Ensuring and Preserving the Privacy of Individuals with a Decentralized Data Marketplace
Abstract
Corporations collect more data about their users than ever. They leave no room fornegotiation in their Terms of Service . GDPR, a new EU regulation concerning dataownership, amends this somewhat, but the users are still left with very little controlof the data they are generating.The purpose of this thesis was to create design requirements, identify relevanttechnologies for and implement a data marketplace giving the users control of theirdata.The requirements had basis in protecting personal information as defined inGDPR, avoiding techniques which Big Data enables to infer new information aboutusers, and upholding Szabo s principles of smart contracts. They were designed togive more control to the users, and the ability to negotiate their preferred Terms ofService .The most prominent identified technologies were IPFS, Ethereum, Matrix andRaspeberry Pi. A custom negotiation protocol as well as custom Multi-Agent Sys-tems (MAS) scripts were created to enable agents representing users of the data mar-ketplace.The design requirements were found to be adequate, although with room forimprovement. The identified technologies proved highly suitable, while the customMAS scripts and the negotiation protocol met some of the design requirements, butnot all. The implementation was found to be a good foundation for a future datamarketplace.The technology of today was deemed mostly ready to create a data marketplace,though with some challenges left. Proposals for future work regarding both de-sign requirements and implementation were provided, encouraging further devel-opment.