The concept first consists in designing and developing a set of modules that exploit both existing and novel approaches to protect privacy in a certain number of data analytics mechanisms. These contributions can be captured through the following requirements:
Requirement 1 Privacy by Design
The General Data Protection Regulation (GDPR) requires embedding privacy enhancing technologies (PETs) into the design of information technologies. This is captured by the notion of privacy by design. To comply with this requirement, the PAPAYA project will adopt this approach in the design of privacy preserving data analytics modules.
Requirement 2 Integrated Platform
The different modules will be used in concert and in an interoperable manner in a single platform. In addition to the privacy preserving modules, the platform will provide particular end users, such as developers, with the underlying cryptographic primitives (for instance, secure multi-party computation) that can be exploited by future new data analytics modules.
Requirement 3 Usability and Transparency
Indeed, privacy by design requires identifying and implementing the adequate usability principles and practices so as to facilitate the user experience with respect to data disclosure and the rights the data subjects can exercise over their data. Besides, privacy preserving data analytics should provide the data subjects with transparency and control measures.
Requirement 4 Auditability
Closely related to the transparency requirement, auditability is required in the privacy-by-design concept to increase data awareness. More specifically, enabling data subjects to control and review the behaviour of the PAPAYA platform with respect to the data they disclose is paramount. The outcome of secure auditing can be presented to the end users to assess what is done with their data.