Updates from the OwnYourData team.
One of the goals in our current FFG-funded project IDunion was to develop a framework for managing different data models of Covid19 Credentials. In the course of our project we implemented this functionality through the Semantic Overlay Architecture (SOyA 🌱) and this blogposts provides an introduction to this new technology.
There are currently a few initiatives around the world that want to develop digital vaccination records and bring them to market. However, the past has shown that even established solutions such as the international vaccination certificate (“Yellow Card”) cannot be digitized so easily.
This blog post summarizes the key highlights of the Digital Immunization Passport (DIP) project. We implemented and evaluated an end-to-end workflow for handling immunization information in a human-centric way, and we provided the necessary infrastructure for all participating stakeholders to demonstrated the functionality in real-world use cases: Yellow Fever and Tick-borne encephalitis vaccination. The project […]
OwnYourData & Human Colossus Foundation have been selected for the 2nd phase in the Data Portability & Services Incubator (DAPSI) to continue development of the Digital Immunization Passport project. From September 2020 to January 2021 we developed the first version of a Digital Immunization Passport for Yellow Fever and demonstrated the feasability of such a […]
In the DECTS project – funded by NGI TRUST Grant Agreement No. 825618 – OwnYourData and DEC112 implemented a Proof-of-Concept to demonstrate sharing personal data between an emergency caller and a control room.
The DEC112 App for deaf emergency chats allows users to store personal information (profile data) at the phone to be automatically shared with an operator in a control room when an emergency chat is initiated. But storing this profile data has a few disadvantages like inability to migrate this data when switching phones and also security concerns (anyone gaining access to this phone can read and edit the data). It therefore makes sense to also provide an option to store this emergency information securely in the cloud which in turn generates several challenges:
This blog posts describes the implementation of managing profile data in a Personal Data Store addressing the above-mentioned challenges.
Decentralized Identifiers (DID) provide an elegant and self-determined way of managing access to personal data. Using cryptographic methods and blockchain technology a user can generate a DID (i.e., a unique token) that references a DID Document. In this document a service endpoint can be specified that provides a certain type of service. Since only the user is in possession of the cryptographic key to manage the DID Document it can be edited only by this user.
For the given use case of deaf emergency chats the DEC112 app automatically generates a DID at user registration and to reference an account in the OwnYourData Data Vault (source available here: https://github.com/OwnYourData/oyd-pia2). The user has the option to choose between storing the data on the phone or in a Personal Data Store and when choosing Personal Data Store the respective DID is shown on the Profile page.
The OwnYourData Data Vault is a Personal Data Store that recently received the MyData Operator Status and is used as the default cloud storage for personal information associated with an DEC112 user account. Since it stores personal data End-to-End encrypted it was necessary to develop a solution to exchange this encrypted data with a control room. The component that manages data provisioning in case of an emergency chat is called PI2 (Personal Identifiable Information) – source code available here: https://github.com/OwnYourData/service-pi2.
Upon creating an account in the OwnYourData Data Vault two key parts a created using the Shamir Secret Sharing scheme. One key part remains in the Data Vault while the other key part is sent to all participating PI2 services located in the respective control rooms. The profile data can only be decrypted when both key parts come together. Additionally, the Personal Data Stores logs any access to the encrypted profile data to guarantee complete documentation.
The data flow for accessing profile data during an emergency chat is displayed in the following sequence diagram.
The basic steps in providing personal information upon initiating an emergency chat include:
This blog post described the infrastructure to share data in a secure and self-determined way. Users leverage capabilities of DIDs to manage a trusted service endpoint and use Shamir’s Secret Sharing scheme for a purpose-based data provisioning. A working prototype was implemented for the DEC112 project in Austria.
OwnYourData and the Human Colossus Foundation have been selected to take part in the Data Portability & Services Incubator (DAPSI), a 3-year EU funded project that empowers internet innovators to develop new solutions in the data portability field.
The Data Portability and Services Incubator (DAPSI) is a EU funded project, under the European Commission’s Next Generation Internet (NGI) initiative, to empower top internet innovators to develop human-centric solutions, addressing the challenge of personal data portability on the internet, as foreseen under the GDPR and make it significantly easier for citizens to have any data which is stored with one service provider transmitted directly to another provider.
DAPSI will support top-notch projects through a 9-month incubation programme where experts in diverse fields will provide a successful working methodology, access to top infrastructure, training in business and data related topics, coaching, mentoring, and a vibrant ecosystem. On top of that, each DAPSI project can receive up to €150k equity-free funding.
Digital Immunization Passport (DIP) is taking part in DAPSI to create a state-of-the-art digital certificate of vaccination. Currently, vaccination and immunization information are spread over different organizations like labs and hospitals as well as pharmaceutical companies together with government agencies. A patient usually only has a paper certificate that provides vaccination treatments with often difficult to read handwritten additional information. In the proposed solution OwnYourData and Human Colossus Foundation will develop an end-to-end data flow that:
The main focus of this project is on Data Interoperability & Compatibility through establishing interfaces between health industry and individuals as well as pushing forward on standardized interfaces for PDSs. Additionally, we address Data Transparency (Usage Policies and Data Provenance in Semantic Containers) and Security & Privacy (by applying blockchain technology and digital watermarking on data sharing).
In the two-phase supporting programme, the projects will develop advanced solutions in the Data Portability field. From September 2020 to February 2021 (Kick-Start phase) they will develop a solution related to a specific use case. The best projects will progress to the second phase (Booster) where the use cases will be fostered to evolve into solid projects to gain enough traction for deployment and get ready for the market.
Take a look at the DAPSI project portfolio to see more information about the selected innovators. The Digital Immunization Passport page is available here.
To read more about DAPSI, please visit the website: dapsi.ngi.eu
