Abstract
AbstractSecure data distribution is critical for data accountability. Surveillance caused privacy breaching incidents have already questioned existing personal data collection techniques. Organizations assemble a huge amount of personally identifiable information (PII) for data-driven market analysis and prediction. However, the limitation of data tracking tools restricts the detection of exact data breaching points. Blockchain technology, an ‘immutable’ distributed ledger, can be leveraged to establish a transparent data auditing platform. However, Art. 42 and Art. 25 of general data protection regulation (GDPR) demands ‘right to forget’ and ‘right to erase’ of personal information, which goes against the immutability of blockchain technology. This paper proposes a GDPR complied decentralized and trusted PII sharing and tracking scheme. Proposed blockchain based personally identifiable information management system (BcPIIMS) demonstrates data movement among GDPR entities (user, controller and processor). Considering GDPR limitations, BcPIIMS used off-the-chain data storing architecture. A prototype was created to validate the proposed architecture using multichain. The use of off-the-chain storage reduces individual block size. Additionally, private blockchain also limits personal data leaking by collecting fast approval from restricted peers. This study presents personal data sharing, deleting, modifying and tracking features to verify the privacy of proposed blockchain based personally identifiable information management system.
Highlights
Secure data distribution is critical for data accountability
To reduce the risk of personally identifiable information (PII) and potential personally identifiable information (PPII) leaking, we have proposed a blockchain based personally identifiable information management system (BcPIIMS)
By storing the personal data off-the-chain, the system complied to the general data protection regulation (GDPR) rule
Summary
Abstract: Secure data distribution is critical for data accountability. Surveillance caused privacy breaching incidents have already questioned existing personal data collection techniques. Proposed blockchain based personally identifiable information management system (BcPIIMS) demonstrates data movement among GDPR entities (user, controller and processor). This study presents personal data sharing, deleting, modifying and tracking features to verify the privacy of proposed blockchain based personally identifiable information management system. As most of these SNS sites and applications are for free, they earn money from personal data trading These organizations store, distribute, analyse sensitive PII to generate a business model through user profiling. This study proposes a blockchain based personally identifiable information management system (BcPIIMS) designed for PII management and tracking throughout organizations. This study stores personal data (PII and PPII) offthe-chain and non-personally identifiable information (NPII) information in blockchain to satisfy Art. 42 and Art. 25 of GDPR [17]. This study shows, only privacy improvement can add additional security to personal data
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have