Abstract: Forensic readiness focuses on systematic preparation for an investigation. In the context of software systems (i.e., forensic-ready systems), it revolves around gathering and processing potential digital evidence. While such endeavours significantly impact privacy, the exact nature of the conflict between forensic readiness and privacy has been unaddressed. Thus, a goal modelling approach is utilised to gain understanding and explore the conflict. Specifically, a GDPR goal model for privacy and Rowlingson’s guide model for forensic readiness are created and compared. The conflict patterns are formulated based on the comparisons, outlining a resolution strategy. The patterns are utilised in a forensic-ready design process to establish effective forensic readiness while ensuring compliance with GDPR in a car-sharing system.
Authors: Lukas Daubner, Jakub Harašta & Raimundas Matulevičius