Natalie Leesakul is part of the tenth cohort of the Horizon CDT and is writing up her PhD thesis which explores the legal, ethical, and organisational challenges and implications of human-robot collaboration in the context of digital manufacturing.
Last month Natalie published the chapter A Blockchain-Based Architecture to Manage User Privacy Preferences on Smart Shared Spaces Privately in the book: Data Privacy Management, Cryptocurrencies and Blockchain Technology.
Smart shared spaces, such as smart buildings, represent a fast-growing market and can benefit from several sensors that generate data which can be used to improve automatisation, increase efficiency in energy management, and optimise occupant’s comfort. Equally, the smart shared spaces pose many privacy challenges as they are equipped with sensors that can potentially be used to gather data about occupants that they may or may not feel comfortable disclosing, for example, details of their daily routine or occupancy reports of their office. Due to these challenges, it can lead to the opposite results to the optimisation of occupant’s comfort as occupants may not want to use the space due to the privacy concerns. Therefore, it is important to allow the occupants to inform their privacy settings so they feel more confident knowing that their privacy preferences are being respected. We recognise that in some spaces (e.g., shared workplaces) occupants may feel uncomfortable disclosing their preferences if their anonymity is not respected due to the lack of transparency about who can control that data. Thus, this work focuses on a decentralised system based on the SITA privacy model to provide occupants of shared spaces a way to specify and manage their privacy preferences anonymously. We propose a blockchain solution through smart contracts to control how the privacy settings are shared, ensuring that the users have full control of these records. Moreover, it allows traceability over the user’s preferences data usage. Our evaluation shows that the system performs well in regard to time and usability and it can be linked to different smart building management systems. Consequently, this work demonstrates data protection in practice as it puts in place an appropriate technical and organisational measure to safeguard the individual’s privacy by increasing transparency and accountability of smart building data management in accordance to the data protection by design and default approach under the General Data Protection Regulations (GDPR).