Support for Fundamental Rights in Digital Society

BPR4GDPR is focused exactly on the protection of a fundamental human right: privacy. Indeed, from a philosophical perspective, the notion of privacy has broad historical roots; for instance, consider Aristotle’s distinction between the public sphere of political activity and the private sphere associated with domestic life, or the “Hippocratic Oath”, the seminal document on the ethics of medical practice that explicitly included privacy among the medical morals. Nowadays, privacy is recognised as a fundamental human right by the Universal Declaration of Human Rights of the United Nations, the European Convention on Human Rights, as well as the Charter of Fundamental Rights of the European Union, and is protected by relevant legislation in all democratic countries throughout the world, with the GDPR being the cornerstone of this legislation.

According to the famous cartoon of Pat Steiner in The New Yorker in 1993, “on the internet, nobody knows you’re a dog”; this has been frequently cited in order to emphasise the potential for anonymity and privacy that the Internet was supposed to offer. However, reality proves to be different and, in fact, more than a century after the first essay identifying that privacy was endangered by technological advances, never before in history the citizens have been more concerned about their personal privacy and the threats by the emerging technologies. The recent technological advances spur an information revolution that brings significant improvements to quality of life, but, on the other hand, they pose serious risks on privacy: the personal data collection scale is augmented, information access, processing, aggregation, combination and linking are facilitated and new types of data are collected; personal information is increasingly viewed as a valuable asset which is a subject of trading.

To this end, the protection of privacy is the overarching goal of BPR4GDPR, that aims at providing a set of comprehensive technologies for realising the privacy-by-design vision. The BPR4GDPR solutions span a range of technologies (process management, data management, advanced cryptography, etc.) and tackle the four major aspects of privacy according to Solove’s reference taxonomy, namely information collection, information processing, information dissemination and invasion, thereby ensuring that operations are executed in a privacy-aware, GDPR-compliant-manner. Therefore, BPR4GDPR is expected to have considerable impact on the protection of privacy as a fundamental human right. This is also supported by the anticipated diffusion of the project results as regards their dissemination, exploitation, standardisation, communication and awareness raising. Further, results’ uptake, and therefore contribution to privacy protection, is expected due to the different deployment modes considered, i.e., stand-alone and as-a-service, that provide for immediate application at large scale on the Cloud.

Furthermore, it should not be neglected that the BPR4GDPR solutions will be tested by means of comprehensive use cases, that involve sensitive data and have therefore serious privacy concerns. Especially as regards the IDIKA use case, dealing with health and social security data at national scale, it should be noted that IDIKA is the National Contact Point for these domains, participating in the associated European clusters and instruments. Therefore, it will therefore provide for pan-Europan impact creation in these sensitive fields.