ETHICS DRIVEN DESIGN &BLOCKCHAIN ASSESSMENT

Luigi Briguglio

2

1Dealing with

Digital

Identities

2The

Background

Framework

3The Ethics

Monitoring

in action

6The

Assessment

4The Legal &

Ethics

Requirements

5The

PoSeIDon

Platform

7The

Driven-Ethics

Approach

DEALING WITH DIGITALIDENTITIES

3

stands for “Protection and control of Secured Information by means of a privacy enhanced Dashboard”

arose from the General Data Protection Regulation (GDPR) implementation challenges, and the security issues related to the management of digital identities

aims to transform the perception of GDPR as an administrative burden into a more widely accepted approach to see GDPR as an opportunity, and reinforcing transparency and trust in society

G.A. no. 786713 (2018 – 2020)

4

• 2000: European Charter for Researchers

• 2007: Charter of Fundamental Rights of the EU

• 2012: Guide for Research Ethics Committee Members.

• 2014: Rome Declaration on Responsible Research and Innovation in Europe

• 2016: Regulation (EU) 2016/679 (GDPR)

• 2017: European Code of Conduct for Research Integrity

• 2018: Handbook on European non-discrimination law

• 2019: Regulation (EU) 2019/881 (Cybersecurity Act)

THE BACKGROUND FRAMEWORK

• aims at describing the legal and ethics conceptual framework of

privacy and data protection as fundamental human rights, with

special focus on the “right to be forgotten”

• historical path that allows the reader to comprehend the

rationale behind the entering into force of the GDPR

THE BACKGROUND FRAMEWORK

5

RATIONALE

INTERPRETATION

IMPLEMENTATION

EV

OL

UT

ION

19

8720

07

19

9520

1220

14

20

16

20

13

19

8720

07

19

9520

1220

14

20

16

20

13

THE ETHICS MONITORING IN ACTION…

6

Awareness on Ethics

Specific Issues

WP Context

Panel Discussion

EMAIL

TELCO

MEETING

• Defining the Background Framework

• Providing Legal & Ethics Reqs and recommendations for 9 areas in the GDPR laying the foundation for platform development

• Terms and Conditions of the platform

• Assessment of Platform, with annex to the specifications and implementation details (white paper)

THE LEGAL AND ETHICS REQUIREMENTS

7

Req Id Requirement Description GDPR

LER1 Secure and reliable identification, authentication and data access should be ensured. Articles 5, 15, 25 and 32

LER2 A withdrawing form should be available in the platform. Article 7 par. 3, and 17

LER3 A mechanism should be implemented to identify the specific data that is to be blocked

or restricted.

Articles 18, 21 and 25

LER4 Extracted data should be limited to the identified and authenticated person concerned

and communicated securely (e.g. encrypted).

Articles 5, 25 and 32

LER5 Appropriate information should be provided to individuals to exercise their rights and to

ensure transparency.

Articles 5, 12, 13 and 14, and 37

LER6 Appropriate procedures for the governance of the system and its operations should be

identified and adopted in case of exercise of the rights

Articles 5 and 12

PROPOSED

SOLUTIONS FROM

SoTA

Destruction of the

Private Key 1 Fork3Pruning2

THE POSEID-ON PLATFORM

8

• Based on LERs identified in

Chapter 2 (part of D2.2)

• Development Guidelines:

– A permissioned blockchain network

– Smart Contracts

– User operations

– API and “mnemonic words”

– Information on Transactions status

• Burneable Pseudo-Identities

THE POSEID-ON PLATFORM

9

THE ASSESSMENT

10

LERs

GDPR ART(s)

MEASUREs

• The assessment is based on the 6 Legal and Ethics Requirements (LER), the relative GDPR Article(s), as well asthe design choices (measure) behind the platformimplementation

• 7 measures have been identified:

– Combination of digital certificates and digital signatures

– Hiding complex technology implementation behind one-click button

– Permission Lifecycle Model

– Data Exchange management by design

– Erasure Event and Notifications

– Specified Events and Processes

– Contact details of Data Processors

• Blockchain as a disruptive technology, i.e. sweeps the traditional systems away and replaces habits

• Social Acceptance analysis is fundamental. It lays the foundation for a “human first” approach in a “ethics-by-design” development process

• Now, more than ever, there is a growing need for innovative technological solutions to help society to achieve a sustainablefuture and an improved wellness

• The “ethics-driven” approach of PoSeID-on (based on a better understanding of the technology, the respect for human rights and willingness to use it) aims at reducing the barriers of diffidence and mystification against blockchain, and fostering its wider and faster deployment

THE ETHICS-DRIVEN APPROACH

11

• realised a White Paper, a well-

balanced “patchwork” of the project outcomes, seen

from the different perspectives of PoSeID-on experts

• A self-contained document that accompanies the

reader throughout a path, running into

– Legal & Ethics concerns,

– Design Choices behind the implementation;

– Societal Benefits derived by the ethics-driven

development process

• Pending publication in MediaLaws no.2/2020

FOR FURTHER DETAILS…

12

THANK YOU