The SPECIAL project will address the contradiction between Big Data innovation and privacy-aware data protection by proposing a technical solution that makes both of these goals realistic. We will develop technology that:
(i) supports the acquisition of user consent at collection time and the recording of both data and metadata (consent, policies, event data, context) according to legislative and user-specified policies;
(ii) caters for privacy-aware, secure workflows that include usage/access control, transparency and compliance verification;
(iii) demonstrates robustness in terms of performance, scalability and security all of which are necessary to support privacy preserving innovation in Big Data environments; and
(iv) provides a dashboard with feedback and control features that make privacy in Big Data comprehensible and manageable for data subjects, controllers, and processors.
SPECIAL shall allow citizens and organisations to share more data, while guaranteeing data protection compliance, thus enabling both trust and the creation of valuable new insights from shared data.
Our vision will be realised and validated via real world use cases that - in order to be viable - need to overcome current challenges concerning the processing and sharing of data in a privacy preserving manner. In order to realise this vision, we will combine and significantly extend big data architectures to handle Linked Data, harness them with sticky policies as well as scalable queryable encryption, and develop advanced user interaction and control features: SPECIAL will build on top of the Big Data Europe and PrimeLife Projects, exploit their results, and further advance the state of the art of privacy enhancing technologies.
WP1 - Use cases & Requirements
WP1 will adopt a multidisciplinary approach to requirements analysis and validation, examining: the functional and nonfunctional requirements concerning policy specification, policy enforcement and data transparency), the relevant legal and ethical considerations, and the scalable infrastructure that will be required to implement the policy and transparency framework.
WP2 - Policy and Transparency Framework
WP2’s objective is to provide the policy language and algorithms that are necessary for transparency and compliance based on the processing and exchange of personal data
WP3 - Big Data Policy Engine
WP3’s objective is to involve the initial setup and subsequent extension of the policy aware Linked Data architecture and engine, integrating the policy and transparency outcomes from WP2, and the system requirements from WP1. This work package will furthermore: determine the most efficient way to compress, encrypt and index policy data and metadata; enhance the existing architecture with relevant authentication and authorisation mechanisms; develop components that allow for efficient querying and reasoning over encrypted data and metadata; and implement the algorithms defined in WP2 and improve the robustness and scalability of the transparency and compliance components.
WP4 - User Interaction
WP4’s objective is to support the user in understanding how their personal data is processed. An interactive transparency dashboard will provide data subjects, data processors and data controllers, with information pertaining to what has happened to their data. The consent and feedback function of the dashboard will support the user in policy specification and administration. In keeping with the requirements of the GDPR the data security and breach notification module will provide information concerning non-compliance to data protection officers and data subjects in a non intrusive manner. WP4 will rely on the requirements from WP1 and the results from the WP2 transparency framework and WP3 exposed functions, interfaces and APIs.
WP5 - Use Case Implementation & Evaluation
WP5’s objective is to integrate the different results from WP2 to WP4 and to evaluate the proposed architecture under real-world conditions. Driven by use case partners, this work package will plan and develop three separate real-world application pilots. First, this WP will support the implementation of the use cases defined in WP1, which demonstrate our framework at work. Second, the results from the pilots will undergo a technological and economic evaluation. The experiences gained from the lab trials will be merged, generalized, and translated into a set of methodological guidelines for future implementations
WP6 - Collaboration, Dissemination & Standardisation
This work package is dedicated to dissemination and exploitation of the project results and findings. It will develop effective dissemination channels that will be used to reach all interested parties outside of the consortium, e.g. citizen/end user representatives, public administrators, and other projects such ICT-14 and the CSA in ICT-18. This work package will coordinate the publication and positioning of project results in scientific research communities (e.g. high-quality journals, conferences and workshops), trade journals, and focused industrial exhibitions and fairs. This work package also involves the establishment and maintenance of our continuous exploitation strategy and the external representation of the project to stakeholders and the public.
WP7 - Project Management
The overarching objective of this work package is to ensure the management environment and associated support for the efficient and timely implementation of project activities. This is done through the tight orchestration of the following tasks: project coordination; administrative management and support; quality, risk, and data management; and ethical monitoring.
WP8 - Ethics Requirements
The objective is to ensure compliance with the 'ethics requirements' set out in this work package.