OPERANDO: Simplifying online Privacy

Leire Orue-Echevarria (TECNALIA)

Madrid, 29.11.2015

11

https://cybercamp.es

Agenda• OPERANDO at a Glance

• Motivation

• Objective

• Concepts

• Stakeholders: Who will benefit from OPERANDO?

• OPERANDO Use Cases

• OPERANDO Architecture

• Next Steps

2

OPERANDO At a Glance

3

Project name: Online Privacy Enforcement, Rights Assurance and Optimization

Action type: Innovation Action

Duration: 36 months Start date: 1 May 2015

Total budget / Total EC funding: 4 455 811.25 euros / 3 746 037 euros

Project Consortium: 9 partners (1 Third party)

OPERANDO Motivation: Current Situation

• Escalating loss of online privacy• Consumer services: Facebook, Google, LinkedIn…

• Consumers are targeted and stripped of their privacy

• In most cases, consumers are defenseless

• Reality outpaces regulations and privacy laws

• Government/public services struggle with privacy protection• Citizens’ mistrust/public outcry

• Inadvertent disclosures to other agencies

• Hacking attacks

• Stringent privacy laws compliance requirements

OPERANDO Motivation

5

Europe’s citizen privacy laws are world-leading

The evolving data protection and privacy frameworks are yet to be implemented in a transparent and friendly way

Users should be able to take part of the monetization of the economic value of their data

Users need to understand and control how their personaldata are used

However, …

OPERANDO Objective

Specify, Implement, field test, validate and exploit an innovative privacy enforcement framework that will enable the Privacy as a Service (PaS) business paradigm and create a broad market for online privacy services online.

6

www.operando.eu

7

OPERANDO Concepts (1/2): Privacy classification

Personal data type Sensitivity Economic Value

Medical Extreme High

Financial Very high Extreme

Goverment High High

Social networks Medium Very high

Mobile device Extreme Very high

P2P Networks Low Low

• Privacy classification based on two attributes: Sensitivity and EconomicValue

OPERANDO Concepts (2/2): Privacy as a Service

8

Online Service Providers (OSP)* Including PPAA

User

PrivacyRegulator

Privacy Authority (PA)(*)(*) operated by Privacy Service Provider

Trusted Privacy Protection Relationship

(OSP-Users – PrivacyRegulators)

User Privacy Policy = Usersensitivity profile + Explicit userinput + Privacy laws + Bestpractices

Stakeholders (1/2): Who benefits from OPERANDO?

9

Online ServiceProviders (OSP)* Including PPAA

Privacy Authorityand PrivacyService Providers

• Gain the ability to cost-effecitively comply with privacyregulations

• Profit legimately, based on the user’s consent, from themonetization of data

• Increase trust of users in PPAA online services

• Enforcement of privcy in users’ devices (stored data and sensor outputs of mobile devices)

10

Users

PrivacyRegulators

Stakeholders (2/2): Who benefits from OPERANDO?

• Manage their online privacy issues with an intuitive Web GUI• The UPP will enforced by the PA in all user’s devices• Partake in the monetization of their data

• Automated audit of OSP’s policies for compliance withregulations

Use Cases•Next, only some examples where OPERANDO will be applied

• Focus on • Business to Consumer (B2C)• Government to Consumer (G2C): Healthcare and Public

Administration

11

Business to Consumer (B2C) (1/4)

12

Challenge: Obfuscation of privacy settings

• SIX pages of privacy options to set on Facebook

• The default settings are not privacy-friendly

• Same problem on Google and other major networks

13

OPERANDO solution: Unified privacy dashboard

• Web-based unified privacy settings dashboard

• Handles your accounts at all the major services

• Single-click “best practices” privacy lockdown

• Automated policy watchdog

Privacy Dashboard

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Optiion1 Optiion1

Business to Consumer (B2C) (2/4)

14

Challenge: Access to social network data - users do not benefit

Business to Consumer (B2C) (3/4)

15

OPERANDO solution: Privacy-for-benefit deals

Business to Consumer (B2C) (3/4)

The user can choose to:

• Log in with SN account and get and economic benefit

or

• Log in with email/password

Log in with username & password

and get a 5 € coupon for your first purchase

or

Privacy-for-benefit deal

If no deal is offered, OPERANDO will display a privacy warning

16

Brief Description

Government to Consumer (G2C) (1/4): FoodCoach

The food coach platform helps prevent development of chronic disease and its associated negative health outcomes by providing accurate and timely information to users, patients, and caregivers for supporting healthy diets and behaviors.

The Food Coach platform allows different kinds of end-users: • People interested in taking advantage of the dietary advice automatically provided

by the Food Coach engine. This broad set of end-users contains “structured” users, e.g., families

• People affected by pathologies, e.g., diabetes or obesity. For such patients the Food Coach provides a common infrastructure where patients’ doctors can monitor the health status of the patients and interact with them, tuning their diets.

17

What OPERANDO will provide FoodCoach with

Government to Consumer (G2C) (2/4): FoodCoach

• The integrated OPERANDO-based PSP will be used to maximize privacy control over the patient’s private data.

• Doctors’ access to the patients’ data will be regulated by the PSP policies defined by the patients themselves.

• Caregivers constitute another category: they will be provided an account to consult the profile of the individual they help. The data the caregivers will be able to access will also be regulated by the policies enforced by the PSP.

18

Brief Description

Government to Consumer (G2C) (3/4): Vulnerable Adults

Help vulnerable adults lead an independent life in their own homes• E.g. Telecare• E.g. people with low level mental health problems

• Key problems are:• Transfer of information about a service user is difficult and is not conducive to

coordinated care for the victim• Information about service users needs to be entered manually into each

organisation’s systems upon transfer• Service users give information but have no visibility of how this is used, who can see

it and where it is • It is difficult to keep data held about service users compliant with regulations (when

they change) and provide an audit trail for data use

19

What OPERANDO will provide with

Government to Consumer (G2C) (4/4): Vulnerable Adults

Challenges Benefits of OPERANDO

Lack of care coordination may lead to higher costsEasy to request information from service users, allowing sharing of information between organisations to support coordinated care

Lack of information sharing increases errors and delays

Data storage security and security breachesAvoid inadvertent exposure of unsolicited information by using PSP to store and provide data

Cost in remaining compliant to regulationsPSP provides privacy service, which is updated regularly with new regulations

Assumed consent from service users for data useService users set privacy preferences to avoid assumed consent

Electronic data capture leads to inaccurate/unavailable data due to mismatching fields

Data stored is in a standard format, allowing information sharing across systems

Difficult to access analytical data about service users

Receive anonymized big data analytics

OPERANDO High Level Architecture

20

Personal Data

Repository

Core PA

User

OPERANDO PA Core: led by

21

• Gatheranonymized data

• Aggregate and reduce data

• Process Scheduling

• Monitor whether OSPs have changed privacy policies or user privacy settings

• Compute a user privacy policy (UPP)

• Maintain a UPP• Notify a change of UPP• Evaluation of System behavior

against privacy rules and policies

• Display privacy implications

removes personally identifiableinformation (PII) from user data ormasquerading (i.e. throughencryption mechanisms) identifying information (pseudo-anonymization) of user data prior to delivery to a requesting OSP.

• allows users to benefit economically from allowing OSPs to access their personal data

• allows Privacy Service Providers to control and make business from the usage of the platform privacy services

Future Work

• Implement all modules

• Proof of concept in OPERANDO Use Cases

• OPERANDO will be Open Source: Check our website forsoftware releases!

22

OPERANDO in Social Media

23

@OperandoH2020

www.operando.eu

https://www.facebook.com/OperandoH2020

http://www.slideshare.net/operandoh2020

Contact details

24

Leire Orue-EchevarriaIT Competitiveness

ICT - European Software Institute Division

TECNALIAParque Tecnológico de Bizkaiac/ Gueldo Edificio 700E-48160 Derio - Bizkaia (Spain)Tel: 902.760.000Tel: +34 946 430 850 (International Calls)Leire.Orue-Echevarria@tecnalia.com

Thank you!

25

26

https://cybercamp.es @CyberCampEs#CyberCamp15