DECODE aims to develop a privacy preserving data distribution platform to foster commons-based sharing economy models, where citizens own and control their data. This asks for a privacy by design-based approach, for which the concept of privacy design strategies have recently been developed.
The General Data Protection Regulation (GDPR), as well as other data protection or privacy protection laws and regulations, define data protection in legal terms. These terms are soft, open to interpretation, and highly dependent on context. Because of this inherent vagueness, engineers find such legal requirements hard to understand and interpret.
In response, this report describes the legal constraints, the initial DECODE architecture, the privacy design strategy approach, and privacy in relation to nondiscriminatory data mining in the context of DECODE. The result is a list of concrete recommendations to guide the design and implementation of the DECODE architecture.