Extensible Consent Management Architectures for Data Trusts
Balambiga Ayappane, Rohith Vaidyanathan, Srinath Srinivasa, Jayati, Deshmukh
TL;DR
This paper introduces an extensible framework for managing consent in Data Trusts, enabling secure data exchange across networks based on legal capacities, addressing privacy and security challenges in data sharing.
Contribution
It proposes a novel formalism for specifying legal capacities and jurisdictional boundaries, facilitating open-ended data exchange in Data Trusts.
Findings
Framework supports role-based data flow across networks
Enhances privacy and security in data sharing
Addresses legal and jurisdictional compliance
Abstract
Sensitive personal information of individuals and non-personal information of organizations or communities often needs to be legitimately exchanged among different stakeholders, to provide services, maintain public health, law and order, and so on. While such exchanges are necessary, they also impose enormous privacy and security challenges. Data protection laws like GDPR for personal data and Indian Non-personal data protection draft specify conditions and the \textit{legal capacity} in which personal and non-personal information can be solicited and disseminated further. But there is a dearth of formalisms for specifying legal capacities and jurisdictional boundaries, so that open-ended exchange of such data can be implemented. This paper proposes an extensible framework for consent management in Data Trusts in which data can flow across a network through "role tunnels" established…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsPrivacy-Preserving Technologies in Data · Privacy, Security, and Data Protection · Access Control and Trust