Today control over data visibility is centralized into the hands of data sharing platforms’ owners. Rightful data owners are not actively involved in the data value chain, and this results in low trust and willingness to share data, hindering the growth of a European data market.

Based on a patented multicast end-to-end encryption scheme and smart contracts, Ecosteer decentralized consent management technology – the Data Visibility Control Overlay (DVCO) – allows individuals to unilaterally grant & revoke visibility over data streams generated by their devices to selected stakeholders, as mandated by the GDPR. Additionally, a smart contract implements a compensation mechanism based on tokens, incentivizing data sharing.

Within NGI TrustChain Call #2, Ecosteer will develop the Data Ownership Orchestration Framework (DOOF), a set of open SDKs, libraries and Smart Contracts that allows data owners to exercise data ownership rights – i.e. grant, revoke and monetize data visibility. In fact, the DOOF’s objective is to facilitate the integration of the DVCO as well as any other consent management technology, e.g. for data sets rather than data streams, with any data source and enterprise IT system, enabling companies and institutions to deploy user-friendly data exchanges privacy-compliant by design.

In this project Ecosteer will integrate its technology with smart-home sensors and distribute them among a selected group of citizens in Bolzano. Thanks to a user-friendly interface, citizens will be able to unilaterally control third party visibility over their data and to be compensated for data sharing.

Such validated solution will be proposed to Utilities to deploy their own transparent, ethical and GDPR compliant data exchanges, involving their customers and business partners. Additional data sources, e.g. energy meters, other smart home sensors, wearables, etc., can be added over time, expanding data sharing & monetization opportunities without impacting system scalability provided as-a-service by the DOOF.

Understanding crowd mobility is essential for governments and businesses to prepare for long-term challenges like climate change, mid-term challenges like increasing urbanization, and short-term challenges like controlling the spread of diseases. For instance, mobility data is used to optimize public transportation, improve mobile and wireless networks and study human contacts to help public health experts track viral diseases.

However, mobility data is a very sensitive type of data, since mapping the movements of individuals can reveal personal information. Anonymization cannot be limited to suppressing metadata containing the subject’s identity, because the origin, the destination and even the intermediate points of a trajectory may allow re-identifying the individual who followed it (de Montjoye et al, 2013). Proper anonymization requires masking detailed spatiotemporal

Information. Currently, the standard approach to building anonymized datasets is centralized: the subjects send their data to a controller, who takes care of producing an anonymized mobility data set. This requires subjects to blindly trust the controller, which is not acceptable in most cases. There is another risk inherent to mobility data, which is the possibility to re-identify individuals in anonymized datasets by cross-referencing them with other existing or newly published datasets (Srivatsa et al, 2012). Hence, the requirement for anonymity of mobility data must be controlled in consideration of publicly available data.

The goals of our project are threefold:

– develop a decentralized method, based on utility-preserving k-anonymity, that will allow anonymization of mobility data in a way that guarantees that even the controller cannot re-identify individuals in their datasets.

– create an auditing tool that enables data controllers to audit their proprietary datasets for de-anonymization risks and anonymize the data if risks are uncovered using a centralized k-anonymity algorithm.

– create a verification tool enabling individuals and companies to uncover public datasets that contain similar trajectories to theirs.

Measured data obtained by measuring devices and its subsequent analyses (measured data accuracy, errors, measurement uncertainty, regulation compliance, etc.) are pillars for quality assurance (QA) in a wide spectrum of various industries (food industry, pharmacy, etc.).

Currently, there is no universally accepted protocol for the machine-interpretable structuring and digital dissemination of measurement data, leading to concerns in data governance and user privacy. Fortunately, the science of measurement (metrology) is undergoing digital transformation, as evidenced by BIPM’s recent Joint Statement of Intent. Our solution builds on emerging new standards (SI-Digital, Digital Calibration Certificates, etc.) to add a crucial component for digitalizing QA reliant on measured data.

We propose an open-source solution for the secure exchange of data (measured data and subsequent analyses) in use cases where one needs analysis of measured data to be carried out by a third-party data analysis service. This “third party entity” operates independently of the entity (organization, department, team) involved in data collection most often if:

– there is a need to ensure an unbiased analytical perspective (often prescribed by metrology regulations) and/or

– the analysis is carried out as commercial service offered on the market and/or

– there is a separate “in-house” analytical department/team within the same organisation

In each case it must be ensured that data security is maintained, reducing the risk of unauthorized access or data misuse, including privacy risks if measured data contains possible Personally Identifiable Information (PII).

Shortly said, our proposal has a simple input → measured data, and a simple output → analysis of measured data. However, it will use state-of-the-art technologies (blockchain, homomorphic encryption) and emerging standards and architectures established in the EU space (European Blockchain Service Infrastructure (EBSI), Alastria, Digital Calibration Certificates (DCC)) in order to make the solution trustworthy, scalable and compliant with prevailing and upcoming regulations.

Clearbox AI, an award-winning tech startup based in Turin, Italy, specializes in facilitating AI and Analytics projects through Synthetic Data generation. Their privacy preservation and data augmentation expertise, notably in banking, finance, and healthcare, aligns seamlessly with TRUSTCHAIN’s mission to establish secure and dependable data routes for responsible AI adoption.

The proposal confronts the challenges posed by the rapid evolution of AI, particularly in safeguarding user privacy and data governance. AI presents distinctive privacy risks, including potential individual identification in anonymized data. Clearbox AI’s solution centers on Privacy-enhancing technologies (PETs), focusing on Synthetic Data. This method preserves real-world data’s statistical properties and predictive capabilities while ensuring privacy.

The project’s core goals involve creating an open-source library that harmonizes user privacy and data utility for AI training. It will also provide fine-grained privacy controls and uphold regulatory compliance through GDPR adherence features. Moreover, the project promotes responsible data practices, especially in the financial sector.

The proposed product, named SURE, empowers users to evaluate the privacy and utility of anonymized datasets using both traditional anonymization techniques and synthetic data. Its user-friendly interface enables individuals with limited AI knowledge to evaluate and test anonymous and synthetic datasets, preserving privacy without sacrificing utility.

The project’s impact is poised to be significant. As AI’s contributions to the global economy grow, SURE’s provision of a customizable, open-source synthetic data library democratizes access to secure and privacy-respecting data solutions. It serves a diverse user base, encompassing fintech and healthcare companies, equipping them with a potent tool to bolster their data privacy practices while maintaining dataset utility. Additionally, the proposed solution dovetails with TRUSTCHAIN’s fundamental objectives, cementing its status as a valuable asset in erecting secure and reliable data pathways for responsible AI adoption.

In the rapidly evolving landscape of the Next Generation Internet (NGI), data storage and management are undergoing a profound transformation. Historically, centralized entities and corporations held dominion over vast data stores. However, the NGI heralds a paradigm shift, prioritizing user-centric data governance, where individual users maintain control and ownership of their data, and even more intriguingly, their IoT devices become active contributors to this new ecosystem.

In recent years, the idea of smart cities in which the infrastructure layer and data acquisition/storage is made available by government entities has gained significant traction. This is mostly attributed to the higher availability of cost-effective IoT devices/sensors, and growing connectivity and bandwidth of networks. However, the financial investments required to setup, and maintain the infrastructure are a high barrier to entry. Moreover, these infrastructures are commonly centralized into three layers namely, data acquisition layer, storage and computation layer, and finally the application layer in which

users and companies participate in by leveraging the data.

This project envisions a future where users actively participate and maintain all three core infrastructure layers. To realize this, we propose a decentralized model that allows both users and their smart devices to contribute building a decentralized infrastructure. The solution builds on a paradigm shift in the way data driven computation occurs. As such, data never leaves the device, instead computation is broken down into independent sets, and migrated across the network. This guarantees data privacy, and ownership whilst at the same time, makes use of the currently untapped computational resources of IoT devices. Our strategy involves harnessing advancements in Multi-Party Computation (MPC) technology, advancing a novel MPC protocol to a demonstrative phase. All software of the platform and the MPC protocol will be made open-source to further establish trust and inclusivity of the solution.

In summary, our project seeks to empower users to actively participate and be rewarded in the data economy, fundamentally transforming data ownership in the NGI era. We propose a user-centric data governance model, fortified by cutting-edge technology, and a decentralized resource marketplace that enables users to take control of their data and computational resources. This vision aligns perfectly with the evolving landscape of the NGI, where data is not just a commodity but a democratized and user-empowering currency.

Tidy City encourages both individuals and organisations to routinely capture high-resolution images of streets and roads. The images captured with Tidy City app are then analysed by advanced AI models on centralised servers, detecting various urban challenges such as waste mismanagement or signage issues. However, like many contemporary platforms, once users submit their data to Tidy City, they relinquish much of the control over it.

Project DUME aims to change the centralised nature of digital platforms like Tidy City by:

1.      Extending Solid Protocol that adeptly manages large-scale media datasets with decentralised web platforms.

2.     Validating the robustness of the decentralised, user-centric features of the protocol created in 1., by implementing and testing it in Tidy City.

The challenges of implementing a protocol capable of handling vast volumes of high-resolution photographs with associated metadata for streets and roads, ready for AI model training, are manyfold:

● For AI model training, swift and efficient data retrieval is essential. This involves implementing parallel data retrieval processes, batch data requests, and caching mechanisms to ensure minimal latency.

● The protocol should support rich metadata annotations, ensuring indexing mechanisms deliver quick searches and filtering based on this metadata.

● Specific AI access control ensures that AI model trainers can access the requisite data without compromising other personal or sensitive data. This involves creating specialised ‘views’ or ‘profiles’ of the data specifically curated for AI training.

● Given the dynamic nature of data (new images added constantly), the protocol must support robust versioning mechanisms, allowing users and applications to fetch historical data versions efficiently.

DUME aims at creating a validated path not only for Tidy City’s evolution, but also for numerous other projects that depend on large amounts of media data, towards a decentralised digital paradigm where users maintain sovereignty over their media contributions.

Aurora Minds represents a groundbreaking initiative aimed at addressing the need to early and accurately diagnose ADHD in children, while prioritizing data privacy and security. In a landscape crowded with assistive technologies for ADHD, this project distinguishes itself by integrating robust privacy measures at its core. Existing ADHD assistive technologies often overlook privacy and security concerns, leaving users vulnerable to data risks and profiling. To counter these challenges, AURORA MINDS implements a multi-layered security framework, including Identity Management (IdM) and Privacy-Enhancing Technologies (PETs). This approach enhances data security, strictly controls access to sensitive information, and ensures compliance with data privacy regulations.

The project leverages machine learning techniques such as federated learning and local differential privacy to protect sensitive user data during collection and analysis, aligning with GDPR requirements. Aurora Minds adopts a human-centric design approach, tailoring personal data collection from a child while s/he interacts with a serious tablet animation game to cater a unique ADHD risk assessment process.

The project benefits various stakeholders, including children, parents, educators, and clinicians. Children are examined through a specialized application supporting their behavioral unique requirements and independence. Parents receive reassurance regarding data confidentiality, gaining insights into ADHD risk assessment and relevant information to provide better support. Clinicians benefit from enhanced diagnosis capabilities, aided by qualitative and quantitative measurements. Access rights are carefully managed using the Privacy-ABCs (Privacy-Attribute-Based Credentials) approach, ensuring that each entity—child, parent, and clinician—receives appropriate access privileges.

By incorporating this proposal into the TRUSTCHAIN framework, AURORA MINDS elevates TRUSTCHAIN’s reputation by exemplifying a steadfast commitment to data privacy and security. The emphasis on PETs and federated machine learning not only bolsters data privacy but also mitigates legal risks associated with data sharing, enhancing data quality for effective decision-making.

The OIDC PRINCE project aims to enhance the privacy support in user consents used in OpenID Connect authentication and authorization processes. Nowadays the consent to access the claims about end-user and authentication events (e.g., gender, birthdate, phone number), may have associated privacy issues. Users need to be informed regarding the potential risk of providing consent for the personal information access by services/entities that may not be trusted by the user and the OpenID Provider, which is responsible to manage the authentication and authorization. OpenID PRINCE introduces the proof of privacy regulations compliance (e.g., compliance with GDPR) in the OIDC discovery and registration processes using data privacy vocabulary (DPV) specification that can be certified by entities external to the OIDC authentication process. These proofs can be stored securely in a EMV compliant blockchain. OIDC PRINCE also enables privacy analysis to assess the risk of services accessing the end-user private information. This analysis, performed by Fuzzy Logic models considers the claims which access is being requested and the profile of the service requesting the access, for instance if it is a service associated with acquisitions or a service for education and learning. OIDC PRINCE contributes to enhance the support of privacy in OpenID connect by enabling informed consents, and by minimizing the data sharing with entities that are not trusted, or that do not provide evidence of being trustworthy in terms of privacy management.

People’s privacy control over the personal data that they generate and consume while they drive modern cars is extremely weak at present. There is historical as well as recent evidence that car brands harvest a variety of personal data from drivers and, arguably, full compliance of their processing with the European General Data Protection Regulation is questionable. PECS

revolutionises modern car ecosystems for what concerns the processing of personal data. It does so by advancing, tailoring to the specific domain and, ultimately, combining together both soft and hard privacy measures. The project raises drivers’ soft privacy through the PECS interface for static and dynamic control of personal data, so that drivers can decide what to share and with whom and when, as well as follow and control the flows of data at service run time by means of multy-sensory media techniques. Hard privacy thrives in the project through a combination of obfuscation techniques including Federated Analytics, Secure Multi Party Computation and Pseudonymisation, so that drivers are enabled to keep their personal data opaque to anyone from the outset. All developments proceed from the established academic laboratories of UNICT-UNIMORE, then are demonstrated in the operational environment of MASA-UNIMORE, reaching TRL7. The PECS results stem from the open-source, open-Internet approaches, hence bear huge technical, societal and industrial impacts, bringing Europe at the forefront of data protection, at least in the automotive domain. PECS also brings forward a whole new range of business opportunities such as various forms of software support for its technologies, and of renewed car services leveraging privacy-by-design-by-default. Finally,

PECS provides the necessary grounds favouring the inception of a new breed of services that would be naturally enrooted on drivers’ sensitive data such as sexual, religious and political orientations, e.g. apps for dating, praying and debate on political topics.

WalliD and the Portuguese Blockchain and Cryptocurrencies Association (APBC) are forging a dynamic partnership to develop an advanced membership platform, poised to revolutionize the verification and credential issuance processes for Professional and Governmental Associations. Our platform will enable these associations to seamlessly verify member IDs and issue dynamic, verified credentials, all while accommodating new data updates. Crucially, this system will operate in full compliance with eIDAS regulations and adhere to the latest industry standards.

In this project, our primary approach is to leverage existing technology and established standards, ensuring accessibility for all associations.

Our comprehensive system will:

·       Verify member IDs with meticulous adherence to eIDAS regulations, harnessing the power of digital IDs and digital wallets.

·       Issue verifiable credentials in strict compliance with W3C standards and the eIDAS directive.

·       Enable user management and sharing of credentials.

·       Safeguard user data throughout the entire process, from verification to credential issuance, ensuring a secure and private environment.

With WalliD and APBC at the helm, this initiative will pioneer a new era of streamlined and secure membership management, providing associations and institutions with a powerful tool to enhance their services and compliance, while safeguarding the privacy of their members.

The DID-IMP project is building a decentralized public key infrastructure to allow any connected object to be able to deliver or procure secured and traceable data. To achieve this, Werenode is leveraging blockchain technologies to remove the need for a classical hierarchical structure with players like the Certificate Authority (CA) and the Registration Authority (RA). For DID-IMP, we replace these administrator-like trusted third parties (RA & CA) with a feeless blockchain smart contract. The blockchain is also used as a Certificate Store on which services providers can issue and manage revocable certificates and credentials. Such a lean architecture is especially well adapted for Internet of Things (IoT) Secure Automatic Data Sharing SADS. Indeed, SADS can be used in various ways to simplify and streamline data sharing processes, and to secure and trace data transfers. Some of the main use cases include:

Connected Cars: DID-IMP-enabled cars can automatically share data for tolls, parking, vehicle recharging (electricity or hydrogen), and other transportation-related processes, making the service more convenient for drivers. They can automatically deliver maintenance data with selected relevant bodies.

Remote healthcare: SADS systems can enable remote healthcare services, such as telemedicine and patient monitoring, improving access to healthcare. Sensors can also collect data on patient health and behavior and control the delivery of this data with specific accredited personas.

Cognitive Cities: IoT plays an important role in creating smarter, environment conscious and more efficient cities. Applications like smart traffic management, water and waste management, and public safety rely on secure data transfer to optimize operations and protect citizens’ data.

Energy Management: IoT devices in the energy sector, such as smart meters and grid sensors, transmit data about energy consumption and distribution. Secure data transfer helps utilities ensure data accuracy and protect against unauthorized access. It’s also a key component to be able to build local and decentralized energy communities.

And also, Smart Homes, Maintenance, Logistics…

In a nutshell, we build a Trust Chain for IoT secure data sharing, bringing better traceability to data, securing their flow and allowing companies to reduce administrative overhead, save time and money, and offer a better protected data sharing experience for final customers. Indeed, users can retain ownership and control over their IoT data while granting access to specific parties through permissioned credentials. Additionally, our SADS-enabled solution can help to manage the flow of sensitive data and the compliance to the new European and Global regulations, thanks to the native traceability features provided by blockchain technologies combined with the process proposed by this DID-IMP project, which implies a traced blockchain transaction for each data transfer, also tracking the main regulatory characteristics of the data exchanged.

The Covid-19 crisis has significantly raised the urgency for efficient use of health data beyond the healthcare providers’ borders. It has also highlighted the importance of joint European health initiatives and data-sharing scenarios, as the ones promoted by the European Health Data Space (EHDS). Data can improve patient outcomes (primary use of data) while fostering research, and accelerating the development of new health services (secondary use of data), but only if it is shared securely and reused by stakeholders. In this process, privacy must be respected, data usage control enforced and transparency ensured. Establishing the EHDS is an integral part of building a European Health Union and the GUEDHS project will pilot it, at an interregional scale. As the epidemic risks increase globally, and to fast-forward crisis preparedness and resilience, GUEHDS project will present a solution leveraging existing concepts and technologies developed for data value-sharing in respiratory infections scenario.

Promptly will bring a federated learning framework, while IPN will adapt a cybersecurity tool, for fast deployment of a Federated Network in action. This solution will enable data custodians to grant and revoke permissions on the data they control, and monitor the data used by FL tasks at the different data nodes. The testing data partners — CHUC and CHUdSA – will pilot-test GUEHDS solution within a clinical study on the epidemiological trends of respiratory viruses. This pilot will establish the ground for the Portuguese Observatory for Respiratory Diseases, an initiative that can be scaled at a European level together with Regulators (EMA) and Life Science Companies.

Imagine a world where every piece of data, every article, and every contribution has a traceable lineage. Where, instead of AI models indiscriminately assimilating vast volumes of data, every fragment has a unique identifier and provenance. ProvenAI promises such a world, aspiring to construct a Decentralised Provenance Platform tailored specifically for unstructured data. It doesn’t stop at mere identification ;  the objective is to ensure knowledge creators can trace how their content is utilised while receiving just compensation. Traditional platforms offer limited utility in the evolving realm of Generative AI and semantic searches. ProvenAI distinguishes itself by segmenting massive unstructured datasets into semantically relevant sections, ensuring only pertinent data segments respond to specific AI queries. This not only promotes data minimization but also protects against unwarranted data exposure.

In this rapidly advancing age of information, ProvenAI stands as an ally to ethical AI development and data governance. By valuing the rights of content creators and emphasising user privacy, it seeks to redefine the dynamics of knowledge acquisition and compensation in the AI sphere. With ProvenAI, we’re not just building a technology; we’re nurturing a vision where innovation aligns seamlessly with integrity, accountability, and respect for every byte of knowledge contributed. As we move forward, ProvenAI seeks to play a pivotal role in shaping a digital landscape that is both equitable and transparent, ensuring that the digital footprints of today become the trustworthy paths of tomorrow.

Amid the digital evolution, a pressing need has emerged to bolster user privacy and data governance. This is especially palpable for people forced to live in refugee camps who require robust, private, and transparent health data management. Our groundbreaking proposal, built upon the Alastria B Network, aims to redefine the way we approach these challenges. Using pioneering tools like Decentralized Digital Identity and Homomorphic Encryption, coupled with DAO structures, we offer a framework where data privacy is not just a feature but the very foundation.

While the current digital landscape offers decentralized solutions, many fail to put user privacy and data governance at the forefront. Our model diverges, ensuring every data interaction prioritizes user consent, traceability, and security. This commitment extends beyond mere encryption; it reshapes how data is stored, shared, and accessed, always keeping the user’s rights at the center.

Through consistent collaboration and feedback loops with users and stakeholders, especially those from vulnerable settings like refugee camps, we craft a solution inherently aligned with their needs. Our co-creation ethos guarantees that our framework is not only technologically advanced but also deeply empathetic, understanding, and responsive to real-world user challenges.

Moreover, our poposed framework introduces a paradigm where data sharing is both transparent and potentially beneficial for users, marrying user privacy with data governance seamlessly. This harmony between privacy and governance is pivotal in sectors beyond healthcare, finding resonance in finance, real estate, and more. Together as Hora e.V. with our industry leading members, we are able to realise a paradigm shift on how user privacy and data governance is handled in a decentralized world. Thereby, we are in sync with TRUSTCHAIN’s vision, that seeks to set a transformative benchmark