ethics driven design & blockchain assessment · 2020. 8. 10. · ler3 a mechanism should be...
TRANSCRIPT
ETHICS DRIVEN DESIGN &BLOCKCHAIN ASSESSMENT
Luigi Briguglio
2
1Dealing with
Digital
Identities
2The
Background
Framework
3The Ethics
Monitoring
in action
6The
Assessment
4The Legal &
Ethics
Requirements
5The
PoSeIDon
Platform
7The
Driven-Ethics
Approach
DEALING WITH DIGITALIDENTITIES
3
stands for “Protection and control of Secured Information by means of a privacy enhanced Dashboard”
arose from the General Data Protection Regulation (GDPR) implementation challenges, and the security issues related to the management of digital identities
aims to transform the perception of GDPR as an administrative burden into a more widely accepted approach to see GDPR as an opportunity, and reinforcing transparency and trust in society
G.A. no. 786713 (2018 – 2020)
4
• 2000: European Charter for Researchers
• 2007: Charter of Fundamental Rights of the EU
• 2012: Guide for Research Ethics Committee Members.
• 2014: Rome Declaration on Responsible Research and Innovation in Europe
• 2016: Regulation (EU) 2016/679 (GDPR)
• 2017: European Code of Conduct for Research Integrity
• 2018: Handbook on European non-discrimination law
• 2019: Regulation (EU) 2019/881 (Cybersecurity Act)
THE BACKGROUND FRAMEWORK
• aims at describing the legal and ethics conceptual framework of
privacy and data protection as fundamental human rights, with
special focus on the “right to be forgotten”
• historical path that allows the reader to comprehend the
rationale behind the entering into force of the GDPR
THE BACKGROUND FRAMEWORK
5
RATIONALE
INTERPRETATION
IMPLEMENTATION
EV
OL
UT
ION
19
8720
07
19
9520
1220
14
20
16
20
13
19
8720
07
19
9520
1220
14
20
16
20
13
THE ETHICS MONITORING IN ACTION…
6
Awareness on Ethics
Specific Issues
WP Context
Panel Discussion
TELCO
MEETING
• Defining the Background Framework
• Providing Legal & Ethics Reqs and recommendations for 9 areas in the GDPR laying the foundation for platform development
• Terms and Conditions of the platform
• Assessment of Platform, with annex to the specifications and implementation details (white paper)
THE LEGAL AND ETHICS REQUIREMENTS
7
Req Id Requirement Description GDPR
LER1 Secure and reliable identification, authentication and data access should be ensured. Articles 5, 15, 25 and 32
LER2 A withdrawing form should be available in the platform. Article 7 par. 3, and 17
LER3 A mechanism should be implemented to identify the specific data that is to be blocked
or restricted.
Articles 18, 21 and 25
LER4 Extracted data should be limited to the identified and authenticated person concerned
and communicated securely (e.g. encrypted).
Articles 5, 25 and 32
LER5 Appropriate information should be provided to individuals to exercise their rights and to
ensure transparency.
Articles 5, 12, 13 and 14, and 37
LER6 Appropriate procedures for the governance of the system and its operations should be
identified and adopted in case of exercise of the rights
Articles 5 and 12
PROPOSED
SOLUTIONS FROM
SoTA
Destruction of the
Private Key 1 Fork3Pruning2
THE POSEID-ON PLATFORM
8
• Based on LERs identified in
Chapter 2 (part of D2.2)
• Development Guidelines:
– A permissioned blockchain network
– Smart Contracts
– User operations
– API and “mnemonic words”
– Information on Transactions status
• Burneable Pseudo-Identities
THE POSEID-ON PLATFORM
9
THE ASSESSMENT
10
LERs
GDPR ART(s)
MEASUREs
• The assessment is based on the 6 Legal and Ethics Requirements (LER), the relative GDPR Article(s), as well asthe design choices (measure) behind the platformimplementation
• 7 measures have been identified:
– Combination of digital certificates and digital signatures
– Hiding complex technology implementation behind one-click button
– Permission Lifecycle Model
– Data Exchange management by design
– Erasure Event and Notifications
– Specified Events and Processes
– Contact details of Data Processors
• Blockchain as a disruptive technology, i.e. sweeps the traditional systems away and replaces habits
• Social Acceptance analysis is fundamental. It lays the foundation for a “human first” approach in a “ethics-by-design” development process
• Now, more than ever, there is a growing need for innovative technological solutions to help society to achieve a sustainablefuture and an improved wellness
• The “ethics-driven” approach of PoSeID-on (based on a better understanding of the technology, the respect for human rights and willingness to use it) aims at reducing the barriers of diffidence and mystification against blockchain, and fostering its wider and faster deployment
THE ETHICS-DRIVEN APPROACH
11
• realised a White Paper, a well-
balanced “patchwork” of the project outcomes, seen
from the different perspectives of PoSeID-on experts
• A self-contained document that accompanies the
reader throughout a path, running into
– Legal & Ethics concerns,
– Design Choices behind the implementation;
– Societal Benefits derived by the ethics-driven
development process
• Pending publication in MediaLaws no.2/2020
FOR FURTHER DETAILS…
12
THANK YOU