PRIVACY FLAG - Enabling Crowd-sourcing based privacy protection for smartphone applications, websites and Internet of Things deployments

Date: 
01/05/2015 to 30/04/2018

Introduction

Privacy Flag (PF) combines crowdsourcing, ICT technology and legal expertise to protect citizen privacy when visiting websites, using smart-phone applications, or living in a smart city leveraging user-friendly solutions provided as a smart phone application, a web-browser add-on and a public website. It develops a highly scalable privacy monitoring and protection solution as well as a global knowledge database of identified privacy risks, together with online services to support companies and other stakeholders in becoming privacy-friendly. Furthermore, it collaborates with standardization bodies and it disseminates towards the public and specialized communities (such as ICT lawyers, policy makers and academics).

Who is the project designed for?

Privacy Flag develops a clear methodology and a suite of assessment tools to be used by various stakeholders, aiming to enhance awareness about privacy protection when visiting websites, using smart-phone applications or accessing IoT applications.

Privacy Flag promotes innovation capacity and competitiveness for the market. In particular, it implicates for rebalancing and mitigating unfair competitive advantages, as improvements in privacy protection do constitute a competitive advantage for the European industry, especially by promoting and publicizing the European norms for personal data protection at the global level. Data collected on European citizens is largely used by non-European companies to support marketing and these get a competitive advantage towards the competition, creating an effective bias. By limiting such access, Privacy Flag contributes to mitigate this unfair economic bias.

Privacy Flag also supports both European industry and SMEs as it promotes solutions providing an extra guarantee when accessing Internet or when using smartphone applications. Privacy Flag enhances SMEs’ actions working in cyber security and resilience as well those involved in the privacy and data protection market. Moreover, it supports activities in the research community and promotes aspects for innovative standardization initiatives in a collaborative framework with related bodies and/or authorities.

How is your project benefitting the end-user?

Privacy Flag combines crowdsourcing, ICT technology and legal expertise to protect citizen privacy when visiting websites, using smart-phone applications or living in a smart city and accessing IoT applications.
Privacy Flag develops a clear methodology and a suite of assessment tools, publicly and easily accessible by all involved end-users, to evaluate the level of risk for privacy and personal data exploitation by third parties for different perspectives, including:

  • Citizens, which constitute the “main target” group;
  • Companies and SMEs;
  • Smart cities and public administrations, considering deploying of Internet of Things;
  • Researchers and research projects to assess their risk level to breach privacy;
  • ICT Lawyers and policy makers.

Moreover, Privacy Flag implicates for a broader societal impact via increasing end-users’ awareness about privacy protection. Furthermore, Privacy Flag also implicates for environmental impact via reducing unwanted data flow on the Internet and mobile phone network as well as for economic impact via promoting innovations and competitiveness for the market
In order to support the long-term maintenance and exploitation of the Privacy Flag platform, a dedicated legal entity aiming at protecting privacy and personal data protection has been set-up in Geneva, Switzerland to “liaise” with ISO, ITU and IEC.

Please briefly describe the results your project achieved so far

  • Three user-friendly and freely available tools for citizens, including an Android application, an add-on for their Internet browsers (both enabling users to monitor/identify threats on their privacy) and a public website.
  • Distributed crowdsourcing privacy monitoring platform, enabling the crowd to mutualize their efforts and resources by running a local application.
  • Universal Privacy Risk Area Assessment tool and Methodology (UPRAAM) for evaluating the level of risk on privacy and personal data protection, “matching” the European and international norms/standards.
  • Privacy enablers integrated into the application and browser add-on for privacy risk assessment and traffic analysis/protection.
  • Global knowledge database on privacy risks indexing websites, smartphone applications and IoT deployments, fed by the crowd (applying the UPRAAM), by alerts received.
  • Voluntary Compliance Commitment tool (VCCT) enabling any company or public administration to formally and publicly commit/abide to respect the European standards, even if located outside of Europe.
  • On-line resources to improve privacy.
  • In-depth privacy risk analysis on-line tool for experts.
  • Labelling and certification process proposed to companies with solutions fully compliant with the privacy requirements.
  • Standard on privacy labelling by exploring the possibility to cooperate with the ESOs.

What are the next steps for your project?

Privacy Flag has already developed and tested a platform providing several user-friendly and freely available tools to the citizens to be accessed:

  • As an add-on in their Internet browsers;
  • As an Android application on their smart-phone;
  • As a public website.

Further actions aim to extend the applicability of those tools and promote their usage in a wider framework, accessing more end-users and potentially offering updates/enhancements, where relevant.
In addition, Privacy Flag has developed a Voluntary Compliance Commitment Tool (VCCT) enabling any company or public administration to formally and publicly commit and abide to respect the European standards, even if located outside of Europe.
A legal entity has been formulated within the Privacy Flag consortium aiming to support the long-term maintenance and exploitation of the platform.

News

Project of the Week - HERMENEUT

Cyberwatching.eu Project of the Week: HERMENEUT

Enterprises Intangible Risk Management via Economic Models based on Simulation of Modern Cyber Attacks

A Dynamic Solution for Intangible Assets

 

Project Hermeneut is a Horizon 2020 research and innovation project focusing on the economic aspects of cybersecurity, specially regarding intangible assets. It started in May 2017 and with a duration of 24 months it’s now approaching its end.

Future Events

ICDS 2019, The Thirteenth International Conference on Digital Society and eGovernments
21/02/2019 to 28/02/2019
Image:

From February 24th to the 28th, 2097, the ICDS 2019, The Thirteenth International Conference on Digital Society and eGovernments will be host in Athens, Greece.

The event will focus on state-of-the-art public services, e-government services in the context of digital society, Internet and web services, digital intelligence, networking and telecommunications, e-commerce, e-business and other areas.

Global Cyber Security Summit
27/02/2019
Image:

Global Cyber Security Summit

Developing a Robust Cyber Defense Strategy

Please Note: This program is under Chatham House Rule