Oppgaven er ikke lenger tilgjengelig

Customer data protection and privacy regulation in start-up companies

Start-up companies into online sales and services will face customer data related challenges. For example, they will need to start with an empty customer database and they will need to adhere to demanding customer data protection acts and privacy regulation. This project will explore these and other customer data related challenges for start-up companies, as well as identify and develop possible routes towards overcoming them. It will be based on explorative interviews with start-ups; studies of existing technologies; existing approaches to dealing with customer data and privacy; as well as prototypes to test new approaches if possible. The project is expected to contribute with a clearer understanding of these challenges and concrete guidelines for start-ups on how to deal with them.  

There are numerous ways to solve various aspects of data protection and privacy regulations, some more successful than others (see for example OpenPDS and Privacy by Design). Especially smaller start-ups must spend a large amount of time and resources to get these things right and much too often end up with ignoring securing their own and their customers’ data. As a consequence of there being lots of different solutions to this, it is hard to get a common look and feel for the customer across different systems that needs to deal with data protection and privacy and the user have to register the same data for different services over and over.

One way to address these issues is with a public/common system identifying and securing the exchange of customer data (we call it the system). Sites or various kinds of services the system can interact with will be referred to as services. There are several key questions related to such as system possible to explore further:

  • How to identify the user accurately?
  • What is the least amount of information the system and a service must exchange and store?
  • If more information is needed for a service, how can it ask the system (and user) for it?
  • Will it be possible to automate most of the negotiating of contracts?
  • How can a system ensure that the user controls if and how the service can get in contact?
  • Would it be beneficial for a service to have its own representation in the system?
  • What should be the models of ownership of a system like this?
  • How should data be organized to standardize across service providers?
  • Is it possible to construct the system in a “future proof” manner?
  • How can the system be constructed so it is easy to use for services and end-users?
  • Where should the system store data?
  • What is actually implemented already and what is missing for building the system?
  • How to reach critical mass?
  • What is needed to build a healthy ecosystem on top of the system
  • How should the system be transparent to get the necessary trust of users, developers and services?
Publisert 15. juli 2016 13:20 - Sist endret 24. okt. 2016 16:37

Veileder(e)

Omfang (studiepoeng)

60