SmaC - Smart Consent
ReD - Compliant-Regulatory Data Exchange
ReD is a software component belonging to the class of Privacy-Enhancing Technologies (PETs), i.e. technologies that embody fundamental data protection principles by adopting countermeasures in compliance with regulation.
ReD provides three main features:
- Consent-based Exchange authorises data exchange between parties (i.e. data controller and data processor) based on consent provided by data owner (i.e. data subject) and agreed with data controller through smart contracts. This ensures data subjects to have full control of their own (personal) data;
- Notification notifies specific events impacting data control (e.g. data access request or data breaches) to interested parties (e.g. data subject). This ensures data subjects’ rights (i.e. to be informed);
- Data Access Tracking constantly monitors and logs data access, building evidence of activities on data.
ReD is based on three building blocks: i) blockchain and smart contracts
technology to register and rectify consents to access data (built on GoQuorum)
; message queue mechanisms for notification
of events (built on RabbitMQ
); and an orchestration
logic to enable and manage activities in response to specific message events (built on Python
With these building blocks and features, ReD ensures at the same time i)
trust between parties; ii)
data integrity and immutability; iii)
confidentiality and privacy.