Personal data revolution takes first step

A new way of managing personal information set to maximise people's chances of privacy is being developed by computer scientists, led by a researcher at Queen Mary University of London (QMUL).

The £1.5m Databox Project seeks to give users greater awareness of how their is used by third parties like businesses or Internet providers, and give them more control over their own online generated data over multiple devices such as mobile, tablets and computers, both in and outside the home. It will also act as a and provide encryption services for the users, which will serve to enhance security and privacy for personal information.

Over the next three years the project team from QMUL, University of Cambridge and University of Nottingham will build an open-source networked device that is supported by cloud-computing, and which collates, curates, and mediates access to an individual's personal data by verified and audited third party applications and services, such as Facebook, Amazon or Google.

Some data, such as age, gender and location, collected about people and often generated by them, can be analysed by businesses and used to draw inferences about personalities and behaviour, like Amazon's product recommendations based on recent searches and purchases, or Facebook's targeted ads relating profile details. However, not all data is shared by choice, rather that information is handed over to companies by default.

Project leader Dr Hamed Haddadi from QMUL's School of Electronic Engineering and Computer Science, said: "Building privacy, trust and security into the evolving digital ecosystem is one of the most important challenges facing modern society today.

"The Databox Project provides a way of linking over different platforms, which allows people to exercise control over access to and use of their data. This will enable a new privacy-aware application ecosystem, supporting applications making use of rich, diverse data sources in ways that are currently not possible."

In addition to storing user information securely, the Databox Project will also allow controlled access to verified third parties with whom the person is happy to share their information.

The specific research objectives in this project include:

  • Creation of Databox to shape the design and build user-centred infrastructure, including APIs () enabling data processors to build applications that consume personal data;
  • Design and build of Databox platform that collects coherent datasets spanning both individuals and groups, for example, families or business teams;
  • Iterative design of applications, interfaces and interactions with data to understand the requirements for human-data interaction, including questions of ownership, privacy, and utility;
  • Real-world deployment of the Databox, its APIs and applications to understand the motivations and values that drive the future use of personal data, and the practices that shape and control its use.

The Databox Project will run for three years and starts in September 2016. It is funded by the Engineering Physical Sciences Research Council under its Trust, Identity, Privacy and Security in the Digital Economy theme.

Industry partners include the BBC, BT, Microsoft Research, and Telefonica. The is also supported by the Internet Society, Open mHealth at Cornell Tech, and the Horizon Digital Economy Research Institute.


Explore further

Cryptographic system allows users to decide how their data is accessed

Citation: Personal data revolution takes first step (2016, April 8) retrieved 15 October 2019 from https://phys.org/news/2016-04-personal-revolution.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
42 shares

Feedback to editors

User comments

rms
Apr 10, 2016
A system like this might "work", but it won't have much effect. All the "services" that demand users' personal information get the user's "permission" to collect it and use it in all sorts of ways. Users have no opportunity to negotiate about how much data to give: it's
always "give us your data or get lost."

What we really need is to require services to be designed to collect the least possible data for the overall goal.

See http://gnu.org/ph...acy.html

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more