RESPECTeD Project: Really Enforceable Solution to Protect End-users Consent & Tracking Decisions

Written by Soheil Human December 2, 2019 0 comment

We are delighted to inform you that the Privacy and Sustainable Computing Lab in collaboration with the Institute of Information Systems and Society (WU Wien), the Institute of Information Systems and New Media (WU Wien), and NOYB – European Center for Digital Rights (noyb.eu) starts the interdisciplinary research project RESPECTeD. The full title of the project is “Really Enforceable Solution to Protect End-users Consent & Tracking Decisions”. Soheil Human and Ben Wagner are the project leads representing WU Wien and Max Schrems is the project lead from the NOYB-side. The project is funded by the NetIdee programme of Internet Privatstiftung Austria (IPA).

Project Motivations

RESPECTeD tackles a wide range of ongoing privacy-related issues on Internet, among others:
1. providing consents on the Internet is a time and expertise-demanding task which cannot correctly be performed by most of the users,
2. withdrawing consents is normally a sophisticated task,
3. the existing anti-tracking mechanisms (e.g. W3C’s Tracking Preference Expression – DNT) are not legally enforceable and are in many cases ignored by the service providers.
We aim to develop a mechanism to address these issues.

Project Goal

Based on an extensive study of existing patterns of tracking, we develop a detailed standard mechanism for communicating users consent and tracking decisions via HTTP headers. Moreover, a set of client-side and server-side software (e.g. web-browser plugins) support the legal enforcement of the expressed consents, e.g. by sending the required identifiers or legally binding emails.

Target Group of the Project

Almost everyone on Internet can be considered as the target group of the project: 
1) end-users will finally have a mechanism to express their consent and tracking decisions in a manner, which not only is human-cetnricuser-friendly and easy- to-use, but also lawfully and technically enforceable;
2) service providers (data controllers) will be provided by a clearly defined technical mechanism and supporting codes to gain and respect user consents;
3) NGOs will be provide mechanisms to track which data-controllers do not comply the GDPR.

More information about the project will be published on: https://www.respected.eu