PII Access Notifications

Project Info

Nothing To See Here thumbnail

Team Members


Tristan

Project Description


We often are required to submit PII data to comply with regulations and to allow things like COVID Check-ins to be performed. Why can't we have our cake and eat it too? Provide our data but be confident that it isn't being abused?


#pii #privacy #trust #ethereum #smart contracts

Data Story


In a proof of concept COVID Check-in system, we could take the site title/address from the Current COVID Exposure Sites dataset and match it with the checkins people carry out, and demonstrate how we can make contact details available to health authorities when needed while notifying citizens that their data was used.

An Ethereum Smart Contract can guarantee that your data was not accessed if you were not notified, PROVING that your data was not used. This is the power of a trustless system.

To productionise this project an extension to the Service Victoria check-in app would be required. There would be a public/open-source component (and the Ethereum Smart Contract is public by definition). There is also potential to explore leveraging existing systems like Metamask or Veramo.


Evidence of Work

Video

Team DataSets

All Victorian SARS-CoV-2 (COVID-19) current exposure sites

Description of Use A venue check-in system would record address details, and when a new site is added to the dataset here, any checkins that match the address would be requested. The system would then run an Ethereum Smart Contract to access a decryption key to decrypt the PII in the check-in DB and also leave a record that the individual whose PII was accessed can tell it was accessed. The fact that this record does not normally exist PROVES that our data was never accessed.

Data Set

Challenge Entries

Building Citizen’s Trust in this Digital World

In order to access online services, citizens need to give their consent for their data to be used. How do you gain their trust that their data will be used appropriately?

Go to Challenge | 8 teams have entered this challenge.

Safeguarding citizens privacy and ownership of their personal data

How might we build telemetry and data insights without compromising citizen privacy?

Eligibility: Participants must use one or more datasets from Data.Vic.

Go to Challenge | 8 teams have entered this challenge.