Page 58 - Redefining smart city platforms: Setting the stage for Minimal Interoperability Mechanisms - A U4SSC deliverable on city platforms
P. 58

The following goals need to be achieved:

            –  The right to have insight into what personal data are available, stored and shared by the
                providers of the applications and/or services in use.

            –  The right to change and/or delete part of, or all, personal data available, stored and shared by
                the provider of the applications and/or services in use.
            –  The setting up of a “permission arrangement” indicating the circumstances in which personal
                data are available to which parties.

            –  The requesting and maintenance of consent from the users by the providers of the applications
                and/or services, be it governmental or businesses, that attribute-based, decentralized storage
                and “revealing” of personal data attributes provides full service and access to these applications
                and/or services.

            –  The creation of a centralized authentication service that aggregates public and private identity
                providers and creates a keychain of identifiers to be used by applications.

            –  The ability to initiate or revoke the consent by the users given to the party.
            –  The right to be forgotten by services.

            –  The ability to know in full transparency what data are tracked and stored from a user.

            –  The ability to port personal data between services in different cities and communities.


            8.4.2  Capabilities


            Personal data management systems need to be able to authenticate users based on a self-provided
            identity, linking their data in full transparency and making sure that a user can manage the data
            that is collected and allow service and solution providers to access the data on the terms and
            conditions that the users decide. In some cases, these systems need to be aligned with government
            initiatives like, for example, GDPR in Europe. Users also need the ability to determine the location
            and portability of the stored data, being able to choose where to store their health, insurance, or
            mobility data.

            These PDMs need to offer a machine-readable audit function for persons (and their representatives)
            to be able to see personal data sets and activities relating to these data sets, e.g., operations
            involving aggregate data, like a search or analysis based on address/position/pseudo-ID).



            8.4.3  Recommended specifications

            –  The MyData.org initiative that allows users to select the data operator for their data.
                                                                                                   43, 44
            –  IHAN as a testbed for fair Data economy. 45







             48  Redefining smart city platforms: Setting the stage for Minimal Interoperability Mechanisms
   53   54   55   56   57   58   59   60   61   62   63