Towards Aligning Gdpr Compliance With Software Development: A Research Agenda

The General Data Protection Regulation (GDPR) caused several new legal requirements software systems in Europe have to comply to. Support for these requirements given by proprietary software systems is limited. Here, an integrative approach of combining software development with GDPR-specific demands is necessary. In this paper, we outline such an approach on the level of software source code. We illustrate how to annotate data in complex software systems and how to use such annotations for task like data visualization, data exchange standardization, and GDPR-specific consent and purpose management systems. Thereby, we outline a research agenda for subsequent efforts in aligning software development and GDPR requirements.