven practices. For this purpose, we introduce 1) a transparency-focused extension of OpenAPI specifications that allows individual service descriptions to be enriched with transparency-related annotations in a bottom-up fashion and 2) a set of higher-order tools for aggregating respective information across multiple, interdependent services and for coherently integrating our approach into automated CI/CD-pipelines. Together, these building blocks pave the way for providing transparency information that is more specific and at the same time better reflects the actual implementation givens within complex service architectures than current, overly broad privacy statements.


page 1

page 2

page 3

page 4


Enabling Versatile Privacy Interfaces Using Machine-Readable Transparency Information

Transparency regarding the processing of personal data in online service...

Utilizing Shannon's Entropy to Create Privacy Aware Architectures

Privacy is an individual choice to determine which personal details can ...

TILT: A GDPR-Aligned Transparency Information Language and Toolkit for Practical Privacy Engineering

In this paper, we present TILT, a transparency information language and ...

Streamlining personal data access requests: From obstructive procedures to automated web workflows

Transparency and data portability are two core principles of modern priv...

Syft 0.5: A Platform for Universally Deployable Structured Transparency

Adam James Hall, Madhava Jay, Tudor Cebere, Bogdan Cebere, Koen Lennart ...

Wavelet Transparency

Order-independent transparency schemes rely on low-order approximations ...

Code Repositories


TIRA: An OpenAPI Extension and Toolbox for GDPR Transparency in RESTful Architectures

view repo