A Knowledge Representation of Cloud Data Controls for EU GDPR Compliance

The rollout of European Union's General Data Protection Regulation (EU GDPR) will have a far-reaching effect on Cloud data privacy and compliance for both the Cloud Service Providers (Data Providers) and the Consumers (Data Consumers). GDPR mandates that organizations collecting and processing information related to EU citizens adhere to its articles irrespective of where they are located or where the data is stored. This regulation is currently available only in the textual format and so requires significant manual effort to ensure its compliance. We have developed a semantically rich Ontology (or knowledge graph) to represent the rules and regulations mandated for both the cloud data consumers and providers by EU GDPR. In the Ontology, we have identified the different roles and their corresponding obligations under the GDPR articles. This knowledge graph, that is available in public domain, is machine processable and will help in automating EU GDPR regulation compliance.