Let’s use this post to coordinate the efforts for applying for funding at nlnet.
These are the questions that have to be answered (in English):
- Abstract: Can you explain the whole project and its expected outcome(s). (1085/1200 characters)
privact aims to establish decentralised storage of personal data as the new normal in society. With this grant, we want to reach an important milestone of this mission.
Together with KUserFeedback, we will prototype fundamental parts of the above concect. Users get the option to store the data collected by KUserFeedback in a local database, instead of sending the raw data to KDE as it is currently done. Users will be provided with a local app that allows them to manage and grant access to their personal data.
A web service will allow KDE to create polls of this data without compromising privacy and publish the surveys. The local apps will periodically check for published surveys and indicate if they are willing to participate. Once enough participants have been enlisted, execution of the survey is performed decentralised, without the service ever getting access to personal data. Eventually, the statistical results are returned to the service and finally made available to KDE.
Thus KDE will be able to mine personal data without compromising user privacy.
- Have you been involved with projects or organisations relevant to this project before? And if so, can you tell us a bit about your contributions?
We are applying as privact e.V. - a non-profit organisation that is currently being set up. This e.V. has arisen mainly from the ashes of the polypoly project (GitHub - polypoly-eu/polyPod: Personal data store and privacy-preserving runtime environment), which worked intensively on decentralised data storage over the past few years. As pioneers, they made mistakes and polypoly went into insolvency.
With privact, we are now more focused on creating a truly open source, user-owned organisation that will enable a new ecosystem based on decentralised data storage and establish it in society.
Our team is well-positioned for this project, most noteably are:
- Felix Dahlke, the former CTO of polypoly, has been working on decentralised data storage and analysis for the last few years. He is also a long-time FLOSS contributor (e.g. adblockplus · GitLab, GitHub - emscripten-core/emscripten: Emscripten: An LLVM-to-WebAssembly Compiler).
- Björn Balazs, psychologist and UX contributor to FLOSS for more than 20 years (e.g. co-founder of OpenUsability.org, KDE Visual Design Group, LibreOffice UX/design group). He also initiated KUserFeedback.
The project is supported by the KUserFeedback maintainer.
- Explain what the requested budget will be used for?
Does the project have other funding sources, both past and present?
(If you want, you can in addition attach a budget at the bottom of the form)
The budget will mainly be used for development. If the budget allows, we would like to improve our IT situation, create a proper website, get equipment for a FLOSS fair booth and enable the participation in conferences.
We have applied for other funding, but did not receive any yet. We are also looking for more funding, as this project only covers a small, but important part of our mission.
- Compare your own project with existing or historical efforts.
There are or have been several initiatives working on the technical solution to enable decentralised storage of personal data, e.g. polypoly or dazzle.town. What these projects have in common is that they focus on the technological problem, but lack a plan for how to implement this new technology in society.
Privact fills this gap. Our overall plan is to unite these initiatives, create a common solution based on the experiences already made, and finally partner with open source projects to spread the use of the new technology. Our goal is to reach everyone and make a privacy-respecting digital life as easy as buying organic food.
At the same time, we will enable the public to benefit from personal data in order to foster open innovation. All under the full control of the user and always respecting their privacy.
As such, we see ourselves as a firestarter for the idea of decentralised personal data storage and a catalyst for the success of all the different privacy projects…
- What are significant technical challenges you expect to solve during the project, if any?)
This project is a proof of concept for one of the central pillars of privact’s plan. We will show that it is possible to mine personal data without compromising the privacy of individual users.
The main challenge is the decentralised execution of surveys. This ensures that no personal data is ever sent to the survey issuer.
A web interface will be created which
- creates new surveys and publishes them
- lets local apps check for published surveys
- creates the initial survey package
- temporarily maintains a list of particpants to coordiante survey package trafic
- receives results once execution of the survey ends
- allows access to survey results
The survey package is an encrypted database which contains anonymized personal data of particpants. This database is exchanged directly between users, with the webservice coordinating the trafic. Once the dataase contains sufficient data to execute the survey, the results are sent back to the webservice.
We want to demonstrate, that this is a viable concept.
- Describe the ecosystem of the project, and how you will engage with relevant actors and promote the outcomes?
The privact initiative is about building and uniting an ecosystem to spread the idea and technology of decentralised data storage to the whole of society. So there are a lot of actors and relevant players for the overall success. The most important thing for this grant is that the KUserFeedback maintainer (Volker Krause) supports the concept. He and others from KDE will support the development and help to bring the new KDE technology upstream. In this way, this proof of concept for privact use will already create benefits for KDE and its users.
As a proof of concept, it will help the privact initiative to reach out to other projects that can help refine and spread the new technology, which we will do at conferences, for example.
