Regaining the end-users' trust with transparency-enhancing tools

With the constant news of data breaches and global (governmental) surveillance, endusers are becoming more and more reluctant to share sensitive data. As a result trust of end-users is an essential business enabler. For the end-user, sharing data with companies is often a prerequisite for using their services. Moreover, for certain services, e.g., governmental and healthcare services, end-users do not really have the option to not share personal data with these services. There is an information asymmetry between the organisations that handle personal data and the individuals to whom these data relate: these organisations know more about the individual than just the data disclosed by that individual (e.g., inferred data, enriched data from combining these with other databases), while the individual has little information on what these organisations do with the collected personal data. By offering transparency, e.g., through the deployment of transparency-enhancing technologies (TETs) at service providers, while giving individuals insights in what is happening with their personal data, organisations can reduce this information asymmetry and profile themselves as trust-worthy. With these insights, end-users can hold organisations more accountable for their actions and file a complaint in case of abuse. With the upcoming European data protection regulation, organisations will also be required to offer some kind of transparency. An important prerequisite for individuals to put trust in the system is the integrity of the data generated by such a transparency-enhancing tool. In particular, it should be impossible to alter the information on which the individual bases his/her insights, i.e. metadata about personal data processing. Such a tool should also take into account both data privacy and confidentiality, since the mere existence of metadata already reveals information, e.g., the individual visited the hospital. Ideally, the integrity of the data generated by the tool could also be verified by a trusted third party or auditor without infringing on the individuals’ right to privacy. Within project Opacity, we developed a transparency-enhancing tool that meets these criteria: integrity, data privacy, confidentiality and public verifiability. This solution is based on strong state-of-the-art cryptographic building blocks and validated protocols. It allows organisations to easily generate an end-user specific history of data processing in real time, which can be consulted by the end-user at any point in time. The end-user is ensured of the integrity, confidentiality and timeliness of the presented events. The integrity of the global history for all end-users of a single organisation can be validated by an external auditor without violating the end-users' privacy. Finally, this tool can also be deployed for processes (data handling) that span multiple organisations. A reference implementation of this tool, named Insynd, is freely available under open source. 1 KU Leuven, COSIC and iMinds 2 Karlstad University, Department of Mathematics and Computer Science 3 Project Opacity: http://www.project-opacity.com