Control your data – privacy ledger

"From data abuse to personal data control" – implementing and developing on top of Cardano a metadata store to that give people control over their personal information and demonstrate when an individual exercised a data subject right.

Cardano adoption and impact - We are currently launching the Profila App with 5 SME consumer brands in 3 regions in Q1 2021 (Benelux - Switzerland - Orlando/California), and are expecting +/- 1000-2000 users per month to join (via B2B2C model, as invited by brands). 25.000 expected in 2021; 78.200 expected in 2022. More info under the detailed plan, section 5.

Short summary of the Profila app (as testing ground for the metadata ledger POC) - Profila is a platform (consisting of both a mobile IOS and Android application for individuals and a web-based dashboard for companies, organizations, governments and other legal entities, we call "Brands") that enables individuals to communicate with various organizations in their lives, privately, one-to-one, and without supervision or surveillance. Organizations can be either private or public entities.

Consumers can manage their digital life in one location. They can sort all their personal information, product preferences and communication preferences and communicate with all the organizations they want to interact with in the same easy way (instead of on each individual organization's platform each time). The entire tool is design for people to (1) gain control over their personal data; (2) choose to ethically share (or not) they personal data with organisations, and (3) get compensated if they do. (see "Illustration 1 – Profila for Consumers" attached to this proposal).

Before going into the proposal, the concept of "data subject rights" needs some explanation.

1. The concept of data subject rights as a legal tool for individuals to start controlling their data

A first step to data control is knowing your rights in relation to your data and taking action against those who misuse your data. This can be done via "data subject rights", as explained briefly below.

Numerous national and regional privacy or consumer protection laws, regulations and jurisprudence provide private individuals – often called "data subjects" – with certain rights in relation to their personal data. Under certain conditions, these rights can be enforced against businesses that process personal data.

These rights are often called "data subject rights" or "data rights" and may include e.g.
- right to information - the right to be informed about how a business uses your personal data
- right to opt out - people can ask businesses to stop selling their personal information or using it for business benefit;
- right to access – ask access to personal data that is being processed by a business (e.g. ; hen you want to know just how much data a company has about you);
- right to be forgotten – ask a business to delete your personal data (e.g. when you don't want to receive any products anymore, and definitely no more marketing messages);
- right to rectification – ask a business to rectify personal information about you that is inaccurate or incomplete (e.g. they have your old address or there is a typo in your name);

We can find these rights in the European General Data Protection Regulation (GDPR); the California Consumer Privacy Act (CCPA); the Brazilian General Data Protection Regulation (LGDP) and many more.

The main goal of these rights it to GIVE CONSUMERS CONTROL OVER THEIR PERSONAL DATA. These laws (GDRP, CCPA; LGDP) include many obligations for companies; namely to (i) inform consumers of these rights; (ii) to help them exercise these rights; (iii) to timely respond to these rights, mostly within a reasonable period of 15 to 30 days; and (iv) to do this all in a transparent way, and no cost to the individual.

2. Privacy rights today – problems – lack of education and management

Today, you have no control over the use of your personal data. In order to control your data, you need to know what happens to it, and you need to be able to take action against those who misuse it. This is where DSRs come in very handy, as they can be used by each individual to (1) become aware of what personal data is collected; how it is used (=information) and – once you have this information – to (2) tell businesses what to do (different) (e.g. rectify; delete; opt out).

However, do you know what your rights are and how you need to exercise them? Today, there is no tool available that lets you learn about your rights and provide you with an easy way to exercise them. Some local websites of data protection authorities provide you with information and templates, but require you to download lengthy word documents, fill out 10-15 elements in these documents, upload them, send them by email or post to the Brand in question. This process is only available for those people who actually know what a data protection authority is (=what?), and who are willing to spend some hours to get the template filled out and send.

That is where Profila comes in.

3. Profila today - the existing consumer App – first step towards data control via privacy education and data rights management

The current Profila App has a consumer-friendly privacy education and data rights management dashboard (see "illustration 2 – Profila Privacy App").

1. Education – the App has 9 basic modules about your privacy rights, explaining to you in understandable terms and with examples "what is personal data", "what is a controller/processor", "what are your rights", what is e.g. "your right to be forgotten" (including GDPR in Europe, CCPA in California, LGDP in Brazil). They are tools that can be used by consumers to control their data.

1. Rights Management – the App then has a dashboard which allows you to manage your rights, e.g. use your "right to object" to tell Wholefoods to stop sending daily emails, or your "right to be forgotten" to ask Wholefoods to erase all personal data they hold about you. Profila has reduced this legally difficult process of exercising data subject rights to an easy 3-click step process, where you can (1) choose a company logo (recipient of the right); (2) click on one of the 8 data subject rights, and (3) include an identifier (email; phone). Profila then forwards an official legal template to the business. According to the law that applies to your relationship with this company (which is determined based on your country of residence/nationality), the company will be legally required to respond to you within 15-30 days.

4. Profila tomorrow – the Catalyst project - implementing DSR transaction metadata on Cardano, to demonstrate/prove that a DSR was exercised

What do we seek to improve via this Challenge?

Issue - "centralized DSR management" - Each data subject right (DSR) that is exercised by an individual using Profila (including the specific terms like which DSR, data, company recipient, specific content and request), is only saved by Profila in our IT environment, and can only be enforced by Profila or its existence proven by Profila. Profila is therefore guaranteeing that the legal request/transaction happened, what terms it contains, whether terms are abided by (e.g. did the business actually respond to the request in time, as they are legally obligated to do).

This is a liability for both contracting parties, who would need to trust Profila. Profila, as a commercial company, would have to actively step in as arbitrator/mediator, and guarantee this level of trust that a transaction took place + terms thereof. However, we only want to provide consumers with the tools to control their data. The trust and consensus that a transaction took place or contract was made needs to come from the community of users.

Under the Catalyst project (fund 5), we want to tackle this issue by making available on Cardano a ledger for all privacy interactions that you as an individual exercised via the Profila privacy rights management platform: each user that exercises a data subject right with a brand will be able to easily access each such request, including the brands' response.

E.g. You exercises your right to object to the processing of direct marketing messages to Wholefoods, after receiving 15 mails per week with advertising. If several months after this request, Wholefoods doesn't abide by this request and again starts using your personal data to send you direct marketing messages, you can use the ledger entry as immutable proof of the right you exercised. This way, you can show Wholefoods they breached your right and hold them accountable (unlike the "unsubscribe" buttons you click 10x times, with no proof thereof, and with no effect because mails keep on coming). You can even use the information in the ledger to file a complaint at a national data protection authority, showing them what you agreed to, and how the company actually (mis)used your data. You will be able to check forever, every legal right you send to a business concerning the use of your (personal) data. Nobody would be able to tamper with this information. This is control.

What other challenges are ahead in our "Zero-knowledge advertising & insights" development roadmap?

This project is only the first step into our broader Cardano technology adoption and integration around zero-knowledge advertising and insights, which all relate to the control of your personal data and your attention by you as an individual. Under the next funds, we want to submit additional project proposals for important features we want to develop as part of this effort:

- step 1 - personal data license smart contract – under Fund 4 "dapps and integrations", we submitted a first step in our "zero knowledge advertising and insights" project called "Dapp to control and monetize your data".

https://cardano.ideascale.com/a/dtd/Dapp-to-control-monetize-your-data/341501-48088. This is a crucial step in obtaining "control over your data", by concluding smart contract subscriptions with businesses so you have an overview of what kind of data you have granted a business access to, under which conditions. You can access these (smart) contracts at any time to doublecheck the terms of your relationship with a brand (=who did I give access to what data and for what purpose).

- step 2 - privacy ledger – The current privacy ledger step under this metadata challenge is the second step in controlling your data.

- step 3 - zero-knowledge proofs - personalized ads with respect of privacy - using zero-knowledge proofs in order to allow a brand to advertise to the "perfect" consumer (meaning to the exact target audience consumer, which exactly matches the specific offering/message a brand wants to share), without sharing ANY personal data with the brand. This in se means that a brand is doing highly relevant and personalized advertising, and a very high cost of conversion (and low cost of engagement), without the privacy risks that the current surveillance marketing model has (=namely, the model requires large amounts of personal data in order to personalize advertising). We will be able to tell when a consumer wants to see an add from which brand, without having to tell the brand who this consumer actually is. Only when the consumer converts (and actually buys a product or service) on the brand's own system, will the brand have access to his/her personal data.

- Step 4 - digital ID - Atala implementation - All digital ID data can be securely stored and encrypted on a user's device, using Cardano 's decentralized public key infrastructure. Each individual can allow organisations access thereto as permissioned by the user; With this integration, we can better guarantee that the correct person is sharing information and is receiving payments.

5. Practical aspects – "show us the money" – costs

Creating a first proof of concept (POC) of a metadata privacy ledger on Cardano, will require at least a budget of 19.200 USD for a 3-month development project, to be allocated as follows:

- 15 days of senior developer @ 800 EUR per day – totaling 12.000 USD
- 15 days of web/backend developer @ 240 EUR per day – totaling +/- 3.600 USD
- 15 days of app developer @ 240 EUR per hour – totaling +/- 3.600 USD

We are currently already preparing for the development of this solution – which we are trying to pre-finance – because we believe this is a very important functionality in the control of your data. We expect the solution to be ready by Q2 2021, so that we can test it with the companies that are now using the Profila app with their consumers.

6. Practical aspects – "getting on the road" – GTM; geographical focus; target customer

At the time of the submission of our application to Catalyst Fund 5, the development of our Profila App is finalized and we are onboarding/setting up 5 small and medium enterprises (SME) to trial with their existing consumers. This section explains more about our GTM, ideal location, target customers etc.

(1) Go-to-Market – our Go-to-Market is B2B2C, namely working with brands to invite their existing consumers onto the Profila App, as a new communication channel that is privacy compliant and consumer centric. As part of the onboarding process of these brands, we work together with them to design a promotional campaign via email/social media, via which they invite their best customers to engage with them via Profila. These campaigns will show the benefits of Profila (=individual in control; individual compensated) and will attract the first customers to join this kind of new loyalty program. It is therefore not necessary that all the brands' customers join, but mostly the loyal customers that want to be engaged. We project that for SME companies, around 5% of their existing customer base will join this "new relationship" in the first year/after the promotional campaign. This would be seen as a success.

We have signed up 5x SMEs in 3 regions (see below), who in total have around 500.000 existing customers all combined. Considering that we expect 5% of this customer base to accept the invitation and join Profila, we foresee 25.000 active Profila users in 2021. According to our active brand onboarding efforts, this should grow to 78.000 in 2022 (by adding more brands).

(2) Geographical focus market? We are currently launching the Profila App with 5 SME Brands in 3 regions in Q1 2021 (Benelux - Switzerland - Orlando/California).

(3) Ideal consumer segment? – privacy-aware and digitally savvy "Millennials" (adults between the ages of 22 and 39 years old), and "brand-loyalists" (consumers that have an affinity with the brand and would like to have a closer 1-1 relationship).
Following a research collaboration we conducted with the University of St. Gallen University of Zurich (Switzerland) to define our go-to-market strategy, we concluded that Millennials are the target consumer audience. Millennials carry out most of their transactions online and are aware of their digital footprint. They are also aware that they have rights to their personal data, but do not yet have an easy tool to control it.

(4) Ideal SME segment? – SME companies in these 3 regions that respect consumer privacy and want a better relationship with their consumers.

(5) Marketing, Website & social media presence – We have focused our 3-year research and development phase (as well as our funding) on the development and testing of our consumer app and brand dashboard and have – on purpose – not made much noise about our project until now. Now that the first product is ready and being tested, we are starting a first marketing campaign on LinkedIn https://www.linkedin.com/company/profilaprivacy (B2B, attracting new companies that want to have a different relationship as described above), we are rebuilding our Website www.profila.com (new version expected end-of-April 2021), and will start a consumer campaign on social media focusing on our ideal customer target (see above).

7. Intellectual Property information (freedom to operate; IP registrations; contracts)

As an intellectual property lawyer, I made sure that all Profila's intellectual property (IP)-assets are documented/protected:

First, we have conducted a thorough freedom to operate study and patent landscape analysis with the Swiss Innovation Agency, to make sure we are free to develop and commercialize our current technology without infringing on third-party rights.

Second, we have filed for the necessary trademarks that protect our logos and trade names in commerce.

In addition, we have a solid contractual framework in place with all of our suppliers, employees, contractors and customers. All parties involved in our day-to-day activities are doing so under a contract, which include the necessary IP transfer-, confidentiality- and non-compete obligations that protect (and collect) our company's intellectual assets. As part of that, every contracted developer has assigned all IP rights to the Profila App to us, which we will also require from developers working on this project.

Finally, we are looking into open-sourcing the majority of the technology (code) developed under this project and will assess on an ongoing basis which components would be of interest to the community.

8. Defining success

The POC we are developing (and hope to get funded for) under this second Catalyst (fund 5) submission will add important functionalities to our consumer App – which is being tested on the market during the next 6 months. The POC will also advance our mission and vision to provide people with control of their data and learn about their privacy rights. Success of the POC would be that we can integrate it into our existing App with one of the 5 SME brands that are testing, and make sure it works with their consumers.

Succes after 3 months - finalizing the POC work to be tested in the App
Succes after6 months - running targeted trials with the POC in the App with real customers
Succes after 12 months - full deployment of the metadata POC in the App; covering every interaction that includes privacy rights from every user.

Overview of the work-packages which technical requirements and sprints to be included shortly.

9. Additional useful links

Profila Website

https://www.profila.com

Profila LinkedIn

https://www.linkedin.com/company/profilaprivacy

Proposer LinkedIn – Michiel Van Roey

https://www.linkedin.com/in/michielvanroey/

(co)Proposer LinkedIn – Shawn Jensen

https://www.linkedin.com/in/shawnj/

Proposal Fund 4 "Dapp to control/monetize your data" (step 1)

https://cardano.ideascale.com/a/dtd/Dapp-to-control-monetize-your-data/341501-48088

Proposal Fund 5 "Dapp to control/monetize your data" (step 2)

Updated fund 4 proposal, with additional functionality

Proposer Linkedin - Ipek Sahiner (product engineer)

https://www.linkedin.com/in/ipeksahinerschlecht/

Proposer LinkedIn - Mikko Kotila (product and tech advisor)

https://www.linkedin.com/in/mikkokotila/