Personal Data ReceiptsReal Consent & GDPR ReadinessJanuary 16th, 2017

Michele NatiLead Technologist Personal Data and Trust

Lucie Burgess, Head of Personal Data and TrustDavid Ponsford, Senior Product Manager

Digital Catapult, London@michelenati

Motivation• Personal Data availability is growing• By 2019, total shipments will reach 214.6 million units, a five-year

Compound Annual Growth Rate (CAGR) of 28% (IDC)• … and business digital transformation is

leveraging that• … with transparency and trust becoming of

paramount importance• Only 1 in 5 Consumers read privacy statement; 15% feels to have control over how their data are

used (Source: Data Protection Eurobarometer)

• And regulatory framework now in place to measure it (GDPR)

http://ec.europa.eu/justice/data-protection/files/factsheets/factsheet_data_protection_eurobarometer_240615_en.pdf

Trust and GDPR

Trustworthiness

ReputationTrust

- Transparency (Article 12-14, Information notice)

- Accountability (Article 4 and 7, Consent)

- Level of Control (Article 17-19, Data erasure and portability)

Background• Summer 2016 intern • Understanding what transparency means for consumers• Data discovery, interviews, user-centric design, prototyping, measuring• Findings: transparent, clear and concise summary of collected data,

increase trust

https://pdtn.org/designing-consent-receipts-future-personal-data-sharing/

Personal Data ReceiptsMulti-disciplinary team:- UX Lead- Marketing experts- Lawyer- Lead Tech

Lawyer advice:According to DPA, consent is not required for:a) the “legitimate interests” of the

data controller so long as they do not override the fundamental rights of the data subject;

b) data that it is necessary to collect or process the data to fulfill a contract the data subject asked to enter

• PDRs are a super-set of consent receipt• First full transparency, then control

Current Benefits• Individuals:• Simplify understanding of privacy policies• Track and control the use of personal data

• Organizations:• Increase transparency, by simplifying privacy policies

• For both:• Simplify Subject Access Requests (by providing a link to Data Controller)

Technical integration – Logic view

User interfaces: collect, stores and manage PDRsPDR generator: uses secure APIs from different corporate legacy systems (e.g. Salesforce)Audit trail: authenticity, integrity, confidentiality, non-repudiability

Technical integration – Digital Catapult system

Preserving privacy:• No new personal information is

created; nor passed and stored across different systems

• Secure meta-data communication• Pseudonyms to link PDRs and users• PDRs only sent the first time, with

random delay, to avoid traceability• Audit trail: including PDR version

for maintain consistency (in case of Privacy Policy change)

PDR trial ambitions• Educate consumers (visitors) about

their personal data sharing• Measure the value of PDR for

consumers• Promote best practices and adoption

to increase businesses transparency and trust

PDR trial summary

80%

20%

Yes No

51%49%

Opened NOT opened

Overall visitor engagement

1504PDRssent

20 27 13 16 0 0 0 0

Visitors: Total Page views :Contact via website:Requests to be removed:

Website engagement

303 339128 18347% 44%4% 4%

Centre Visitors:PDRs sent:Email open rate:Click thru rate:

This week Last week

Catapult Centre engagement

DCC visitors*

95Closed Data

191IoT

94Licensed

Data157

P D & T

Would you like all services you signed up for to send you a PDR?

80%

20%

Yes No

Would you consider implementing something similar within your company?

Yes - 80%

Yes - 80%

020406080

100120140 Total Vis-

itorsPDRs sent

3892Total visitors

1950Total fist time visitors

1504Total receipts sent

*figures taken cumulative since 13/09/16

PDRs sent by interest area

GDPR compliance• Article 12-14, Information notice• Use of icons and simple text to explain: what, how and for what purpose• (could be extended to target different demographic groups)

• Article 4 and 7, Consent• Provides a record for both individual and organization• Includes data collected under consent• (currently only in human-readable format; could be extended with link to

remove consent)

• Article 17-19, Data erasure and portability

• Provides link to contact Data Controller• (could be extended with link to automatically trigger data erasure or

portability; but needs strong identity and identification, Article 29 WP)

Next steps• Report to be released soon• Commercial• Promote adoption• Organizations collecting personal data and needing GDPR compliance• SMEs providing personal data management solutions (e.g., e-wallets)

• Technical• Understand requirements, formulate and test assumptions, deliver

technology to:• Provide additional functionalities• Simplify adoption (process vs toolkit)• Increase scalability (e.g. PDR as a service)• Foster interoperability (standardized human and machine readable format)

BSI PAS 4891 – Privacy Labels

• Recommendation on how organizations communicate how they use customers personal data online

• Define the categories of information• Provide an initial icons mockup• Can be used in layered privacy

policies (and PDRs)

THANK YOU!

#DigiCatapult

info@digicatapult.org.uk0300 1233 101

Digital Catapultdigicatapult.org.uk

/DigitalCatapult

@DigitalCatapult