Privacy-Preserving Transparency-Enhancing Tools
2012 (English)Licentiate thesis, comprehensive summary (Other academic)
Transparency is a key principle in democratic societies. For example, the public sector is in part kept honest and fair with the help of transparency through different freedom of information (FOI) legislations. In the last decades, while FOI legislations have been adopted by more and more countries worldwide, we have entered the information age enabled by the rapid development of information technology. This has led to the need for technological solutions that enhance transparency, for example to ensure that FOI legislation can be adhered to in the digital world. These solutions are called transparency-enhancing tools (TETs), and consist of both technological and legal tools. TETs, and transparency in general, can be in conflict with the privacy principle of data minimisation.
The goal of transparency is to make information available, while the goal of data minimisation is to minimise the amount of available information. This thesis presents two privacy-preserving TETs: one cryptographic system forenabling transparency logging, and one cryptographic scheme for storing the data for the so called Data Track tool at a cloud provider. The goal of the transparency logging TET is to make data processing by data controllers transparent to the user whose data is being processed. Our work ensures that the process in which the data processing is logged does not leak sensitive information about the user, and thatthe user can anonymously read the information logged on their behalf. The goal of the Data Track is to make it transparent to users which data controllers they have disclosed data to under which conditions. Furthermore, the Data Track intends to empower users to exercise their rights, online and potentially anonymously, with regard to their disclosed data at the recipient data controllers. Our work ensures that the data kept by the Data Track can be stored at acloud storage provider, enabling easy synchronisation across multiple devices, while preserving the privacy of users by making their storage anonymous toward the provider and by enabling users to hold the provider accountable for the data it stores.
Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2012. , 22 p.
Karlstad University Studies, ISSN 1403-8099 ; 2012:57
Research subject Computer Science
IdentifiersURN: urn:nbn:se:kau:diva-15685ISBN: 978-91-7063-469-7OAI: oai:DiVA.org:kau-15685DiVA: diva2:570706
2013-01-08, 21A342, Karlstad Universitet, Karlstad, 09:15 (English)
Hoepman, Jaap-Henk, Assoc. Prof.
Fischer-Hübner, Simone, Prof. Dr.Lindskog, Stefan, Prof. Dr.
List of papers