ISSN : 1796-203X
Volume : 4    Issue : 6    Date : June 2009

Towards Compliance and Accountability: a Framework for Privacy Online
Huanchun Peng, Jun Gu, and Xiaojun Ye
Page(s): 494-501
Full Text:
PDF (900 KB)

Over the last twenty years, there has been a tremendous growth in the amount of data collected
about individuals. Most existing privacy enhancing technologies could not prevent privacy breach
effectively, since the real threat is not the control of private data access but the control of usage.
While "access control" is well understood, how to achieve "usage control" is still unclear. In the
online environment, information is easily copied or delivered. UCONABC, as the next generation of
access control, is inadequate to cover the entire privacy information life cycle. As an alternative,
accountability may become a candidate means to judge the correctness of individual data’s usage.
In this paper, we give a framework with the goal of privacy promise compliance and accountability,
which may help to such kind of situation before sound privacy answers may be realized. Besides,
we discuss some relevant technical and non-technical components which are needed in the privacy
scenario. In the end, we state several research challenges towards the implementation of our

Index Terms
privacy, privacy policy, usage control, compliance, accountability