Transforming Data Flow Diagrams for Privacy Compliance (Long Version)

TL;DR

This paper presents an algorithm and tool to automatically transform standard Data Flow Diagrams into Privacy-Aware Data Flow Diagrams, aiding software engineers in ensuring GDPR compliance during system design.

Contribution

It introduces an explicit transformation algorithm and proof-of-concept tool for converting DFDs into PA-DFDs, enhancing privacy checks integration in software design.

Findings

Successfully applied to real-world applications in construction and online retail sectors.

Automates privacy check insertion, reducing errors and effort in privacy-aware system design.

Addresses ambiguities in previous transformation approaches.

Abstract

Recent regulations, such as the European General Data Protection Regulation (GDPR), put stringent constraints on the handling of personal data. Privacy, like security, is a non-functional property, yet most software design tools are focused on functional aspects, using for instance Data Flow Diagrams (DFDs). In previous work, a conceptual model was introduced where DFDs could be extended into so-called Privacy-Aware Data Flow Diagrams (PA-DFDs) with the aim of adding specific privacy checks to existing DFDs. In this paper, we provide an explicit algorithm and a proof-of-concept implementation to transform DFDs into PA-DFDs. Our tool assists software engineers in the critical but error-prone task of systematically inserting privacy checks during design (they are automatically added by our tool) while still allowing them to inspect and edit the. PA-DFD if necessary. We have also identified and addressed ambiguities and inaccuracies in the high-level transformation proposed in previous work. We apply our approach to two realistic applications from the construction and online retail sectors.