Towards an Accountable Web of Personal Information: the Web-of-Receipts

Jesus, Vitor (2020) Towards an Accountable Web of Personal Information: the Web-of-Receipts. IEEE ACCESS, 8. 25383 - 25394. ISSN 2169-3536

[img]
Preview
Text (Web-of-Receipts)
Web-of-Receipts.PDF - Accepted Version
Available under License Creative Commons Attribution.

Download (1MB)

Abstract

Consent is a corner stone in any Privacy practice or public policy. Much beyond a simple "accept" button, we show in this paper that obtaining and demonstrating valid Consent can be a complex matter since it is a multifaceted problem. This is important for both Organisations and Users. As shown in recent cases, not only cannot an individual prove what they accepted at any point in time, but also organisations are struggling with proving such consent was obtained leading to inefficiencies and non-compliance. To a large extent, this problem has not obtained sufficient visibility and research effort. In this paper, we review the current state of Consent and tie it to a problem of Accountability. We argue for a different approach to how the Web of Personal Information operates: the need of an accountable Web in the form of Personal Data Receipts which are able to protect both individuals and organisation. We call this evolution the Web-of-Receipts: online actions, from registration to real-time usage, is preceded by valid consent and is auditable (for Users) and demonstrable (for Organisations) at any moment by using secure protocols and locally stored artefacts such as Receipts. The key contribution of this paper is to elaborate on this unique perspective, present proof-of-concept results and lay out a research agenda.

Item Type: Article
Additional Information: (c) 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.
Identification Number: https://doi.org/10.1109/ACCESS.2020.2970270
Date: 29 January 2020
Uncontrolled Keywords: web-of-receipts, consent, privacy, web, internet, personal information
Subjects: G400 Computer Science
G500 Information Systems
Divisions: Faculty of Computing, Engineering and the Built Environment
Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology
Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology > Cyber Security
Depositing User: Vitor De Jesus da silva
Date Deposited: 28 Jan 2020 15:09
Last Modified: 14 Feb 2020 09:07
URI: http://www.open-access.bcu.ac.uk/id/eprint/8814

Actions (login required)

View Item View Item

Research

In this section...