{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,4]],"date-time":"2026-02-04T08:48:56Z","timestamp":1770194936663,"version":"3.49.0"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030420475","type":"print"},{"value":"9783030420482","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-42048-2_14","type":"book-chapter","created":{"date-parts":[[2020,2,21]],"date-time":"2020-02-21T05:18:51Z","timestamp":1582262331000},"page":"204-223","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Privacy, Security, Legal and Technology Acceptance Requirements for a GDPR Compliance Platform"],"prefix":"10.1007","author":[{"given":"Aggeliki","family":"Tsohou","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Manos","family":"Magkos","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haralambos","family":"Mouratidis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"George","family":"Chrysoloras","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Luca","family":"Piras","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michalis","family":"Pavlidis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Julien","family":"Debussche","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marco","family":"Rotoloni","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Beatriz Gallego-Nicasio","family":"Crespo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,2,22]]},"reference":[{"key":"14_CR1","unstructured":"Blank, S.G.: Four Steps to the Epiphany: Successful Strategies for Products that Win, Palo (2007)"},{"key":"14_CR2","first-page":"2008","volume-title":"Social Research Methods","author":"A Bryman","year":"2008","unstructured":"Bryman, A.: Social Research Methods, 3rd edn, p. 2008. Oxford University Press, Oxford (2008)","edition":"3"},{"key":"14_CR3","unstructured":"Cavoukian, A.: Privacy by Design. The 7 Foundational Principles, Implementation and Mapping of Fair Information Practices (2011). https:\/\/iab.org\/wp-content\/IAB-uploads\/2011\/03\/fred_carter.pdf"},{"key":"14_CR4","doi-asserted-by":"crossref","unstructured":"Davis, A., Dieste, O., Hickey, A., Juristo, N., Moreno, A.M.: Effectiveness of requirements elicitation techniques: empirical results derived from a systematic review. In: 14th IEEE International Requirements Engineering Conference (RE 2006), pp. 179\u2013188. IEEE (2006)","DOI":"10.1109\/RE.2006.17"},{"issue":"1","key":"14_CR5","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/s00766-010-0115-7","volume":"16","author":"M Deng","year":"2011","unstructured":"Deng, M., Wuyts, K., Scandariato, R., Preneel, B., Joosen, W.: A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy re-quirements. Re-quirements Eng. 16(1), 3\u201332 (2011)","journal-title":"Re-quirements Eng."},{"key":"14_CR6","unstructured":"European Data Protection Board: First overview on the implementation of the GDPR and the roles and means of the national supervisory authorities (2019). https:\/\/edpb.europa.eu\/sites\/edpb\/files\/files\/file1\/19_2019_edpb_written_report_to_libe_en.pdf"},{"key":"14_CR7","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1007\/978-3-319-25579-8_18","volume-title":"Software Technologies","author":"S Fa\u00dfbender","year":"2015","unstructured":"Fa\u00dfbender, S., Heisel, M., Meis, R.: Problem-Based Security Requirements Elicitation and Refinement with PresSuRE. In: Holzinger, A., Cardoso, J., Cordeiro, J., Libourel, T., Maciaszek, L.A., van Sinderen, M. (eds.) ICSOFT 2014. CCIS, vol. 555, pp. 311\u2013330. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-25579-8_18"},{"key":"14_CR8","unstructured":"Gartner: Forecast Analysis: Information Security, Worldwide, 1Q17 Update, August 2017 (2017). https:\/\/www.gartner.com\/en\/documents\/3889055"},{"key":"14_CR10","unstructured":"IAPP: 2018 Privacy Tech Vendor Report v.2.4e (2018). https:\/\/iapp.org\/resources\/article\/2018-privacy-tech-vendor-report\/"},{"key":"14_CR11","unstructured":"ISACA: GDPR The End of the Beginning (2019). http:\/\/www.isaca.org\/Knowledge-Center\/Documents\/2018-GDPR-Readiness-Survey-Report.pdf"},{"key":"14_CR12","doi-asserted-by":"crossref","unstructured":"Juristo, N., Moreno, A.M., Dieste, O., Davis, A., Hickey, A.: Effectiveness of requirements elicitation techniques: empirical results derived from a systematic review. In: 14th IEEE International Requirements Engineering Conference (RE 2006) (RE), Minneapolis\/St. Paul, Minnesota, USA, 2006, pp. 179\u2013188 (2006)","DOI":"10.1109\/RE.2006.17"},{"issue":"7","key":"14_CR13","doi-asserted-by":"publisher","first-page":"4341","DOI":"10.1016\/j.asoc.2010.10.012","volume":"11","author":"C Kalloniatis","year":"2011","unstructured":"Kalloniatis, C., Belsis, P., Gritzalis, S.: A soft computing approach for privacy requirements engineering: the PriS framework. Appl. Soft Comput. 11(7), 4341\u20134348 (2011)","journal-title":"Appl. Soft Comput."},{"key":"14_CR14","unstructured":"Kurtz, C., Semmann, M.: Privacy by Design to Comply with GDPR: A Review on Third-Party Data Processors (2018)"},{"issue":"4","key":"14_CR15","doi-asserted-by":"publisher","first-page":"587","DOI":"10.1006\/ijhc.2001.0503","volume":"55","author":"M Maguire","year":"2001","unstructured":"Maguire, M.: Methods to support human-centred design. Int. J. Hum.-Comput. Stud. 55(4), 587\u2013634 (2001)","journal-title":"Int. J. Hum.-Comput. Stud."},{"key":"14_CR16","doi-asserted-by":"crossref","unstructured":"Martin, Y.S., Kung, A.: Methods and tools for GDPR Compliance Through Privacy and Data Protection Engineering. In: 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 108\u2013111. IEEE (2018)","DOI":"10.1109\/EuroSPW.2018.00021"},{"key":"14_CR17","first-page":"543","volume":"4","author":"AM McDonald","year":"2008","unstructured":"McDonald, A.M., Cranor, L.F.: The cost of reading privacy policies. ISJLP 4, 543 (2008)","journal-title":"ISJLP"},{"issue":"02","key":"14_CR18","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1142\/S0218194007003240","volume":"17","author":"H Mouratidis","year":"2007","unstructured":"Mouratidis, H., Giorgini, P.: Secure tropos: a security-oriented extension of the tropos methodology. Int. J. Softw. Eng. Knowl. Eng. 17(02), 285\u2013309 (2007)","journal-title":"Int. J. Softw. Eng. Knowl. Eng."},{"issue":"1","key":"14_CR19","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1016\/j.infoandorg.2006.11.001","volume":"17","author":"MD Myers","year":"2007","unstructured":"Myers, M.D., Newman, M.: The qualitative interview in IS research: examining the craft. Inf. Organ. 17(1), 2\u201326 (2007)","journal-title":"Inf. Organ."},{"key":"14_CR20","doi-asserted-by":"crossref","unstructured":"Notario, N., et al.: PRIPARE: integrating privacy best practices into a privacy engineering methodology. In: 2015 IEEE Security and Privacy Workshop, pp. 151\u2013158. IEEE, May 2015","DOI":"10.1109\/SPW.2015.22"},{"key":"14_CR21","unstructured":"Piras, L.: Agon: a gamification-based framework for acceptance requirements. Ph.D. dissertation, University of Trento, 2018 (2018)"},{"key":"14_CR22","doi-asserted-by":"crossref","unstructured":"Piras, L., Dellagiacoma, D., Perini, A., Susi, A., Giorgini, P., Mylopoulos, J.: Design thinking and acceptance requirements for designing gamified software. In: 13th IEEE International Conference on Research Challenges in Information Science (RCIS), IEEE, Bruxelles (BE), 2019 (2019)","DOI":"10.1109\/RCIS.2019.8876973"},{"key":"14_CR24","doi-asserted-by":"crossref","unstructured":"Piras, L., Giorgini, P., Mylopoulos, J.: Acceptance requirements and their gamification solutions. In: 24th IEEE International Requirements Engineering Conference (RE), 2016. IEEE, Beijing (2016)","DOI":"10.1109\/RE.2016.43"},{"key":"14_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/978-3-319-69904-2_18","volume-title":"Conceptual Modeling","author":"L Piras","year":"2017","unstructured":"Piras, L., Paja, E., Giorgini, P., Mylopoulos, J.: Goal models for acceptance requirements analysis and gamification design. In: Mayr, H.C., Guizzardi, G., Ma, H., Pastor, O. (eds.) ER 2017. LNCS, vol. 10650, pp. 223\u2013230. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-69904-2_18"},{"key":"14_CR26","doi-asserted-by":"crossref","unstructured":"Politou, E., Alepis, E., Patsakis, C.: Forgetting personal data and revoking consent under the GDPR: challenges and proposed solutions. J. Cybersecurity 4(1), tyy001 (2018)","DOI":"10.1093\/cybsec\/tyy001"},{"key":"14_CR27","doi-asserted-by":"crossref","unstructured":"Priyadharshini, G., Shyamala, K.: Strategy and solution to comply with GDPR: guideline to comply major articles and save penalty from non-compliance. In: 2018 2nd International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), pp. 190\u2013195. IEEE (2018)","DOI":"10.1109\/I-SMAC.2018.8653696"},{"key":"14_CR28","unstructured":"Pulse Survey: GDPR budgets top $10 million for 40% of surveyed companies, October 2017 (2017). https:\/\/www.pwc.com\/us\/en\/services\/consulting\/library\/general-data-protection-regulation-gdpr-budgets.html"},{"key":"14_CR29","unstructured":"Reuters, T.: Study finds organizations are not ready for GDPR compliance issues (2019). https:\/\/legal.thomsonreuters.com\/en\/insights\/articles\/study-finds-organizations-not-ready-gdpr-compliance-issues. Accessed 5 Apr 2019"},{"key":"14_CR30","unstructured":"TrustArc: GDPR Compliance Status. A Comparison of US, UK and EU Companies, July 2018 (2018)"},{"issue":"4","key":"14_CR31","doi-asserted-by":"publisher","first-page":"434","DOI":"10.1016\/j.clsr.2017.03.027","volume":"33","author":"A Tsohou","year":"2017","unstructured":"Tsohou, A., Kosta, E.: Enabling valid informed consent for location tracking through privacy awareness of users: a process theory. Comput. Law Secur. Rev. 33(4), 434\u2013457 (2017)","journal-title":"Comput. Law Secur. Rev."},{"key":"14_CR32","unstructured":"WP29 Guidelines on Data Protection Impact Assessment. Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is \u201clikely to result in a high risk\u201d for the purposes of Regulation 2016\/679 (2017). https:\/\/ec.europa.eu\/newsroom\/article29\/item-detail.cfm?item_id=611236"}],"container-title":["Lecture Notes in Computer Science","Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-42048-2_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,20]],"date-time":"2025-02-20T23:04:23Z","timestamp":1740092663000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-42048-2_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030420475","9783030420482"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-42048-2_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"22 February 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SECPRE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Security and Privacy Requirements Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Luxembourg City","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Luxembourg","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 September 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 September 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"secpre2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/samosweb.aegean.gr\/secpre2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"14","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"57% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}