A user-centric approach for personal data management providing user with full control over his personal data and the ability to grant selective access to third parties comes with many advantages. Still it does not address the specific case of mobility data and usage-based mobility contracts between user and a third party: usage-based insurance, usage-based fares for public transportation...

How to prove a third party that mobility data controlled by a user is authentic, was not forged or partially deleted?

How to provide trusted results of queries and analysis authorized by a user on his mobility data to a third party without exposing the detail of the underlying activities and geolocation information?

GeoWallet is a user-centric platform for mobility data management providing both trust and privacy.

GeoWallet allows users to collect trusted mobility information, manage contracts with third parties and prove them mobility activities without exposing personal mobility data. GeoWallet is a trusted service based on an innovative personal data management architecture:

• Graph-based Blockchain for fully anonymized, user-manageable, unforgeable and non- repudiable mobility data storage between asynchronous IoT nodes (mobile app) and online nodes (cloud)

• Proofs for geolocation information provided - but not kept - by telecom operators

• Transparent and trusted contract management between parties and automatic execution

• Queries and analysis performed in enclaves (TEE), as per contract co-signed by user and third party, providing trusted results transparently shared with user and third party

• Self-contained and self-protected data format (user Id, mobility information, contract) preserving trust, privacy and functionalities in any environment

GeoWallet infrastructure has been fully specified, implemented and successfully tested with two insurance companies and a telecom operator on a limited set of users.

With the introduction of the Regulation (EU) 2016/679 and the need for companies to comply with ISO/IEC 27001 requirements, privacy enhancing technologies are becoming crucial for several types of enterprises. There is therefore an increasing demand for new and effective anonymizing techniques and their application in different domains with specific requirements.

Our main objective is to provide a service that allows the automatic anonymization and protection of user personal data contained in texts and voice transcriptions in compliance with the applicable legal framework.

With this aim, we intend to work on a Type 2 project for the technological development of an automated anonymizer prototype for Italian and English, to be firstly applied to two relevant use cases, and then extended to other scenarios (domain adaptation).

The use cases will involve the anonymization of 1) free text sections from customer surveys and internal reports analyzed for the evaluation of customer and employee experience; 2) linguistic resources (both written texts and audio recordings) created for companies that develop voice technologies such as STT and ASR.

The anonymization process will be carried out by means of both Deep Learning and rule-based Natural Language Processing technologies and will include common data (i.e. proper names, locations, ID numbers, phone numbers and e-mail addresses) and so-called “special categories of personal data”. This combination of technologies will allow for a more precise configuration, the immediate application of user requirements, system scalability to new relevant PII, and service improvement with the gradual collection of new documents.

The project will be implemented by CELI, an Italian company with experience in Language Technologies and AI, and ICT Legal Consulting, an international law firm specialized in the fields of ICT, Privacy, Data Protection/Security and Intellectual Property Law.

Sentinel is tackling one of the most serious problems affecting the world today: disinformation. Disinformation, and especially disinformation propagated via synthetic media like deepfakes and cheap fakes is a growing risk to the wellbeing of democracy and economic stability with losses extending upwards of $78 billion annually according to a recent University of Baltimore report. Beyond the economic impact, we are seeing firsthand the chaos and xenophobia disinformation is causing in relation to COVID-19. For example, the Kremlin has currently deployed a large-scale coronavirus disinformation campaign to sow confusion, panic and destroy confidence in the emergency response in the EU. Per an EU report1, they are playing with people's lives, have created public riots in Ukraine through coronavirus disinformation and are subverting European societies from within.

The strength of Democratic nations lies in shared values and trust in institutions but this has been continually put to the test, and because of the democratization of the technology underlying disinformation and deepfakes, we are approaching a time when the average person could create many hyper realistic news article or videos of a political figure spreading lies related to response measures against a viral outbreak with minimal effort using open source tools online, causing economic damage and even death. Sentinel has built a best in class deepfake and cheap fake detector utilized by governments and media companies, and now is looking to build out a public facing platform that would enable individuals to check if a video is a deepfake or cheap fake. This is the core product that we are looking for support with for this grant as this product will be more a public good than a commercializable product as we want to enable access to the tool to as many people as possible so that they can independently verify information.

The CASSIOPEIA project investigates how open-standard/open-source technologies can be used to create usable and transparent architectures enabling device owners to selectively collect, share and retain data from users, while delegating control of device features to the users from whom data is being obtained. Selective sharing is a critical dimension of privacy: enhancing user choice, autonomy, participation, and trust. It is the technical embodiment of respect for social contexts in information sharing. Moreover, “privacy-by-default and -design” is the law of the land, but there are few examples of what that actually means aside from basic ideas of confidentiality and limited conceptions of transparency. The CASSIOPEIA project will provide a proof-of-concept for policymakers, technologists and the public showing how privacy-by-design can mean enhanced informational control - focusing on sharing rather than hiding data.

A human-centric conception of data sovereignty and sharing, allows flexible sharing and delegation arrangements that reflect the dynamics of social relations. More importantly, considering the trend of Amazon and Google becoming gatekeepers to the smart home, there is a real danger that these giants will have tremendous power over the nature of data sharing and device control.

Through the use case of a person wanting to rent their home on Airbnb, we will build a technical demonstration that illustrates selective sharing and feature delegation, granular consents, transparency, and non-repudiation. These technical architectures will be built on open standard and open-source technology, enabling a wider range of sharing styles and a more holistic conception of privacy. CASSIOPEIA demonstrates ways of bootstrapping trust at the protocol level by implementing existing and emerging protocols and markup languages. It focuses on trust and reliability by working with technologies that create controls to share data in ways that users actually want, doing so in a secure, transparent manner.