Back to Search Start Over

A new PET for Data Collection via Forms with Data Minimization, Full Accuracy and Informed Consent

Authors :
Anciaux, Nicolas
Frittella, Sabine
Geoffroy, Baptiste
Nguyen, Benjamin
Scerri, Guillaume
Personal Trusted cloud (PETRUS)
Inria Saclay - Ile de France
Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Données et algorithmes pour une ville intelligente et durable - DAVID (DAVID)
Université de Versailles Saint-Quentin-en-Yvelines (UVSQ)-Université de Versailles Saint-Quentin-en-Yvelines (UVSQ)
Université Paris-Saclay
Données et algorithmes pour une ville intelligente et durable - DAVID (DAVID)
Université de Versailles Saint-Quentin-en-Yvelines (UVSQ)
Institut National des Sciences Appliquées - Centre Val de Loire (INSA CVL)
Institut National des Sciences Appliquées (INSA)
Sécurité des Données et des Systèmes (SDS)
Laboratoire d'Informatique Fondamentale d'Orléans (LIFO)
Université d'Orléans (UO)-Institut National des Sciences Appliquées - Centre Val de Loire (INSA CVL)
Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université d'Orléans (UO)-Institut National des Sciences Appliquées - Centre Val de Loire (INSA CVL)
Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)
Ecole Normale Supérieure Paris-Saclay (ENS Paris Saclay)
ANR-22-PECY-0002,iPoP,interdisciplinary Project on Privacy(2022)
ANR-19-CE48-0006,PRELAP,Logique Épistémique Probabiliste pour la Protection des Données Privées(2019)
Source :
EDBT 2024-International Conference on Extending Database Technology, EDBT 2024-International Conference on Extending Database Technology, Mar 2024, Paestum, Italy
Publication Year :
2024
Publisher :
HAL CCSD, 2024.

Abstract

International audience; The advent of privacy laws and principles such as data minimization and informed consent are supposed to protect citizens from over-collection of personal data. Nevertheless, current processes, mainly through filling forms are still based on practices that lead to over-collection. Indeed, any citizen wishing to apply for a benefit (or service) will transmit all their personal data involved in the evaluation of the eligibility criteria. The resulting problem of over-collection affects millions of individuals, with considerable volumes of information collected. If this problem of compliance concerns both public and private organizations (e.g., social services, banks, insurance companies), it is because it faces non-trivial issues, which hinder the implementation of data minimization by developers. In this paper, we propose a new modeling approach that enables data minimization and informed choices for the users, for any decision problem modeled using classical logic, which covers a wide range of practical cases. Our data minimization solution uses game theoretic notions to explain and quantify the privacy payoff for the user. We show how our algorithms can be applied to practical cases study as a new PET for minimal, fully accurate (all due services must be preserved) and informed data collection.

Subjects

Subjects :
Privacy
[INFO]Computer Science [cs]
Informed consent
GDPR
Data minimization

Details

Language :
English
Database :
OpenAIRE
Journal :
EDBT 2024-International Conference on Extending Database Technology, EDBT 2024-International Conference on Extending Database Technology, Mar 2024, Paestum, Italy
Accession number :
edsair.od.......165..6e83d3bcc0bb14df271382cbebe39722

Tools

Authors Abstract Subjects Details