Image

BLOG

Image

It is the means to give personal data the right value. Online systems make money with users’ personal data. It is thus fundamental to know what the economic value of each piece of information is, to let the user take informed decision on what to share, at what price.

It is the means to give personal data the right value. Online systems make money with users’ personal data. It is thus fundamental to know what the economic value of each piece of information is, to let the user take informed decision on what to share, at what price. The D-VT consists in a set of methodologies that will make the value of the data transparent. It will offer standard mechanisms to publish prices, complemented with machine learning approaches to extend the knowledge to other data and systems. This information will be stored in open repositories, so that PIMS can easily give the right value to data.

Market Perspective
The Data Valuation Tools from the market perspective (DVTMP) module developed in PIMCity will leverage some of the most popular existing online advertising platforms to estimate the value of hundreds to thousands of audiences. The DVTMP module aims to provide the monetary value of audiences traded on the main online advertising platforms. This will serve any PIM deciding to implement the DVTMP module to have a realistic estimation of audiences’ value to be traded. The design of the DVTMP pursues the following objectives:

1. Crawling data value of audiences from Facebook, Instagram, and LinkedIn
2. Process, clean, and curate the collected data
3. Store processed data
4. Provide access to the data through an API

Benefits
Nowadays, the auction mechanism is the most prevailing type between sellers and buyers in the data economy. Therefore, a good approximation of the actual value of the data can assist both parties (users and companies) through the transaction. Users usually have less
experience than the companies in marketing activities. Therefore they may underestimate or overestimate the value of their data. This module tells the users the actual value that marketing platforms create using their data. This module benefits the users by:

- Providing real-time value estimation of the data,
- Help the users to sell data at their actual price and avoid losing money by selling it underpriced,
- Providing the estimations simply sending an HTTP POST request to the server.
It also benefits companies by:
- Helping them to target relevant audiences and estimate the cost of their campaigns,
- Buy users’ data at a fair price and do not lose money by purchasing overpriced data

User Perspective
The objective of the Data Valuation Tools from an End-User Perspective (DVTUP) module is to provide estimated valuations of end-users’ data they are selling through the marketplace according to the value this data provides in performing the specific AI/ML task that the buyer wants this data for. This value is not necessarily related to volume nor is equitable for the users, but requires more complex calculations that must be adapted to each specific use case.
DVTUP implements a framework that allows data marketplaces to provide value-based valuations of data products they trade. In particular, DVTUP will provide tools for the TE to:

1. Provide buyers with a hint of how valuable a piece of data is for a certain type of model or even for a specific task.
2. Calculate a fair breakdown of data transaction charges by seller, looking forward to rewarding each user proportionally to the value that each piece of data from different sellers brings to the buyer for a specific task.
In the first case, the output will be the expected accuracy the buyer will get from a dataset if purchased from the marketplace. In the second case, the output will estimate the percentage of a transaction value that corresponds to each seller, and a log of data and results obtained to justify rewards paid to different sellers.

Benefits
DVTUP overcomes some key challenges that are undermining data markets nowadays. In particular:

1. It allows data buyers to try data before they buy (TBYB) and know their value for their specific task beforehand. This feature dramatically enhances their experience and improves the value provided by the data marketplace [2].
2. It allows data marketplaces to reward users in accordance to the value they bring to the specific transactions. Since the value of data is inherently combinatorial, data marketplaces and PIMS usually sell combinations of data from different users or sources to feed a certain AI/ML model. DVTUP ensures the payback to user is fair. This incentivize the provision of high-quality data.

Image

The main function that this module implements is to execute all transactions (between Data Buyers and Data Sellers) within the platform to exchange data for value in a secure, transparent, and fair-for-all way.

The main function that this module implements is to execute all transactions (between Data Buyers and Data Sellers) within the platform to exchange data for value in a secure, transparent, and fair-for-all way. The TE serves as a communication interface between the PIM backend and the data buyers. There is a myriad of data types that can be sold. The TE focuses in bulk data and audience data.

Benefits
Data economy has been increasing in an exponential way but people (real owners of the data) have been taken aside.
With this system, companies and people will be able to interact directly and be part of the multi-billion market data economy. Community developers can also create tools to integrate with Data Trading Engine and participate in this economy.
Benefits for users

○ Allow users to get value from their data with their explicit consent using an API.
○ Users will participate in the data economy for the first time.
○ Users get ownership and decision over their data.

Benefits for companies
○ Get a simple and transparent system to generate data offers and get users’ data with their explicit consent.
○ Get data of higher quality
○ Be a company that protects and comply with data regulations
○ Easy to integrate it into your systems

Example
If a Data Buyer (any company) wants to place a Data Offer (ticket to acquire a bag of users’ data), the Trading Engine will be needed to execute this transaction. The Trading Engine will execute the following steps to generate the transaction:

1. Gets the price for the audience or data being bought.
2. Calculates how many people fit in the budget.
3. Gets the certified list of users with active consents.
4. Fetches their data. If the data size is too big to handle at once, streams are used.
5. Cleans the data.
6. Handles back the data and updates credits in the accounts.

Image

The Personal Privacy Preserving Analytics (P-PPA) module has the goal of allowing data analysts and stakeholders to extract useful information from the raw data while preserving the privacy of the users whose data is in the datasets. It leverages concepts like Differential Privacy and K-Anonymity so that data can be processed and shared while guaranteeing privacy for the users.

The Personal Privacy Preserving Analytics (P-PPA) module has the goal of allowing data analysts and stakeholders to extract useful information from the raw data while preserving the privacy of the users whose data is in the datasets. It leverages concepts like Differential Privacy and K-Anonymity so that data can be processed and shared while guaranteeing privacy for the users.

P-PPA includes a set of functionalities that allow perform data operations preserving the major privacy properties: k-anonymity, z-anonymity, differential privacy. P-PPA is capable to handle different sources of data inputs, that define which kind of privacy property is called into account: we have design solutions for tabular and batch stream, handled with PostgreSQL, MongoDB, and CSV modules, and live stream data.

Image

Privacy Metrics represent the means to increase the user’s awareness. This component collects, computes and shares easy-to-understand data to allow users know how a service (e.g., a data buyer) stores and manages the data, if it shares it with third parties, how secure and transparent it looks, etc. These are all fundamental pieces of information for a user to know to take informed decisions.

Privacy Metrics represent the means to increase the user’s awareness. This component collects, computes and shares easy-to-understand data to allow users know how a service (e.g., a data buyer) stores and manages the data, if it shares it with third parties, how secure and transparent it looks, etc. These are all fundamental pieces of information for a user to know to take informed decisions.

Howit Works?
The PM computes this information via a standard REST interface, offering an open knowledge information system which can be queried using an open and standard platform. PMs combine information from supervised machine learning analytics, services themselves and domain experts, volunteers, and contributors

Image

The primary objective of the Personal Consent Manager (P-CM) is to give the users the transparency and control over their data in a GDPR compliant way. That is, give them the possibility to decide which data can be uploaded and stored in the platform, as well as how (raw, extracted or aggregated) data can be shared with Data Buyers in exchange for value when the opportunity arises.

The primary objective of the Personal Consent Manager (P-CM) is to give the users the transparency and control over their data in a GDPR compliant way. That is, give them the possibility to decide which data can be uploaded and stored in the platform, as well as how (raw, extracted or aggregated) data can be shared with Data Buyers in exchange for value when the opportunity arises.

The P-CM is presented as a web application and a REST API, not only providing users the possibility to use the component in a user-friendly way, but also enabling developers to integrate PIMCity Consent Management capabilities in their products. The architecture of the PDK is depicted in the figure.

Image

It is the means to store personal data in a controlled form. It implements a secure repository for the user’s personal information. It is responsible for storing and aggregating user’s information such as navigation history, contacts, preferences, personal information, etc.

It is the means to store personal data in a controlled form. It implements a secure repository for the user’s personal information. It is responsible for storing and aggregating user’s information such as navigation history, contacts, preferences, personal information, etc.

This can be done in Push or Pull mode, i.e., the user can actively decide which information to store and retrieve; or the system can do it automatically by importing information as the y are collected while the user performs his usual activities like browse the web or move about a city. P-DS can store either the original copy of user data or point to other repositories, e.g., to external services that have already collected the data, limiting data replication if desired.

Image

We offer the PIMS Development Kit (PDK) to commoditize the complexity of creating PIMS. This lowers the barriers for companies and SMEs to enter the web data market. We strongly believe that an open market for data will only flourish if we stop the arms race between users and services. Our PDK reflects the following design principles:of creating PIMS. This lowers the barriers for companies and SMEs to enter the web data market. We strongly believe that an open market for data will only flourish if we stop the arms race between users and services. Our PDK reflects the following design principles:

User-centric model
PIMCity is aligned from its conception with the approach promoted by the MyData movement which advocates a paradigm shift in the management and processing of personal data to move from a model focused on companies that collect data (with little transparency and very little control) to a system focused on the person and totally transparent. The definition of a new human-centric data economy which provides high quality data for businesses and at the same time respects the privacy of end-users is a must.

Interoperability
The architecture of PIMCity must allow users to integrate new data sources and connect them to new services. This property is an important element to generate confidence in a PIMS. Interoperability is the main advantage offered by the PDK, and at the same time it is the great challenge because it requires a process of standardization of consent mechanisms, formats and semantics. To allow seamlessly integration, all PDK components offer Web APIs that we document using the Open APIs4 specifications. This enables communications and interactions among them, easing integration with existing PIMS, as well as the design and development of new ones.

Open-Source Software
All the software we release is Open Source and available online on the GitLab Project of PIMCity. We encourage its use and invite the com-munity to test and contribute to the project. We use the GitLab functionalities for collaboration as a forum for for issue tracking, discussing bugs, requesting new functionalities and offer support to users.

Image

Most of us accept the Privacy Policies without read it but, our data can be used in a variety of ways, sometimes in ways you wouldn’t expect or even approve.
Personal data is important, when you agree to privacy you are giving away information about yourself, such as, your location, your contacts list or where you shop.

Nowadays, all Internet services require your data to access the service. Personal data is very valuable, which is why companies are always looking for ways to collect it.

Most of us accept the Privacy Policies without read it but, our data can be used in a variety of ways, sometimes in ways you wouldn’t expect or even approve.
Personal data is important, when you agree to privacy you are giving away information about yourself, such as, your location, your contacts list or where you shop.

That’s why it is important to understand the value of your personal information and how to manage it. By making a few simple changes you can imrpove your privacy.

-  Read Privacy Policies
We elaborate a list of direct links to find out the privacy policie of the main online services to manage your privacy settings.

-  Secure your accounts
Use a password manager to generate and remember different, complex passwords for every account. You should also use two-step authentication whenever possible for your online accounts.

-  Use antivirus
Viruses might not seem as common as they were a decade ago, but they still exist. Antivirus software is essential for any computer or phone – regardless of whether it is connected to the internet or not. They are an excellent way to help prevent against online fraud or damage on your device.

-  Cookies
Clearing out your cookie caches and browser histories can prevent ad networks from collecting too much information about you.
You can also set your preferences to prevent websites from storing cookies at all.

-  Deactivate the auto fill option
Autofill works by recognizing familiar words and numbers when you complete forms online. Have you ever noticed how when you type in your home’s number, that an autofill option comes up with your street name too? This is dangerous for several reasons, but particularly because this information to enable autofill to work has to be stored somewhere online.

-  Using private browsing modes
In answer to the increased need for online security and staying anonymous online, some browsers have a private browsing feature. These features help users protect themselves when using the internet.

-  Make sure all your social media accounts are private
This is fundamental to limiting the amount of sensitive data that is available about you that is online. Securing your social media accounts is essential as these days most are public by default.

-  Remember to log out
Importantly, closing the window of the account that you have logged into is not enough. A social media giant like the aforementioned Facebook can read everything you are up to, even if you have shut the application or window you were accessing Facebook through.

-  Only use HTTPS links
The link in the address bar of your browser starts with either “http” or “https”. The first one means that the connection between you and the website is open, i.e. anyone who taps into your internet connection can see everything you’re writing or looking at. This is bad.

-  Beware of spam emails
Spam emails are an easy way to avoid being hacked online. By deleting them immediately the moment they get into our inboxes, we are protecting our internet privacy no end. Online users who open suspicious emails are ones that often fall victim to online fraud.

-  Update your software and devices
Devices, programs and apps receive frequent updates with new features and security improvements. These security updates are typically far better at thwarting hackers than antivirus software.

-  Turn off your GPS
Turning your GPS off on your phone in its settings application is key to maintaining your privacy while online. By turning it off, it means that all your applications (of which there will be many) will not be able to read where you are.

-  Use public wifi and hotspots with caution
Public wifi seems like a good way to save our data allowance with our internet provider when out and about. But accessing the internet through a hotspot or public wifi on our handheld devices makes us extremely susceptible to online attack. This is particularly true if we use that public wifi to log on to any online accounts – social media or otherwise.

Image

The General Data Protection Regulation (EU) 2016/679 (GDPR) is the regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). The GDPR’s primary aim is to give individuals control over their personal data.

The General Data Protection Regulation (EU) 2016/679 (GDPR) is the regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). The GDPR’s primary aim is to give individuals control over their personal data.

The GDPR was adopted on 14 April 2016 and became enforceable beginning 25 May 2018. As the GDPR is a regulation, not a directive, it is directly binding and applicable but does provide flexibility for certain aspects of the regulation to be adjusted by individual member states.

The regulation became a model for many national laws outside the EU, including Chile, Japan, Brazil, South Korea, Argentina and Kenya. The California Consumer Privacy Act (CCPA), adopted on 28 June 2018, has many similarities with the GDPR.
Before GDPR, privacy was regulated by the Data Protection Directive, officially Directive 95/46/EC. This directive, enacted in October 1995, was a European Union directive regulating the processing of personal data within the European Union (EU) and the free movement of such data.

The Data Protection Directive is an important component of EU legislation on privacy and human rights. It was replaced by the General Data Protection Regulation, as EU directives are not legally binding and the European Commission wanted to unify data protection legislation in a unified European Union.

Image

According to the GDPR, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

According to the GDPR, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Information must ‘relate to’ the identifiable individual to be personal data. This means that it does more than simply identifying them, it must concern the individual in some way. Data can reference an identifiable individual and not be personal data about that individual, as the information does not relate to them.

Examples of personal data:
o a name and surname;
o a home address;
o an email address such as name.surname@company.com;
o an identification card number;
o location data (for example the location data function on a mobile phone)*;
o an Internet Protocol (IP) address;
o a cookie ID*;
o the advertising identifier of your phone;
o data held by a hospital or doctor, which could be a symbol that uniquely identifies a person.

Examples of data not considered personal data:
o a company registration number;
o an email address such as info@company.com;
o anonymised data.

Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.

Bibliography

0 | 10 | 20