Automating Data Privacy Compliance through Filtering Algorithms


  • Demelyn E. Monzon, Leandro Avena


Collaborative Filtering, Content Filtering, Data Privacy Impact Assessment, Business Process Outsourcing, Data Privacy Officers


Implementing controls to address identified privacy risks in Business Process Outsourcing (BPO) companies presents a significant challenge for Data Privacy Officers. A well-functioning control system directly contributes to the privacy risk rate associated with each identified issue. Failure to implement controls correctly can escalate the level of privacy risk.

The researcher has developed a unique system that is integrated into a Privacy Impact Assessment (PIA) tool. This system, powered by content and collaborative filtering algorithms, takes a collaborative approach to privacy risk management. Based on the risk category of each control and historical data, it recommends controls for reducing or eliminating the risk associated with each project within the organization. A collaborative approach empowers everyone to feel responsible for the outcome, encouraging all stakeholders to actively participate in addressing privacy risks.

This study adopts a combination of developmental and descriptive approaches. Developmental research focuses on systematically designing, developing, and evaluating the recommender system for the PIA tool, ensuring it meets the requirements. Descriptive research, meanwhile, investigates common privacy risks, implementation challenges, strategies employed, and respondents' satisfaction levels with the developed system.

The thoroughness of the research findings is a testament to the potential risks in BPO facilities. Many of these facilities allow unrestricted employee access to data storage areas, leading to potential breaches. Additionally, technical issues with data processing equipment often result in accidental exposure of personal and sensitive information even after disposing of records. These identified risks directly contravene the security protocols mandated by the National Privacy Commission (NPC), which require strict physical security measures for organizations handling personal data. The comprehensive nature of these findings instills confidence in the proposed solutions, reassuring the audience about the effectiveness of the proposed system.

This research introduces a crucial solution-a recommender system integrated within a Privacy Impact Assessment (PIA) tool. This system, powered by Collaborative filtering and content filtering, is designed to effectively address the challenges posed by privacy risks in BPO companies. Its ability to analyze past assessments and suggest controls based on similar situations, as well as categorize the appropriate control type based on risk description, makes it a valuable tool for Data Privacy Officers (DPOs) and top management.

By utilizing collaborative and content-based algorithms, the system not only recommends privacy risk levels and corresponding controls for identified and newly identified risks but also includes the audience in the process. This assists Data Privacy Officers (DPOs) in reducing risk levels by lessening or eliminating the potential harm from privacy breaches and making informed decisions. The system provides recommendations for top management to ensure compliance, fostering a sense of inclusion and shared responsibility in addressing privacy risks.


Download data is not yet available.


Aghdam, M. (2019). Context- aware recommender systems using hierarchical hidden Markov Model. Physica A: Statistical Mechanics and its Applications, 518(15), 89-98.

Alhijawi, and Kilani. (2020). A collaborative filtering recommender system using genetic algorithm. Information Processing and Management, 56(6)

Boström and Filipsson. (2017). Comparison of User Based and Item Based Collaborative Filtering Recommendation Services. Retrieved from

Cena, Console and Vernero. (2021). Logical foundations of knowledge-based recommender systems: A unifying spectrum of alternatives. Information Sciences, 546(6), 60-73.

Chulyadyo, Rajani. (2016). A new horizon for the recommendation: Integration of spatial dimensions to aid decision making.

Clarke. (2016). Privacy impact assessments as a control mechanism for Australian counter-terrorism initiatives. Computer Law & Security Review, 32(3), 403-418.

Dela Cruz. (2018). Why Do We Undertake Privacy Impact Assessments (PIA)? Retrieved from

Disini and Disini Law Office. (2018). Fostering a culture of privacy through the conduct of Privacy Impact Assessments. Retrieved from

Dong, Zeng, Koehl, and Zhang. (2020). An interactive knowledge-based recommender system for fashion product design in the big data environment. Information Sciences, 540, 469-488.

Eirinaki, Gao, Varlamis, and Tserpes. (2017). Recommender Systems for Large-Scale Social Networks: A review of challenges and solutions. Future Generation Computer Systems, 78(1), 413-418.

Esmaeili, Mardani, Alireza, and Golpayegani. (2020). A novel tourism recommender system in the context of social commerce. Expert Systems with Applications, 149(1).

Gao, Zhang, Yu, Li, Wen, and Xiong. (2021). Recommender systems based on generative adversarial networks: A problem-driven perspective. Information Sciences, 546(6), 1166-1185.

Herce-Zelaya, Porcel, Bernabe-Moreno, and Herrera-Viedma. (2020). New technique to alleviate the cold start problem in recommender systems using information from social media and random decision forests. Information Science, 536, 156-170.

Sinha and Dhanalaksmi. (2020). Evolution of recommender paradigm optimization over time. Journal of King Saud University – Computer and Information Sciences, 34(4), 1047-1059.

International Standard Organization (2018) ISO 31000 Risk Management – Principles and Guidelines on Implementation. Retrieved from

Lovine, Narducci, and Semeraro. (2020). Conversational Recommender Systems and natural language: A study through the ConveRSE framework. Decision Support Systems, 131.

Madasamy. (2019). Introduction to recommendation systems and How to design Recommendation system. Retrieved from

Margaris, Vassilakis, Spiliotopoulos. (2020). What makes a review a reliable rating in recommender systems? Information Processing and Management, 57(6).

Mohamed, Khafagy and Ibrahim. (2019). Recommender Systems Challenges and Solutions Survey. International Conference on Innovative Trends in Computer Engineering (ITCE), 149-155.

Napoles, Grau, and Salgueiro. (2020). Recommender system using Long-term Cognitive Networks. Knowledge-Based Systems, 206(28).

National Privacy Commission. (2016). Implementing Rules and Regulation. Retrieved from

Ojagh, Malek, Saeedi, and Liang. (2020). A location-based orientation-aware recommender system using IoT smart devices and Social Networks. Future Generation Computer Systems, 108, 970-118.

Pyati and Malawade. (2018). A Study on Risk Assessment Using Probability-Impact Matrix Method for A Multi-Storeyed Residential Building. International Research Journal of Engineering and Technology (IRJET), 05(07), 254-257

Raab. (2020). Information privacy, impact assessment, and the place of ethic. Computer Law & Security Review, 37.

Sambhav, Vikesha, Sushama. (2018). An Improved Collaborative Filtering Based Recommender System using Bat Algorithm. Procedia Computer Science, 132, 1795-1803.

Scudder, McNevin, Kelty, Walsh, and Robertson. (2017). Forensic DNA phenotyping: Developing a model privacy impact assessment. Forensic Sci Int Genet, 34, 222-230. 10.1016/j.fsigen.2018.03.005

Seyyar and Geradts. (2020). Privacy impact assessment in large-scale digital forensic investigations. Forensic Science International Digital Investigation. 10.1016/j.fsidi.2020.200906

Su, Zheng, Ai, Shen, Zhang. (2020). Link prediction in recommender systems based on vector similarity. Physica A: Statistical Mechanics and its Applications, 560(15).

Yassine, Mohamed, and Mohammed. (2021). Hybrid recommendation system combined content-based filtering and collaborative prediction using artificial neural network. Simulation Modelling Practice and Theory, 113.




How to Cite

Demelyn E. Monzon,. (2024). Automating Data Privacy Compliance through Filtering Algorithms. International Journal of Intelligent Systems and Applications in Engineering, 12(21s), 2966–2971. Retrieved from



Research Article