RESPECTeD
Really Enforceable Solution to Protect End-users Consent & Tracking Decisions

RESPECTeD

Förderjahr 2019 / Project Call #14 / ProjectID: 4625

Who we are? We are an international group of researchers, engineers & activists with a multidisciplinary background in computer science, law, social sciences and cognitive sciences who aim to contribute towards tackling one of the most significant issues of our time: Invasion of Personal Digital Privacy.

For whom is the project? Almost everyone on Internet: 1) end-users will finally have a mechanism to express their consent and tracking decisions in a manner, which not only is human-cetnric, user-friendly and easy-to-use, but also lawfully and technically enforceable; 2) service providers will be provided by a clearly defined technical mechanism and supporting codes to gain and respect user consents.

What is it? We tackle a wide range of privacy-related issues on internet, among others: providing consents on the Internet is a time and expertise-demanding task which cannot correctly be performed by most of the users, withdrawing consents is normally a sophisticated task, the existing anti-tracking mechanisms (e.g. W3C's Tracking Preference Expression - DNT) are not legally enforceable and are in many cases ignored by the service providers.

We aim to develop a mechanism to address these issues.

How does it work? Based on an extensive study of existing patterns of tracking, we develop a detailed standard mechanism for communicating users consent and tracking decisions via HTTP headers. A set of client-side and server-side software (e.g. web-browser plugins) support the legal enforcement of the expressed consents, e.g. by sending the required identifiers (e.g. cookies) or legally binding emails.

Projektteam

Projektergebnisse

Endbericht CC-BY-SA

This document is the final project report of the RESPECTeD project.

Entwicklerdoku CC-BY-SA

Several documents to support the developers are developed. This includes:

Readme on the ADPC specification github: https://github.com/Data-Protection-Control/ADPC

Readme on the browser-extension github: https://github.com/Data-Protection-Control/browser-extension

Readme on the website-helper-software github: https://github.com/Data-Protection-Control/website-helper-software

Webpage on our website, describing how the ADPC works: https://www.dataprotectioncontrol.org/about/

The FAQ page on our website: https://www.dataprotectioncontrol.org/faq_contact/

Furthermore, the ADPC specification itself including an easy-to-understand introduction and explains different functionalities to the developers in an accessible language throughout the specification: https://www.dataprotectioncontrol.org/adpc-spec/

Anwenderdoku CC-BY-SA

Several documents and resources to support the users, NGOs, or non-technical experts to understand the basics of the ADPC were developed. This includes:

The ADPC website: https://www.dataprotectioncontrol.org

A video that describes the concept of the ADPC and how it works, that can be found on the first page of the ADPC website: https://www.dataprotectioncontrol.org

How does the ADPC work? https://www.dataprotectioncontrol.org/about/

The ADPC FAQ: https://www.dataprotectioncontrol.org/faq_contact/

The ADPC prototype webpage: https://www.dataprotectioncontrol.org/prototype/

Summary CC-BY-SA

This document provides a summary of the RESPECTeD project.

Code Mozilla Public License 2.0

Title of the deliverable: A specification for communication of the end-users online privacy decisions

As a part of this project, we developed the Advanced Data Protection Control (ADPC) which is a novel mechanism for the communication of privacy and consenting data and decisions.

The technical specification is available here: https://github.com/Data-Protection-Control/ADPC

Code Mozilla Public License 2.0

Title of the deliverable: A browser plugin which works based on the developed standard (PoC for the data subjects)

As a proof of concept, we developed a functional prototype that works based on the ADPC.

The code is available here: https://github.com/Data-Protection-Control/browser-extension

A demonstration can be found here: https://www.dataprotectioncontrol.org/prototype/

Code Mozilla Public License 2.0

Title of the deliverable: A server side software (plugin) that works based on the developed standard (PoC for the data controllers)

To support an easier adoption of the ADPC by data controllers, we developed a functional prototype of a server-side software that can communicate privacy and consenting requests and decisions between the server and users' clients.

Veröffentlichung CC-BY-SA

We have been continuously working on different publications regarding the ADPC. Among others, our paper on ``Data Protection and Consenting Communication Mechanisms: Current Open Proposals and Challenges'' which compares the ADPC and the GPC won the best paper presentation award of the 2022 International Workshop on Privacy Engineering (IWPE’22), Co-located with the 7th IEEE European Symposium on Security and Privacy (EuroS&P), in Genoa, Italy. A preprint can be found here: https://research.wu.ac.at/de/publications/data-protection-and-consenting-communication-mechanisms-current-o-4

Präsentation CC-BY-NC

This presentation won the best paper presentation award of the 2022 International Workshop on Privacy Engineering (IWPE’22), Co-located with the 7th IEEE European Symposium on Security and Privacy (EuroS&P), in Genoa, Italy.

Datenschutzinformation
Der datenschutzrechtliche Verantwortliche (Internet Privatstiftung Austria - Internet Foundation Austria, Österreich) würde gerne mit folgenden Diensten Ihre personenbezogenen Daten verarbeiten. Dies ist für die Nutzung der Website nicht notwendig, ermöglicht aber eine noch engere Interaktion mit Ihnen. Falls gewünscht, treffen Sie bitte eine Auswahl: