OPERANDO - Online Privacy Enforcement, Rights Assurance and Optimization

Date: 
01/05/2015 to 30/04/2018

Introduction

The goal of the OPERANDO project is to specify, implement, field-test, validate and exploit an innovative privacy enforcement platform that will enable the Privacy as a Service (PaS) business paradigm and the market for online privacy services.
The OPERANDO project will integrate and extend the state of the art to create a platform that will used by independent Privacy Service Providers (PSPs) to provide comprehensive user privacy enforcement in the form of a dedicated online service, called “Privacy Authority”. The OPERANDO platform will support flexible and viable business models, including targeting of individual market segments such as public administration, social networks and Internet of Things.
A key aspect addressed by OPERANDO is the need to simplify privacy for end users (data subjects). OPERANDO will support a simple Privacy Dashboard allowing users to specify their preferences. These will be automatically compared with Online Service Provider (OSP) privacy policies and translated into personal data access control decisions by the PSP.
OPERANDO will also address OSP requirements for simplified privacy compliance checking and auditing, to verify that they will meet user expectations or to satisfy privacy regulators. The technology will be trialled in the health care and public administration sectors.

Who is the project designed for?

The OPERANDO consortium aims to contribute to the entire ecosystem of online privacy stakeholders: Users, PSPs, Online Service Providers and Regulators. Federation of Privacy Authorities will be supported to increase value of the services and their uptake. The OPERANDO platform will be positioned for endorsement by European governments and standardization bodies. To increase transparency of the privacy services and dissemination of results, OPERANDO outcomes will be implemented in Open Source, and will be made available to the community for evolution and value-adding beyond the scope of the project.

How will your project benefit the end-user?

For end users OPERANDO provides the ability to manage all online privacy issues in an intuitive web-based dashboard. The user can set their User Privacy Policy (UPP) according to their preferences, which will be transparently enforced for each of the user’s devices. The service will be free to users and simple to enrol.

For Service Providers: consuming privacy services will grant the ability to benefit from:

  1. Cost-effective compliance with privacy regulations;
  2. Access to a lucrative user base and big data analytics reports;
  3. Avoid assumed consent, and inadvertent exposure of unsolicited information;
  4. Easy requests for information, allowing sharing between organisations for co-ordinated care; v) Sensitive Personal Data is held offsite;
  5. Compliance with evolving data protection legislation is ensured.

For Data Regulators OPERANDO will provide access to the human- and machine-readable privacy guarantees of the Service Providers, and the ability to input privacy regulations in a similar form. This will allow an automated audit for compliance with the relative regulations. The OPERANDO project has engaged consumer rights and standardization organizations, endorsed by the EU, as members of its Advisory Board, and will act to position the OPERANDO platform for endorsement by European governments.

Project type:

News

A Holistic framework: Business Process Re-engineering and functional toolkit for GDPR compliance

BPR4GDPR is one of the GDPR cluster projects that will provide a holistic framework able to support end-to-end GDPR-compliant intra- and interorganisational ICT-enabled processes at various scales, while also being generic enough, fulfilling operational requirements covering diverse application domains. Read this to find out more.

Future Events

IAM Online Europe live webinar - AARC Extensions to the REFEDS Assurance Framework
27/06/2019
Image:

AARC is holding a live webinar on 27 June 2019 at 15:00 CEST, that will explain extensions to the REFEDS Assurance Framework and implementations that were devised in the AARC project.

Representation of the State of Hessen to the EU
04/07/2019 to 05/07/2019
Image:

Project CyberSec4Europe (Cyber Security for Europe) is holding it next event - "Representation of the State of Hessen to the EU" in Brussels, Belgium on 4-5 July 2019. 

Other three pilots are invited during CyberSec4Europe meetings.

 

Visit the OFFICIAL EVENT WEBSITE.