A new way of managing personal information set to maximise people's chances of privacy is being developed by computer scientists, led by a researcher at Queen Mary University of London (QMUL).
The £1.5m Databox Project seeks to give users greater awareness of how their personal data is used by third parties like businesses or Internet providers, and give them more control over their own online generated data over multiple devices such as mobile, tablets and computers, both in and outside the home. It will also act as a virtual private network and provide encryption services for the users, which will serve to enhance security and privacy for personal information.
Over the next three years the project team from QMUL, University of Cambridge and University of Nottingham will build an open-source networked device that is supported by cloud-computing, and which collates, curates, and mediates access to an individual's personal data by verified and audited third party applications and services, such as Facebook, Amazon or Google.
Some data, such as age, gender and location, collected about people and often generated by them, can be analysed by businesses and used to draw inferences about personalities and behaviour, like Amazon's product recommendations based on recent searches and purchases, or Facebook's targeted ads relating profile details. However, not all data is shared by choice, rather that information is handed over to companies by default.
Project leader Dr Hamed Haddadi from QMUL's School of Electronic Engineering and Computer Science, said: "Building privacy, trust and security into the evolving digital ecosystem is one of the most important challenges facing modern society today.
"The Databox Project provides a way of linking personal information over different platforms, which allows people to exercise control over access to and use of their data. This will enable a new privacy-aware application ecosystem, supporting applications making use of rich, diverse data sources in ways that are currently not possible."
In addition to storing user information securely, the Databox Project will also allow controlled access to verified third parties with whom the person is happy to share their information.
The specific research objectives in this project include:
- Creation of Databox to shape the design and build user-centred infrastructure, including APIs (application program interface) enabling data processors to build applications that consume personal data;
- Design and build of Databox platform that collects coherent datasets spanning both individuals and groups, for example, families or business teams;
- Iterative design of applications, interfaces and interactions with data to understand the requirements for human-data interaction, including questions of ownership, privacy, and utility;
- Real-world deployment of the Databox, its APIs and applications to understand the motivations and values that drive the future use of personal data, and the practices that shape and control its use.
The Databox Project will run for three years and starts in September 2016. It is funded by the Engineering Physical Sciences Research Council under its Trust, Identity, Privacy and Security in the Digital Economy theme.
Industry partners include the BBC, BT, Microsoft Research, and Telefonica. The project is also supported by the Internet Society, Open mHealth at Cornell Tech, and the Horizon Digital Economy Research Institute.