Introduction
Most data on the internet is personal data - it tells us something about people’s behaviours, habits and preferences. Over the past several years, power has been consolidated among a small number of internet firms on a business model that relies substantially on how they extract and sell this information.
Meanwhile long terms and conditions confuse people about how these companies operate, and a lack of transparency and accountability over who gains value from personal data has lead to misuse from large-scale manipulation to election-tampering.
DECODE is a fourteen-partner project which aims to understand new types of social value that are generated when people are given the ability to control and share personal data on their terms. It aims to create tools that allow people to flexibly decide who is able to access personal data, and for what purposes.
Context
Efforts to give people more control over personal data are not new. DECODE’s origins are varied, including cryptography and privacy research; Vendor Relationship Management tools (some of the first projects to understand the need for individuals to decide which data external parties could access); through to the web science movement.
But recently a range of technologies have emerged - from new techniques enabling ‘perfect privacy’ to distributed computing solutions - that are creating an exciting new wave of innovation that have the potential to put power directly into the hands of individuals.
DECODE’s primary aim is to try and take some of these technologies, translate them into user-friendly tools, and test them with real people and communities.
This blog provides a summary of the technical aspects of DECODE and what makes it different to other projects, as outlined in the DECODE Whitepaper. It outlines the key features of the DECODE technology under four broad principles:
1. Free and open source
DECODE strongly believes that technologies delivering public benefit should strive to be transparent by design. What’s more, we believe that it’s harder to offer users strong privacy protection without making the underlying technology fully open to inspection and improvement (two of DECODE's partners, the Dyne.org foundation and Waag are promoters of the PUBLIC MONEY/ PUBLIC CODE initiative).
All work produced by the project will be published as free and open source according to the licenses approved by the Free Software Foundation’s European and emerging open hardware standards. Like the original foundations for the Web, we also hope that the openness of the platform will enable greater innovation and participation in DECODE activities.
DECODE is being built upon the solid foundations of existing proven software wherever appropriate. For instance, DECODE’s operations will be running on the well known and solid Debian OS (a variant of Linux).
DECODE also brings a number of established open source projects and existing privacy innovations together, including a distributed ledger platform called Chainspace, and a ‘wallet app’ that uses Attribute-Based Credentials, implemented with the help of University College London and Radboud University in the Netherlands. We describe what these technologies are, and how they will work specifically in DECODE, in more detail below.
2. Decentralised
Innovation with personal data and privacy is currently increasing exponentially. But most of these emerging projects operate as specific ‘platforms’ or companies with centralised structures and rules. In contrast, DECODE technology is best thought of as a set of open standards and protocols which can be integrated into any digital application or service.
DECODE also relies on new decentralising tools, such as distributed ledger technology (DLT). Like the founding protocols of the internet and World Wide Web, DLTs can be thought of as a new type of shared global network, which no single actor governs or owns. Rules of transparency, auditability and individual control can be embedded in the network design. Some have said this technology will lead to ‘Web 3.0’, and an enabler for a fairer, less extractive online economy.
In DECODE, all operations will be processed, validated and updated on a distributed ledger called Chainspace, which is designed to provide full auditability of transactions. Another technology called Zenroom provides the cryptography and the sensitive data manipulation for DECODE. Both of these enable all computation to be performed by a distributed network of computers (known as ‘nodes’); avoiding reliance on any central organisation or API.
Achieving transparency through decentralisation, while upholding individual privacy of people using the network, might feel like two competing aims. However, thanks to advances in modern cryptography, it is possible to ensure that operations were correctly performed on a ledger without divulging private user data – a family of techniques known as zero-knowledge. This brings us to our third defining principle.
3. Privacy-enhancing
DECODE is designed with privacy in mind from the ground up. One of the key components that enable this is a technology known as Attribute Based Credentials (ABCs). ABCs are the core mechanism for how participants express their identity on the DECODE network.
Authenticated but anonymous
In simple terms, personal data on DECODE will be defined in terms of ‘attributes’.
For example, a participant may have the attribute that they are ‘over 18’ or ‘a resident of the city of Barcelona’. A person’s digital identity on DECODE will be little more than a collection of attributes.
Attributes can be authenticated by an issuing party (e.g. a City Government) and then cryptographically bound into a 'credential'. Once these credentials have been issued they can be stored in a secure digital wallet on the user’s phone, and then used without any intervention of that issuing party anymore (users only need to interact with the issuing party once).
After that, attributes or bundles of attributes can be used to express certain ‘entitlements’, which are defined by different parties in the network as conditions for accessing a service. For example, an entitlement for giving young people free access to the digital collection of the local library may be that they posses a credential by the City Government that contains the attribute 'under 18'.
The upshot is that DECODE will enable internet services to offer a whole range of personalised applications while greatly minimising the amount of sensitive information that needs to be collected and sent across the internet.
Context-dependent access
Attributes have other useful features. They can define a range of things, like the specific organisation a person sits within, their role, their location, their department, and more.
When it comes to actually sharing data, we can create mechanisms that allow individual participants to declare and enforce agreements about how data is accessed using these attributes (Attribute-Based Encryption).
For example, a user may be able to encrypt personal data and say that this information can only be unlocked by the people that possess the specific attributes that they choose: such as only by certain people or organisations (‘only medical professionals’), or in specific locations (‘only within my neighbourhood’).
This is more experimental and still only a research topic within DECODE. Nonetheless it helps to describe where we would like the technology to lead.
4. User friendly
One of the key objectives of DECODE is to experiment with how some of these complex technologies can be translated into user-friendly tools.
The main method of communication through DECODE applications will be a language known as ‘Smart Rules’ which are the front-end expressions of Attribute-Based Credentials described above.
Smart Rules will be defined in a universally recognisable language that applications across the network can understand. At a basic level, Smart Rules will be designed to allow users or organisations to express what happens to personal data - imagine a simple user-interface that lets users specify how data should be used, where, when and for what purpose.
Our ultimate vision is to create something akin to a set of creative commons licenses for personal data, making people not companies the ones who set fine-grained terms of use.
A core part of the DECODE pilots, starting in October 2018, will be to implement, test, and improve the user-design of Smart Rules in collaboration with communities in each of our partner cities. You can read a full list of the DECODE project pilots on our website
New 'commons' for data
By giving people secure, and flexible means to share personal data on their terms, DECODE aims to enable a new generation of peer-to-peer digital applications. We imagine new platforms that will allow more democratic forms of control, where people and communities are able to leverage the collective value of their data.
For example, one DECODE pilot will give citizens of Barcelona a safer means to engage in data-driven activism. People will be able to collect and safely share noise pollution data from inside and outside their homes (noise pollution is a problem that blights the lives of many people living in the inner city in Barcelona). Local people will be given Smart Citizen Kits and will be given means to visualise the data on user-friendly dashboards, anonymise that data, and share it with their neighbours or directly with the city government.
DECODE Whitepaper
The Whitepaper is DECODE’s first comprehensive outline for what a more decentralised, fairer data sharing protocol on the Internet should look like. You can read the full document here. At a higher level, the features outlined above act as broad principles which we think should underpin a progressive future vision for the internet.
Of course, we are open to comments and constructive feedback. To stay up to date with our progress, or to comment on the document, Tweet us, message us at info@decodeproject.eu or keep track of our website to find out more about the upcoming technology pilots.