Legal Issues about Metadata: Data Privacy vs Information Security

For the purposes of our work we use the concept of metadata to implement enterprise digital right management mechanisms in an intelligent document environment. Such metadata allow us to firstly define contextual security rules and secondly to ensure the information traceability. However, its use may have legal implications, especially with regard to metadata that can be stored (see personal data, privacy), how it should be stored (see probative value in case of litigation, digital forensics) or computer processing in which it may be involved. Another topical issue is the storage and the processing of data using a service provider: the cloud. We must ensure, however, that this solution does not lead to a loss of information controllability for the company. This article aims to position our work with respect to these legal issues.

1

In 8th International Workshop on Data Privacy Management (DPM'2013) → In conjunction with the 18th European Symposium on Research in Computer Security (ESORICS'2013)

Egham, UK, September 12th-13th, 2013