Do we consent to our data being used, restrict it or reject it entirely? Every day, we are met with this question either in this form or a similar one when we go to use websites, apps or other internet applications. But what exactly happens when we click “Accept” often remains hidden and can leave us feeling uneasy. What is happening with my data in the background, what doors am I opening with regard to further processing and for what purposes?
Often, companies need user data to enable them to provide the services that users have requested. Yet users have misgivings and concerns about what happens with their data. Over the last three years, the Fraunhofer Institute for Industrial Engineering IAO, the Institute of Human Factors and Technology Management IAT at the University of Stuttgart and other partners from research and business have been involved in two major research projects concerning how companies can be supported in using personal data in accordance with the law and how they can offer their customers more transparency and simple intervention options. In its role as project coordinator, Fraunhofer IAO has contributed the perspectives of users in studies and surveys. In addition to addressing legal and technical aspects, the primary focus of the projects was on designing the user experience, i.e., the interaction experience, in such a way that users retain control over their own data at all times. “People want user-friendly solutions such as a traffic light system that enables them to identify at a glance whether their data is being used in line with their preferences,” says Rachelle Sellung, a research scientist at Fraunhofer IAO.
TESTER: a privacy assistant for digital self-measurement
Health apps are an important use case for highly sensitive personal data. Alongside Actimi GmbH, which offers a platform for health data, the researchers in the TESTER joint research project on the self-determined design of digital self-measurement have developed a privacy assistant that supports the self-determined use of data from the self-measurement. This enables app users to maintain a constant overview of what health data is being saved and where, and what it is being used for. Where necessary, they can also step in if data needs to be handled in a more restrictive manner.
PERISCOPE: business models with privacy protection in line with European standards
The aim of the “Privacy-friendly business models for the platform economy” (PERISCOPE) project was to implement privacy protection in accordance with the high European standards for data-driven platform business models. The GDPR-compliant personal rights management system developed as part of the project supports businesses such as startups and small and medium-sized enterprises (SME) to put privacy-friendly business models in place.
On October 9, 2024, interested parties have the opportunity to try out the solutions that have been developed for themselves using demonstrators and to find out more about the projects and their results firsthand from the researchers. At the “Digital Sovereignty and Data Protection” symposium in Stuttgart, Dr. Ayten Öksüz from consumer association Verbraucherzentrale NRW e.V. will also be giving a keynote speech.
Fraunhofer Institute for Industrial Engineering IAO