Towards a Transparency Information Language and Toolkit for Privacy Engineering

Master’s thesis
Elias Grünewald


Transparency in privacy engineering for information systems is known to be an important societal principle for data protection. In particular, through the anti-pattern of providing lengthy legalese privacy policies in natural language, this goal is in danger. Related work, so far, mainly focused on different kinds of privacy preference languages and transparency enhancing technologies. The shortcomings of this work highlighted the need to introduce a new formal and machine-readable representation of transparency information as required by the general data protection regulation. In this thesis, the necessary expressiveness of a formal language model to meet all legal and technical requirements is identified. In order to foster practical adoption of the proposed transparency information language, an extensive accompanying developer-centric toolkit for storage, interoperability, and analysis tasks is crafted. In addition, data subjects are enabled to receive the relevant transparency information with ease through means of user interface design. Furthermore, it is shown that the language and toolkit combined unlock novel possibilities to enhance privacy in modern web applications. All of the implemented solutions are evaluated with regards to their applicability in practice. Finally, this thesis contributes an open source software repository starting an ecosystem of a new generation of transparency enhancing technologies.