Demo Lounge

The Demo Lounge held during the lunch hours of Thursday 26 and Friday 27 September in Hall F is the place to be during lunch at MyData 2019!

Enjoy demos from exciting new projects, companies, and initiatives.

BBC Box

BBC Research & Development are using the BBC Box experiment to explore what potential services the BBC (and others) could provide people in the future linked to their personal data. An important part of these experiments includes the ability for people to move their personal data around and use it in different ways – something the new data protection law, GDPR, makes possible. The prototypes we’ll demonstrate take personal data stores into the physical realm to understand what this could mean in practice.

UBDI Demo

UBDI allows individuals to securely aggregate millions of data points about themselves from their social, financial, wearable, entertainment, and health accounts and monetize aggregated, anonymized insights from that data in the $76 billion financial and market research industries. Companies can study their ideal audience by analyzing authenticated, structured data combined with tailored qualitative responses that participants provide in a fraction of the time of traditional online surveys — while maintaining user privacy and complying with GDPR. UBDI will demonstrate how users are privately matched with studies based on verified data such as “female in 30s who spent more than $100 on coffee in last month and runs more than 8 miles weekly” – all without holding PII. We will show our distributed query architecture and edge processing and demonstrate powerful new research possibilities that result from rich data sourced directly from individuals.

Open Privacy Network (OPN) – Digital Trust – Independent of Orgs

Demo of a My-Data Controller Registry for privacy and surveillance transparency. Demonstrating a Live Data Protection Transparency and Notice service called privacy broadcasting for policies and IoT surveillance.

Personium – Open Source PDS used in Japanese Data Banks

A brief demonstration of open source PDS Personium, which serves as a central component of multiple Japanese Data Bank platforms. We will demonstrate a sample application used in Dentsu/Fujitsu joint workshops conducted in Tokyo last month.  It recommends attractive and efficient time usage between your busy schedules (Google Calendar, etc) according to your interests and preferences stored in your PDS. Production version of this application will be launched for office workers in the financial center of Tokyo (Marunouchi) by the end of this year. 

MyData Pilot Project within the Slovak public administration

The goal of the Slovak My Data pilot is to implement an approved student status record that should help students to get their discounts for travel, further education, student bank accounts and other services as well as to confirm to their employers and public servants that they are students and thus can have special working conditions, contracts and state-supported social and healthcare insurance. The overall solution is guaranteed by the Office of the Deputy Prime Minister of the Slovak Republic for Investments and Informatization www.vicepremier.gov.sk in cooperation with the innovative company digi.me. The digi.me solution is being integrated with the Slovak central government data integration platform. This platform pushes a copy of personal data into the citizens’ Personal Information Management System based on digi.me (please refer to the figure for further explanation). The team is currently working on interesting use cases for banks and transporation service providers who want to cooperate closely and be the first ones to launch proactive personalised services using this new My Data architecture.

SHOW CASE IOT PERSONAL DATA PROTECTION

At Amborella, we developed a project called YourPrivacyYourControl, dedicated to privacy protection for personal connected devices.

The Project summary has been included in the white paper presented to the french assembly last April (included in the white paper made by Olivier Dion and Matthias De Bievre, about “Privacy Tech”) , and raised a lot of interest, as from the European Telecom Standard Institute (where I’m a board member).

The principle is quite simple: regulation should force companies to focus on one activity only: Processing the data or Protecting the data. In other words, when a company process the data, it shouldn’t be given access to the decryption keys. So principle is in line with EEC practice, but application to data produced by IoT is going to cerate a big battle against multiple interests, all willing to gather more data about each of us.

We are now building the very first ecosystem to make this happen, as the technology is already available. We already have strong interest from tier one leading companies in IoT/AI/Data/Personal devices areas.

Unbiased – Connecting people using blockchain technology

Blockchain Technology is the new hype in main-stream tech industry. And based on many industry reports majority of the companies are looking into this domain and they all believe that it will adopted to various industry applications in near future.

We at Unbiased, are mainly focused on data, analytics and blockchain. Together with our partners Swedish Blockchain Association, we do a lot of events and studies in this domain.

During this presentation, we would like to explain and evaluate if blockchain can really solve the issues in current data architectures. We will also present a case-study where we are using blockchain first-hand. We think it’s important for this topic to be discussed because we want to break-down the myths about the technology and explain the real use-cases.

Self-Sovereign Identity App

Our Verifiable Credentials system include a set of tools to create, issue and use credentials and digitally certify physical documents to make possible the idea of a self-sovereign identity. We will show how our platform works and front-end app to manage it from the side of the user, the issuer and the verifier.

“Consent receipt in action : a demo of managing consents in a decentralized app”

Sharing of personal data has to be consent based. Consent receipts are a way to record information about which of our personal data is used by organizations and why. Like you would store your shopping receipts to have an overview of your shopping history, you can store consent receipts to have an overview of you data history. It makes sense to use a standard format for the receipt, so it has all the required fields and can be read more easily. That is why we have developed a Kantara compliant consent receipt Generator and Viewer apps.

We also believe a person should be in complete control of her data. Decentralized technologies enable individuals to be independent of any centralized servers for functionalities and storage. That is why we have, in cooperation with Ethereum Swarm, developed a completely browser based Fairdrop app (https://fairdrop.xyz/), enabling serverless peer-to-peer storage of files on Swarm. This can be used as personal data storage – including consent receipts.

We will demonstrate a use case requesting a consent from the individual, him giving the consent and sharing data. He will also browse the already received consent receipts, to see how his data is used.

The libraries used are free, open sourced and the consent Generator and Viewer can be used in “non-decentralised” apps.

“Fair Data Society – a year in review and future ahead by Datafund / Fair Data Society”

While my last year’s talk gave a futures scenario about the digital self, this year’s talk would be a lot more grounded in the now i.e. what can be done now, what are emerging design principles, importance of ethics and the impact on society. Do we want surveillance capitalism to escalate into data slavery, or do we rather prefer to shape a fair data society?

Since last year’s conference, there were significant changes and progress in launching a non-profit initiative called Fair data society that aims to be the platform where all stakeholders of the data economy can meet. The mission of Fair Data Society is to enable foundations and infrastructure for a fair and sustainable future. Fair Data Society starts with its principles – these build also upon MyData declaration and would be briefly outlined in the talk.

Moreover, the talk will illustrate the fair data society principles in practice through a walkthrough of a decentralised app called Fairdrop – a secure and serverless file transfer over decentralised storage network (not really a demo). Fairdrop is a good example of a so called zero data app, an app that doesn’t track the individual and provides full privacy without sacrificing user experience. In addition, Fairdrop is hosted on decentralised storage network Swarm, making it censorship resistant and ddos fault tolerant. Building such zero data apps, that respect privacy of the individual in a “can’t be evil” way is today a lot easier. especially with the use of Fair Data Society’s fds.js library.

While demonstrating zero data apps through Fairdrop, this will be also the opportunity to unveil a new open source tool, a consent generator library that creates cryptographically valid consent receipts. These receipts can be also saved locally or anywhere the user wants, enabling creation of dashboards for consent management and more. Zero data apps can be compliant with the law, giving more power to the individual. The project is funded by Sitra and done in coordination with Kantara Initiative.

Towards the end of the talk, I’d speak more how the challenges are by far not just technological but also social. In this regard, raising awareness is of great importance. The talk would end with a call-to-action for even greater cooperation and openness. Transforming the data economy is bigger than any of us and we need to work together.

“Privacy Identity Protection by MJS Information Management and Communications”
Provide Privacy protection for the people (consumers) including:
a. Data Privacy Awareness
b. Education on use of Social Media with Privacy concerns in mind
c. Customized services (digital forensic)
To solve this problem:
        Leak of personal information (Privacy violation) when using Social Media or
        eCommerce or even government services
The proposed solution:
With PIPS (Privacy Identity Platform and Services)? You will have a smart phone app, providing education, and customized one to one services. and
 providing information and education of personal data shared with social media and e-Commerce and also providing a personal authentication and privacy identity protection platform.
“Active Permissioned Data (How to deprecate notice and consent)”

The JLINC protocol enables solutions based on permissioned data. This demonstration will show software based on the JLINC protocol that enables individuals to directly and dynamically control their data in systems that are processing their data. The protocol includes Decentralized Identifiers (DIDs) and cryptographically signed Information Sharing Agreements (JSON-LD) for real transparency and mutual accountability.

“Multipurpose chatbot demo using AI for anonymous but customised guidance, case: parents separating”

In complex life-events such as parents divorcing, an individual typically has wide range of needs that could be covered by multiple public and also private sector organisations. Currently, the individual is responsible for finding the services himself. In human centric service offering concept, the individual could describe his unique needs holistically, and the service providers would propose suitable services in co-operatively.

We would like to demonstrate a new service offering paradigm in which the services are proposed for the individual’s unique need by and AI. We use a chatbot to ask a wide range of questions from the individual, holistically, covering eight different sectors of well being (ref. Stiglitz quality of life). In addition, we have another chatbot that asks questions in order to gain understanding on more acute services needs. We have trained an AI which is able to propose public sector services when given the data collected by the chatbots.

As a result, we are able to provide a more human centric service proposal for the individual. The questions presented by the chatbots help the individual to gain situational awareness of his needs. The responsibility of connecting the needs to services is taken care by the AI, instead of the individual himself.

“Gaming Brotherhood: How can we achieve personalization of content marketing in a privacy by design world”

At Gaming Brotherhood we have created a privacy by design platform that aims to humanize marketing by putting people in the center of marketing and help companies treat people not only as receivers of marketing messages but also as active producers of those.

Through our automations in marketing we want to enable companies to be able to produce content at a scale that they will be able to market their products to each person differently. In a way that is relative to this person. In a visual and contextual way that will help them showcase how much they value this person’s personality.

Content marketing must address each and every one in the world in that particular way that we are special. Because everyone in the world is special in a way.

User experience, in terms of comments, public endorsement or recommendations via the social media is a common and increasingly popular marketing and advertising practice.

However the balance between privacy and usage of users’ experience for market purposes is a problematic aspect of this highly influential marketing method.

So far, the common practice would be to indirectly elicit users’ comments and use them for advertising and/or marketing purposes without their knowledge or their consent.

Their names, and often other personal details, would be obtained and published without the authorization of the users, who had little to no control over their personal data.

In GB we want to change this, offering a privacy aware solution that would allow companies to create marketing and advertising content based on customers’ testimonies, respecting their privacy and safeguarding that they remain in control of their data. As our vision is to place the individual in the center of marketing and advertising process, we invest in assisting the establishment of trust relationships between the customers and the marketeers. In that context, privacy is the cornerstone of our efforts.

We believe that Gaming Brotherhood may serve as an example of how old marketing methods can be changed towards respecting and empowering the individuals, while abandoning privacy intrusive methods

“LIVE! Demo of a Interoperable Personal Data Receipt Ecosystem – the Kantara Initiative Privacy Control Panel System”

This live demo shows six Kantara Initiative Working Group participants’ products interoperating to generate, store, present, and act on Personal Data Receipts. We have assembled a non-commercial Privacy Control Panel system and want to show it off to you!
Today, online service providers get information from or about you so that they can provide services. New privacy and data protection regulations have been coming into effect, which increase the requirement for notice, transparency and accountability when your data is collected and processed. Service providers are required to keep records about their terms of service and your agreement.
At their core, these regulations embody variations of the OECD basic principles of privacy protection which suggest the obligations of providers and the rights of the individual.
There are very few tools available to the individual internet user to help them understand, manage and control their online information.
This creates a power imbalance if one wants to go back later and exercise rights with respect to data – because you probably don’t remember who, what, where, when and how the service provider got your information.
There’s a solution!
Imagine if the service provider offered you a “Personal Data Receipt”. This receipt would include timestamps, the contents of the privacy notice you saw, what data was collected for what purposes, conditions like ‘delete-by-date’ instructions, and other useful facts. Just like a store checkout receipt, if there’s an issue later on or if you want to look back to see what you did last year, you can open up the receipt and take action.
In 2018, Kantara Initiative published the “Consent Receipt Specification v1.1” which is an interoperable Personal Data Receipt specification tailored to a specific legal basis for processing. This demo shows real products in action working with these receipts.

“MAZI DIY Networking toolkit”

MAZI develops a toolkit for building local, community wireless networks: MAZI Zones. We call this alternative technology Do-It-Yourself networking. It combines wireless technology, low-cost hardware, and free/libre/open source software (FLOSS) applications. MAZI Zones will be easily deployed and configured based on a rich set of customization options and interdisciplinary knowledge.

The MAZI toolkit introduces an innovative, decentralised, people-lead paradigm by offering a trustworthy framework that utilizes concepts like Open Source Software and the Participatory Design, which eventually leads to a data-centric decentralized platform. To further enhance the notion of a data-centric decentralized platform the MAZI toolkit offers an offline mode. This enables the creation of local communities that the data they use are generated and consumed in the same place, keeping the ownership of the data throughout this cycle. In both offline and online communication, issues of surveillance, security and trust are of great significance; by using the aforementioned data-centric offline decentralized model the MAZI toolkit tackles all those issues.

“Creating WIN-WIN for organisations and users via iGrant.io”

In this demo, we will demonstrate iGrant.io platform which showcases the following:
– Org view: Organisation dashboard and its easiness of standardising data models.
– End user view: Personal data management for users via mobile app/SDK/APIs/Privacy dashboards

This demo showcases how organisations can enable trust and transparency towards their users with regard to their data, enabling them to say YES to data sharing. During the demo, the users can use our app/portals etc to mark their choices and preferences when it comes to data sharing.

“Universal DID Resolver and Registrar”

Decentralized Identifiers (DIDs) are currently being specified at the World Wide Web Consortium (W3C). They are a new kind of identifier that can be generated, resolved, updated, and deactivated by a subject alone, without dependency on any central authority or intermediary. In this demo, we will show the Universal DID Resolver and Registrar. Those are community-maintained tools that make it possible to experiment with this new technology and build higher-level applications and services on top of DIDs.

“Numbers Data Wallet – take the control back, invest with your own data”

Numbers is a data network. The idea behind Numbers is very simple, users who own the data and contribute data, such as you and I, we should get the reward. Numbers wants to rebuild data economics with fairness. Data consumers pay to use data just like what they do today, but in the numbers network, data owners get the reward from the data they contribute.

The goal is big, but we want to be practical, one step at a time. Firstly, we help users create their personal data wallet to manage data generated from mobile phones, walking, sleeping, browsing history, social media data, etc. If data is the most valuable asset in the 21st century, users need a data wallet to manage their data as well. Numbers data wallet is an App running on mobile systems, it is easy to use, easy to manage, so users can use it to collect and manage their own data easily.

Secondly, Numbers is the data wallet for you, and you don’t want to go to App Store or Android Market to download the wallet, you want it to be built in. Therefore, we cooperate device manufacturer to preload the Numbers data wallet so users can have easy access to it. We have a revenue-sharing model with our partners so they have the incentive to do so. What Numbers do is to rebuild data economics with fairness and everyone can benefit.

“Decentralizing OAuth, data and permissions in a Post GDPR world”

ALIAS is enabling people to have a progressive and controlled digital identity, by using different aliases which are representation of a set of personal data. ALIAS technically achieves that by decentralizing OAuth protocol to make users able to get back control and ownership on their resource server “their personal data” and manage permissions to 3rd parties via a decentralized ecosystem of Authorization server “their wallet”.

Contrary to classic OAuth flow, our protocol is stateless and every token is an official and compliant GDPR contract containing all permissions “scopes”, destinations, treatment data, consent data, 3rd parties and metadata about the “Contract” , contrary to classic token which are opaque value.

You can see a draft reference implementation here. Also, the user experience behind ALIAS protocol front end also enables to automate GDPR requests at the moment of the agreement and consent to share data, to make it easy for users to exercise their portability rights
https://github.com/progressive-identity/ref

Driving innovation in Personal Data with privacy, security and consent

Digi.me will demonstrate the how the Personal Data Ecosystem is helping to drive innovation and new solutions technology. The safe mobility and ethical use of personal data is a key delivering new value in people’s lives and growth opportunity for the economy.
Showcasing the latest use cases we will demonstrate how more data can be shared with complete privacy, security and user consent.
Our use cases show how organisations are using digi.me’s Private Sharing technology to create unique solutions that make a substantial impact for businesses, individuals and help to open paths for greater innovation.

Use Cases include:
UBDI https://www.ubdi.com/
TFP (That F’ing Post) https://www.tfpapp.com/
The Health Data Exchange https://thehealthdataexchange.org/

LEDGER – The Venture Builder for Human Centric Solutions

LEDGER second open call will open in November and will be offering up to €200k equity-free and a venture builder programme of 12 months to projects willing to build human-centric solutions using decentralised technologies where citizens retain control over their data.

LEDGER, an EU funded project part of the Next Generation Internet initiative, promotes alternative models where data is a common good owned by citizens and wealth created by data-driven platforms is equally distributed. The Project supports Research and Innovation projects addressing: Privacy-by-design, reliability, trustworthiness and openness as core values.

LEDGER supports organisations and teams of developers, researchers and entrepreneurs taking research contributions and decentralized technologies to develop Minimum Viable Products.