Showing 1–2 of 2 results for author: Sannier, N

GDPR-Relevant Privacy Concerns in Mobile Apps Research: A Systematic Literature Review

Authors: Orlando Amaral Cejas, Nicolas Sannier, Sallam Abualhaija, Marcello Ceci, Domenico Bianculli

Abstract: The General Data Protection Regulation (GDPR) is the benchmark in the European Union (EU) for privacy and data protection standards. Substantial research has been conducted in the requirements engineering (RE) literature investigating the elicitation, representation, and verification of privacy requirements in GDPR. Software systems including mobile apps must comply with the GDPR. With the growing… ▽ More The General Data Protection Regulation (GDPR) is the benchmark in the European Union (EU) for privacy and data protection standards. Substantial research has been conducted in the requirements engineering (RE) literature investigating the elicitation, representation, and verification of privacy requirements in GDPR. Software systems including mobile apps must comply with the GDPR. With the growing pervasiveness of mobile apps and their increasing demand for personal data, privacy concerns have acquired further interest within the software engineering (SE) community at large. Despite the extensive literature on GDPR-relevant privacy concerns in mobile apps, there is no secondary study that describes, analyzes, and categorizes the current focus. Research gaps and persistent challenges are thus left unnoticed. In this article, we aim to systematically review existing primary studies highlighting various GDPR concepts and how these concepts are addressed in mobile apps research. The objective is to reconcile the existing work on GDPR in the RE literature with the research on GDPR-related privacy concepts in mobile apps in the SE literature. Our findings show that the current research landscape reflects a rather shallow understanding of GDPR requirements. Some GDPR concepts such as data subject rights (i.e., the rights of individuals over their personal data) are fundamental to GDPR, yet under-explored in the literature. In this article, we highlight future directions to be pursued by the SE community for supporting the development of GDPR-compliant mobile apps. △ Less

Submitted 28 November, 2024; originally announced November 2024.

An Automated Framework for the Extraction of Semantic Legal Metadata from Legal Texts

Authors: Amin Sleimi, Nicolas Sannier, Mehrdad Sabetzadeh, Lionel Briand, Marcello Ceci, John Dann

Abstract: Semantic legal metadata provides information that helps with understanding and interpreting legal provisions. Such metadata is therefore important for the systematic analysis of legal requirements. However, manually enhancing a large legal corpus with semantic metadata is prohibitively expensive. Our work is motivated by two observations: (1) the existing requirements engineering (RE) literature d… ▽ More Semantic legal metadata provides information that helps with understanding and interpreting legal provisions. Such metadata is therefore important for the systematic analysis of legal requirements. However, manually enhancing a large legal corpus with semantic metadata is prohibitively expensive. Our work is motivated by two observations: (1) the existing requirements engineering (RE) literature does not provide a harmonized view on the semantic metadata types that are useful for legal requirements analysis; (2) automated support for the extraction of semantic legal metadata is scarce, and it does not exploit the full potential of artificial intelligence technologies, notably natural language processing (NLP) and machine learning (ML). Our objective is to take steps toward overcoming these limitations. To do so, we review and reconcile the semantic legal metadata types proposed in the RE literature. Subsequently, we devise an automated extraction approach for the identified metadata types using NLP and ML. We evaluate our approach through two case studies over the Luxembourgish legislation. Our results indicate a high accuracy in the generation of metadata annotations. In particular, in the two case studies, we were able to obtain precision scores of 97.2% and 82.4% and recall scores of 94.9% and 92.4%. △ Less

Submitted 30 January, 2020; originally announced January 2020.