TRAnsparency, Privacy and security for European citiZEns

TRAPEZE is a European Innovation Action with the ambitious goal of driving a cultural shift in the protection of the European data economy. It aims to achieve this by reconstructing the concepts of control, transparency and compliance through technical and methodological, citizen-first, innovations. The project will lead the way in putting often-misplaced cutting-edge technologies to practical use for the citizens.

As we witness the rise of the digital age and reap the benefits of a data-driven society, our activities, industrial processes, and research amass an unimaginable amount of data. Moreover, data from previously isolated sources are, be it intentionally or accidentally, combined and interlinked and used by companies and public bodies, big and small alike, often behind the corporate/government firewall. This “Deep Web of Data” holds huge potential for the European Digital Single Market and for business, science and society. However, its growth comes at a cost to the very society that created it – it has become immensely difficult, if not impossible, to manage and, hence, keep the data safe. In other words, this struggle for traditional businesses is both impeding progress in the EU economy and has also opened the door for cybercrime; an increasing concern for the European economy and society.

With the ever-increasing pace of data production, citizens in Europe find themselves at the mercy of those controlling the data. By May 2019, data protection authorities in the EU had received 144,376 GDPR-related queries and complaints from the European public. This is an important indicator that citizens are becoming increasingly aware of the data protection regulation, and risks relating to security and privacy. With the increasing awareness, people are taking a more active role in the protection of their own data. While awareness-raising is key in engaging all participants in the protection of citizens’ fundamental rights, a foundation of trust is essential for strengthening society’s overall cyber-resilience. The right tools and guidelines can help to support the will of the citizens and turn the fight against data misuse and cybercrime into a joint effort.

TRAPEZE is aiming to become a lighthouse for European and global initiatives that aspire to deliver citizen-first, cyber-resilient, innovation.

To make this goal a reality, TRAPEZE aims to put citizens’ security and privacy into their own hands by providing them, first of all, with innovative dashboards that will enable fine-grained and dynamic control of their data protection preferences across all relevant controllers. These will be accompanied by transparency and feedback mechanisms that will allow data subjects to comprehend the complex flows of their data and actively participate in the prevention, detection, and reporting of legal noncompliance or incidents, and in exercising their legal rights. Furthermore, to ensure citizens of all groups, skills, and physical abilities can manage and monitor their data flows, TRAPEZE will place a special emphasis on usability, but also privacy preferences and sociological aspects across different member states, seeking to establish a feedback loop with its end-users internationally. This collaboration (or co-production) will enable direct involvement of the EU citizen in the development of privacy-enhancing technologies. Additionally, to contribute to the resilience of European society, we aim to increase awareness and competence through open knowledge, gamification, and micro-learning.

TRAPEZE is significantly different from existing approaches in that it does not attempt to protect the citizen by abruptly reshaping the European digital economy. Instead, it seeks to empower the data subject, while enabling a realistic, steady, transition to a more trustworthy data ecosystem that extends beyond online services and deep into the controllers’ data silos. TRAPEZE aims to enable privacy-aware and privacy-preserving data value chains by leveraging the concepts of linked data graphs and distributed ledgers (blockchain). Linked data will be used to control the handling of the payload data (actual personal data relating to the citizen) stored and processed by controllers’, or processors’ systems, even downstream (re-sharing from controller to controller/processor) in the data value chain. Blockchain technology will ensure compliance and decentralisation of records of processing activities, as well as immutability and non-repudiation of said records (with GDPR compliance in mind). In addition, TRAPEZE aims to secure citizens’ smart terminals and online communication through a software development kit for mobile security.

TRAPEZE’s proposed architecture and tools will be developed and evaluated under real-world conditions in three pilot scenarios in government, telecommunication and IT services, and banking. All three pilots involve the processing and aggregation of large amounts of personal data from various data sources, with policies specified at different levels of granularity.

TRAPEZE is not starting from scratch, but builds on a decade of EU-funded research in security and privacy, as well as on proprietary solutions and know-how, towards marketable innovations.

Trapeze aims to:

  • bring all stakeholders together under a common resilience framework;
  • empower citizens with the necessary tools and know-how to manage their security and privacy;
  • support the acquisition of citizens’ consent at collection time and the recording of both the data and the metadata with scalable automated compliance checking in mind;
  • restore citizens’ trust in the digital economy by enforcing log integrity and non-repudiation;
    • reconstruct data lineage and implement transparency by design;
  • demonstrate its applicability in three different operating environments of the public, telecom and financial sectors.

The project includes 13 partners from seven European countries: TENFORCE (BE), ERCIM – The European Research Consortium for Informatics and Mathematics (FR), TU Berlin (DE), Informatie Vlaanderen (BE), Deutsche Telekom (DE), CaixaBank (ES), CINI – Consorzio Interuniversitario Nazionale per l’Informatica (IT), Unabhängiges Landeszentrum für Datenschutz, Schleswig-Hostein (DE), Kaspersky Lab Italia (IT), Institute Mihajlo Pupin (RS), IPSOS (BE), Athens Technology Centre (GR) and E-Seniors Association (FR).

ATC will utilize its expertise in the blockchain technologies and will lead the activities related to the blockchain infrastructure selection and deployment and off-chain module development. In addition to this, ATC will collaborate with CINI in terms of specification of concepts for data persistent policies (“sticky policies”). As industry oriented company, ATC will take the leading role in Exploitation, Business Models and Standardization activities, while coordinating the exploitation activities of TRAPEZE. This will include the identification of suitable business models, market analysis as well as business planning that will drive the key exploitable result of TRAPEZE to the market.

The project started in September 2020 and will last for 36 months.

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Consent to display content from - Youtube
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound