Overview
Explore the development and implementation of a protocol designed to enhance data subject request (DSR) flexibility and integration in this 11-minute conference talk from PEPR '24. Dive into the creation of a structured approach for handling DSRs, from initial intake to propagation across data systems containing Personal Information (PI). Learn about the key components necessary for effective and efficient request processing, focusing on Delete and Access obligations. Discover how the speakers adapted the Data Rights Protocol to standardize request and response data flows, enabling Data Subjects to exercise Personal Data Rights. Gain insights into the decision-making process behind payload structures for externally registered webhooks and internal product handshakes. Examine practical lessons learned during implementation, explore areas of flexibility such as "data subject variables," and consider future applications of this protocol. For those interested in data privacy and rights management, this talk offers valuable perspectives on improving DSR handling and integration within broader data management systems.
Syllabus
PEPR '24 - Building a Protocol to Improve DSR Flexibility and Integration
Taught by
USENIX