A recent paper by Karami, Basin and Johnsen (CSF 2022) proposes programming language constructs which turn GDPR violations into programming errors which trigger runtime exceptions. This topic for this thesis is to propose a way to integrate these constructs into a real programming language for web-based applications.
Reference
Farzane Karami, David Basin, Einar Broch Johnsen. DPL: A Language for GDPR Enforcement. Proc. Computer Security Foundations (CSF 2022). [Link]