Skip to Main content Skip to Navigation
Journal articles

Automated consent through privacy agents : legal requirements and technical architecture

Daniel Le Métayer 1, * Shara Monteleone 
* Corresponding author
Abstract : The changes imposed by new information technologies, especially pervasive computing and the Internet, require a deep reflection on the fundamental values underlying privacy and the best way to achieve their protection. The explicit consent of the data subject, which is a cornerstone of most data protection regulations, is a typical example of requirement which is very difficult to put into practice in the new world of "pervasive computing" where many data communications necessarily occur without the users' notice. In this paper, we argue that an architecture based on "Privacy Agents" can make privacy rights protection more effective, provided however that this architecture meets a number of legal requirements to ensure the validity of consent delivered through such Privacy Agents. We first present a legal analysis of consent considering successively (1) its nature; (2) its essential features (qualities and defects) and (3) its formal requirements. Then we draw the lessons of this legal analysis for the design of a valid architecture based on Privacy Agents. To conclude, we suggest an implementation of this architecture proposed in a multidisciplinary project involving lawyers and computer scientists.
Document type :
Journal articles
Complete list of metadata
Contributor : Daniel Le Métayer Connect in order to contact the contributor
Submitted on : Tuesday, February 19, 2013 - 9:25:20 AM
Last modification on : Friday, February 4, 2022 - 3:23:00 AM




Daniel Le Métayer, Shara Monteleone. Automated consent through privacy agents : legal requirements and technical architecture. Computer Law and Security Review, Elsevier, 2009, 25 (2), pp.136-144. ⟨10.1016/j.clsr.2009.02.010⟩. ⟨hal-00789915⟩



Record views