The OPERANDO project is able to take significant and complex responsibilities from Governments and Service Providers by:
- Holding sensitive Personal Data offsite.
- Ensuring compliance with evolving data protection legislation.
- Holding data using a different Trust Model: an open source organization that exists for trust.
OPERANDO offers service users control over their data in that:
- Consent of service users is explicit.
- The ability to express personal preferences regarding data is available.
- A third-party in the unequal power relationship between local government and service user is introduced.
OPERANDO enables new business opportunities because:
- Data can be used for analysis and hence offer improved services.
- Anonymised Data can be shared with the user’s consent to facilitate research.
Business to Consumer - B2C: consumers, users of social networks and B2C online services.
Government to Consumer - G2C: Public administrations, Government, Health/social care and Regulated business entities.
- Consumers are overpowered by the aggressive privacy invasion practices of Internet giants.
- The “You are the product” phenomenon – free services tempting customers to divulge vast amounts personal information that is monetized by OSPs.
- Consumers are not capable of keeping track of the changing permissions and privacy settings.
- Aggressive tracking of customers across sites and platforms, accompanied by intrusive behavior profiling and advertisements.
- Consumers do not partake in the benefits from monetization of their private data
- Government institutions need to hold personal data. However, they have a duty to be transparent in their use and need to get consent from the data subjects.
- Lack of transparency with what is done with the provided data and “all or nothing” consent models.
- Managing personal and health data according to regulations is both complex and money consuming, especially when the regulation changes and these change affect the Health Information System.
- Existing regulations are both complex to understand and to implement, and changes to these laws require costly measures to remain compliant. This provides a strain as costs need to be contained.
- The data which is held on citizens could be used more effectively, for example in research or to improve services. However, this requires funding, improved data management and changes to policies.
For Service Providers: consuming privacy services will grant the ability to benefit from: i) Cost-effective compliance with privacy regulations; ii) Access to a lucrative user base and big data analytics reports; iii) Avoid assumed consent, and inadvertent exposure of unsolicited information; iv) Easy requests for information, allowing sharing between organisations for co-ordinated care; v) Sensitive Personal Data is held offsite; vi) Compliance with evolving data protection legislation is ensured.
For Data Regulators OPERANDO will provide access to the human- and machine-readable privacy guarantees of the Service Providers, and the ability to input privacy regulations in a similar form. This will allow an automated audit for compliance with the relative regulations. The OPERANDO project has engaged consumer rights and standardization organizations, endorsed by the EU, as members of its Advisory Board, and will act to position the OPERANDO platform for endorsement by European governments.