Speaker
Description
In order to be lawful, the processing of personal data usually requires the explicit consent of the Data Subject, who has the right to withdraw his consent at any time. Today many cloud providers offer solutions of Consent Management System (CMS) with the capability of storing consent information and enabling data access only if the consent for the specific purpose has been given. The main issue with this kind of system is the lack of transparency and trustworthiness: you need to trust the service providers' honesty in not changing the consent information and not accessing the data without permission.
A way to overcome this transparency limitation is to exploit Distributed Ledger technologies like Block Chain, which distribute a database of immutable blocks among several actors and replace the need of a trusted third party with a peer-to-peer consensus algorithm for the mutual approval/verification of transactions. Moreover, on the Block Chain you can store pieces of code called Smart Contracts adding the possibility to perform “actions” depending on the status of the underlying Block Chain status.
In this talk we’ll present a proof-of-concept Consent Management System built on top of an Ethereum-like Block Chain and we’ll show a DApp (Distributed App) allowing a user to give and withdraw the consent on a particular dataset.
