Talks and Poster Presentations (with Proceedings-Entry):
D. Schmelz, K. Pinter, P. Niemeier, T. Grechenig:
"Towards Informational Self-determination: Data Portability Requests Based on GDPR by Providing Public Platforms for Authorised Minimal Invasive Privacy Protection";
Poster: BLOCKCHAIN'21: 3rd International Congress on Blockchain and Applications,
- 10-08-2021; in: "Proceedings of Blockchain'21",
The Universal Declaration of Human Rights (UDHR) defines that no human being should be subjected to arbitrary interference with his privacy. Yet last decadeīs digital platform progress has been legally widely unframed and untamed. Therefore, both collection and commercial use of personal data has become a widespread and profitable business model in which individuals currently practically have very little power. European Unionīs General Data Protection Regulation (GDPR) rebalances rights and obligations of data controllers processing personal data and data subjects whose data are being processed. Well-tailored and targeted use of blockchain technologies enables system transactions that strengthen individual regain of control over personal data and securely transfer it. The proposed system (PPAMIPP, public platform for authorised minimal invasive privacy protection) allows data subjects to claim the personal data processed by them and request their transfer in accordance with the GDPR by defining a respective novel process and supporting technical architecture. The proposed system is validated using a prototype implementation. In addition to demonstrating the feasibility of the system while maintaining confidentiality and integrity, the trade-offs between privacy and usability, as well as general problems of the defined process from legal and technical viewpoints, are highlighted.
"Official" electronic version of the publication (accessed through its Digital Object Identifier - DOI)
Created from the Publication Database of the Vienna University of Technology.