GDPR compliance assessment for cross-border personal data transfers in Android apps

Guamán Loachamín, Danny Santiago and Álamo Ramiro, José María del and Caiza Ñacato, Julio César (2021). GDPR compliance assessment for cross-border personal data transfers in Android apps. "IEEE Access", v. 9 ; pp. 15961-15982. ISSN 2169-3536. https://doi.org/10.1109/ACCESS.2021.3053130.

Description

Title: GDPR compliance assessment for cross-border personal data transfers in Android apps
Author/s:
  • Guamán Loachamín, Danny Santiago
  • Álamo Ramiro, José María del
  • Caiza Ñacato, Julio César
Item Type: Article
Título de Revista/Publicación: IEEE Access
Date: 20 January 2021
ISSN: 2169-3536
Volume: 9
Subjects:
Freetext Keywords: Assurance; Android; application; assessment; compliance; data protection; dynamic analysis; evaluation; GDPR; mobile; privacy; software quality; testing
Faculty: E.T.S.I. Telecomunicación (UPM)
Department: Ingeniería de Sistemas Telemáticos
Creative Commons Licenses: Recognition - No derivative works - Non commercial

Full text

[img]
Preview
PDF - Requires a PDF viewer, such as GSview, Xpdf or Adobe Acrobat Reader
Download (4MB) | Preview

Abstract

The pervasiveness of Android mobile applications and the services they support allow the personal data of individuals to be collected and shared worldwide. However, data protection legislations usually require all participants in a personal data flow to ensure an equivalent level of personal data protection, regardless of location. In particular, the European General Data Protection Regulation constrains cross-border transfers of personal data to non-EU countries and establishes specific requirements to carry them out. This article presents a method to systematically assess compliance of Android mobile apps with the requirements for cross-border transfers established by the European data protection regulation. We have validated the method with one hundred Android apps, finding an outstanding 66% of ambiguous, inconsistent and omitted cross-border transfer disclosures.

Funding Projects

TypeCodeAcronymLeaderTitle
Madrid Regional GovernmentAPOYO-JOVENES-QINIM8-72-PKGQ0JCLIIP ProjectUnspecifiedUnspecified
Universidad Politécnica de MadridUnspecifiedV-PRICIT Research ProgrammeUnspecifiedApoyo a la Realización de PROYECTOS de I+D Para Jóvenes Investigadores UPM-CAM

More information

Item ID: 66367
DC Identifier: https://oa.upm.es/66367/
OAI Identifier: oai:oa.upm.es:66367
DOI: 10.1109/ACCESS.2021.3053130
Official URL: https://ieeexplore.ieee.org/abstract/document/9328756
Deposited by: Memoria Investigacion
Deposited on: 13 Mar 2021 09:55
Last Modified: 13 Mar 2021 09:55
  • Logo InvestigaM (UPM)
  • Logo GEOUP4
  • Logo Open Access
  • Open Access
  • Logo Sherpa/Romeo
    Check whether the anglo-saxon journal in which you have published an article allows you to also publish it under open access.
  • Logo Dulcinea
    Check whether the spanish journal in which you have published an article allows you to also publish it under open access.
  • Logo de Recolecta
  • Logo del Observatorio I+D+i UPM
  • Logo de OpenCourseWare UPM