Controlling Dataflows with a Bolt-on Data Escrow

arXiv - CS - Databases Pub Date : 2024-08-02 DOI:arxiv-2408.01580

Zhiru Zhu, Raul Castro Fernandez

{"title":"Controlling Dataflows with a Bolt-on Data Escrow","authors":"Zhiru Zhu, Raul Castro Fernandez","doi":"arxiv-2408.01580","DOIUrl":null,"url":null,"abstract":"The data-driven economy has created tremendous value in our society.\nIndividuals share their data with platforms in exchange for services such as\nsearch, social networks, and health recommendations. Platforms use the data to\nprovide those services and create other revenue-generating opportunities, e.g.,\nselling the data to data brokers. With the ever-expanding data economy comes\nthe growing concern about potential data misuse. While most platforms give\nindividuals certain control over their data (i.e., what data is being shared),\nindividuals do not know how the data will be used once shared; they cannot\ncontrol the purpose. In this paper, we introduce a data escrow design that permits individuals to\nobserve all dataflows - not just what is shared but for what purpose. Rather\nthan data flowing to the platform, the platform delegates their computation to\nthe escrow, where individuals can observe and manage their data. To make the\ndata escrow practical, we design and implement a prototype that works alongside\nthe Apple ecosystem; specifically, we retrofit the Apple SDKs with a\nprogramming interface to enable delegated computation. Our solution does not\ndepend on Apple's software and can be applied to other platforms, but building\nfor Apple lets us study the main hypothesis of our work: whether such a data\nescrow solution is a feasible alternative to today's data governance. We show\nthat our escrow prototype implementation is efficient, and we analyze the\ndataflows in real-world apps and show that the escrow's programming interface\nsupports implementing a wide range of dataflows.","PeriodicalId":501123,"journal":{"name":"arXiv - CS - Databases","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-08-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Databases","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2408.01580","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The data-driven economy has created tremendous value in our society. Individuals share their data with platforms in exchange for services such as search, social networks, and health recommendations. Platforms use the data to provide those services and create other revenue-generating opportunities, e.g., selling the data to data brokers. With the ever-expanding data economy comes the growing concern about potential data misuse. While most platforms give individuals certain control over their data (i.e., what data is being shared), individuals do not know how the data will be used once shared; they cannot control the purpose. In this paper, we introduce a data escrow design that permits individuals to observe all dataflows - not just what is shared but for what purpose. Rather than data flowing to the platform, the platform delegates their computation to the escrow, where individuals can observe and manage their data. To make the data escrow practical, we design and implement a prototype that works alongside the Apple ecosystem; specifically, we retrofit the Apple SDKs with a programming interface to enable delegated computation. Our solution does not depend on Apple's software and can be applied to other platforms, but building for Apple lets us study the main hypothesis of our work: whether such a data escrow solution is a feasible alternative to today's data governance. We show that our escrow prototype implementation is efficient, and we analyze the dataflows in real-world apps and show that the escrow's programming interface supports implementing a wide range of dataflows.

查看原文本刊更多论文

用螺栓式数据托管控制数据流

数据驱动的经济为我们的社会创造了巨大的价值。个人与平台分享他们的数据，以换取搜索、社交网络和健康建议等服务。平台利用数据提供这些服务，并创造其他创收机会，例如将数据出售给数据经纪人。随着数据经济的不断扩大，人们对潜在的数据滥用问题日益关注。虽然大多数平台都赋予个人对其数据的某些控制权（即共享哪些数据），但个人并不知道数据一旦共享后将如何使用；他们无法控制数据的用途。在本文中，我们介绍了一种数据托管设计，它允许个人监控所有数据流--不仅是共享了什么数据，还有共享的目的。与其说数据流到了平台，不如说平台将计算委托给了托管机构，个人可以在托管机构观察和管理自己的数据。为了使数据托管切实可行，我们设计并实现了一个与苹果生态系统协同工作的原型；具体来说，我们在苹果 SDK 中加装了编程接口，以实现委托计算。我们的解决方案并不依赖于苹果公司的软件，也可以应用于其他平台，但为苹果公司构建的解决方案让我们可以研究我们工作的主要假设：这种数据托管解决方案是否是当今数据治理的可行替代方案。我们证明了我们的代管原型实现是高效的，我们分析了真实世界应用程序中的数据流，并证明了代管的编程接口支持实现各种数据流。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

arXiv - CS - Databases

自引率

0.00%

发文量