US20240020411A1 - System and Method for Decentralized, Controlled, and Managed Consumer Personal Data - Google Patents
System and Method for Decentralized, Controlled, and Managed Consumer Personal Data Download PDFInfo
- Publication number
- US20240020411A1 US20240020411A1 US18/369,800 US202318369800A US2024020411A1 US 20240020411 A1 US20240020411 A1 US 20240020411A1 US 202318369800 A US202318369800 A US 202318369800A US 2024020411 A1 US2024020411 A1 US 2024020411A1
- Authority
- US
- United States
- Prior art keywords
- data
- application
- consumer
- profile
- enterprise
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims description 41
- 238000001914 filtration Methods 0.000 claims abstract description 10
- 238000007726 management method Methods 0.000 description 32
- 230000015654 memory Effects 0.000 description 10
- 230000008569 process Effects 0.000 description 9
- 230000002776 aggregation Effects 0.000 description 8
- 238000004220 aggregation Methods 0.000 description 8
- 230000015572 biosynthetic process Effects 0.000 description 8
- 238000013500 data storage Methods 0.000 description 8
- 230000010354 integration Effects 0.000 description 8
- 238000003786 synthesis reaction Methods 0.000 description 8
- 230000000007 visual effect Effects 0.000 description 8
- 230000007246 mechanism Effects 0.000 description 7
- SQMWSBKSHWARHU-SDBHATRESA-N n6-cyclopentyladenosine Chemical compound O[C@@H]1[C@H](O)[C@@H](CO)O[C@H]1N1C2=NC=NC(NC3CCCC3)=C2N=C1 SQMWSBKSHWARHU-SDBHATRESA-N 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 238000013475 authorization Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 4
- 230000008520 organization Effects 0.000 description 4
- 238000013523 data management Methods 0.000 description 2
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000003058 natural language processing Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 101150058395 US22 gene Proteins 0.000 description 1
- 230000004931 aggregating effect Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 239000004744 fabric Substances 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000037406 food intake Effects 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 229960005486 vaccine Drugs 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60R—VEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
- B60R1/00—Optical viewing arrangements; Real-time viewing arrangements for drivers or passengers using optical image capturing systems, e.g. cameras or video systems specially adapted for use in or on vehicles
- B60R1/02—Rear-view mirror arrangements
- B60R1/06—Rear-view mirror arrangements mounted on vehicle exterior
- B60R1/078—Rear-view mirror arrangements mounted on vehicle exterior easily removable; mounted for bodily outward movement, e.g. when towing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
Definitions
- the present disclosure creates a network of data creators (digital consumers) and data consumers (enterprises) where aggregation of data happens at the source and sharing happens at the synthesis level.
- This disclosure creates innovation in multiple areas including:
- the present disclosure further includes a method establishing an abstraction and filtering of sensitive, personal and secure data between an end-point networked device/interface of a digital consumer(DC) and an end point of a networked device/interface of an Enterprise(EU) through a secure data network management capability the Operating Fabric(OF).
- the DC registers with the OF obtaining their unique identity obtaining the filtering capability on their end point device/interface, this filtering capability allows the DC to engage digitally across a wide variety of websites and applications providing digital services by the EU to the DC.
- This filtering capability while filtering out the information that is not essential to the digital transaction between the DC and EU, also obtains a copy of the data footprint that is transmitted into the DC secure Data Vault, in addition all historical information collected and stored by the EU of the DC is automatically downloaded and copied into the secure data vault. This information collecting and storing the historical and transactional data of a DC from the EU creates a holistic copy (or close to) digital footprint of the DC.
- the EU to obtain insights about the DC can create a query requesting for data synthesis without the need for a copy of the data.
- This query gets transmitted to the OF and upon the consent of the DC to share the data synthesis to the EU or the type of, a synthesis (usually a binary value) is created by the DC data vault and transmitted back to the OF.
- the aggregation of the information collected through this mechanism is sent back to the EU by the OF without the identity or a copy of the data elements.
- Digital Enterprises today are challenged with how they will engender digital trust with their digital consumers while both balancing their business growth needs through lean data science and reducing their risks due to data breaches and compliance.
- This disclosure focuses on creating a copy of the individual's digital footprint at the source (i.e., personal data vault).
- This personal data vault will organically create the first Consumer 360 at source using a combination of privacy protocols, metadata and immutability to ensure the quality of the data, is secure and holistic.
- a system for protecting personal information data comprising: a private blockchain or distributed ledger, comprised of a first plurality of blocks, wherein each of the first plurality of blocks represent a personal data vault for storing personal information data; a public blockchain, comprised of a second plurality of blocks, wherein each of the second plurality of blocks represents a public profile for each user, associating the user of each of the second plurality of blocks with the same user of the first plurality of blocks; and a metadata filtering device, configured to match personal information data from an inputted data stream of personal information data with prestored metadata fields, and producing personal information data tagged with an associated metadata tags.
- a system where a block from the first plurality of blocks associated with a user of the private blockchain/distributed ledger is further configured to store personal information data for each user as filtered by the metadata tags and the associated metadata tags.
- a system that restricts access to the personal information data stored in the personal data vault of the user associated with the personal data vault.
- a method of an enterprise enabling a digital consumer data network registration comprising the steps of: transmitting a data subject rights request from an enterprise to an application for a digital consumer, receiving a signal from the application for the digital consumer indicating the consumer opts into the subject rights request; creating a private profile based on the signal from the application for the digital consumer; creating a public profile from the application for the digital consumer; registering the public profile with a data network for the enterprise; and setting privacy preferences for the digital consumer based on settings from the application for the digital consumer.
- a method where the private profile is a block on a private blockchain or distributed ledger.
- a method where the public profile is a block on a public blockchain.
- a system for registering a digital consumer data network comprising: a processor; and a memory operatively coupled to the processor, wherein the memory stores instructions that when executed by the processor cause the processor to: transmit a data subject rights request from an enterprise to an application for a digital consumer; receive a signal from the application for the digital consumer indicating the consumer opts into the subject rights request; create a private profile based on the signal from the application for the digital consumer; create a public profile from the application for the digital consumer; register the public profile with a data network for the enterprise; and set privacy preferences for the digital consumer based on settings from the application for the digital consumer.
- a method of managing consumer privacy comprising the steps of: opening a privacy rights management application; selecting an application from the privacy rights management application; loading a privacy preference from a privacy profile for the privacy rights management application; retrieving a data determined by the privacy preference associated from the application; storing the retrieved data in a private storage medium for the privacy rights management application; and transmitting a signal to the application to delete the retrieved data from the application.
- a method where the private storage medium is a block of a private blockchain or distributed ledger.
- a system for managing consumer privacy comprising: a processor; and a memory operatively coupled to the processor, wherein the memory stores instructions that when executed by the processor cause the processor to: open a privacy rights management application; select an application from the privacy rights management application; load privacy preference from a privacy profile for the privacy rights management application; retrieve a data determined by the privacy preference associated from the application: store the retrieved data in a private storage medium for the privacy rights management application; and transmit a signal to the application to delete the retrieved data from the application.
- a method for creating a private consumer profile comprising the steps of: loading a pre-configured privacy profile defining the types of personal information a user desires for the private consumer profile; identifying a third-party application that stores the types of personal information the user desires for the private consumer profile; using the pre-configured privacy profile to generate data subject rights requests for the third-party application; transmitting the data subject rights requests to the third-party application requesting retrieval of the personal information and deletion of the personal information; and populating the private consumer profile with the personal information.
- a method where the private consumer profile is stored on a block of a blockchain In an embodiment of the present disclosure, a method where the private consumer profile is stored on a block of a blockchain.
- a system for managing consumer privacy comprising: a processor; and a memory operatively coupled to the processor, wherein the memory stores instructions that when executed by the processor cause the processor to: load a pre-configured privacy profile defining the types of personal information a user desires for the private consumer profile; identify a third-party application that stores the types of personal information the user desires for the private consumer profile; use the pre-configured privacy profile to generate data subject rights requests for the third-party application; transmit the data subject rights requests to the third-party application requesting retrieval of the personal information and deletion of the personal information; and populate the private consumer profile with the personal information.
- a method of obtaining query results from distributive sources comprising the steps of receiving a data query; parsing the data query into a plurality of ordered nested data queries; and transmitting a first of the ordered nested data queries to a plurality of storage mediums.
- a method for obtaining query results from distributive sources comprising the steps of receiving from each of the plurality of storage mediums a signal whether data stored in the associated storage mediums matches the first of the ordered nested data queries; aggregating the plurality of storage mediums that returned the signal indicating an affirmative match with the first of the ordered nested data queries, creating a subset of the plurality of storage mediums; and outputting a query based on the subset of plurality of storage mediums.
- a method where the plurality of storage mediums are blocks on a blockchain the plurality of blocks on the blockchain associated with a plurality of consumer data vaults on a one-to-one basis.
- a system for obtaining query results from distributive sources comprising: a processor, and a memory operatively coupled to the processor, wherein the memory stores instructions that when executed by the processor cause the processor to: receive a data query; parse the data query into a plurality of ordered nested data queries; and transmit a first of the ordered nested data queries to a plurality of storage mediums.
- a system that collects information from multiple parent nodes to a child node, the implementation of which can be expanded across multiple parent-child relationships.
- the child node is typically associated with a digital user.
- a node could stand alone or be a part of multiple nodes associated with a digital user engaged with multiple parent nodes to typically send information for the purpose of a digital transaction.
- a system that creates consumer 360 through organic and inorganic means for a digital consumer by reversing the current dataflows for data storage as widely used by digital services by an enterprise, including a distributed ledger, comprised of a first plurality of blocks, wherein each of the first plurality of blocks represent a personal data vault for storing personal information data, a public blockchain, comprised of a second plurality of blocks, wherein each of the second plurality of blocks represents a public profile for each user, associating the user of each of the second plurality of blocks with the same user of the first plurality of blocks, a data trickle configured to obtain personal data associated with the user from an enterprise-side data service of the enterprise, for storage in the personal data vault, wherein the system is configured to delete the personal data associated with the user from the enterprise-side data service upon storage of the personal data in the personal data vault.
- a distributed ledger comprised of a first plurality of blocks, wherein each of the first plurality of blocks represent a personal data vault for storing personal information data
- FIG. 1 depicts a system that can be used in implementations of the present disclosure.
- FIGS. 2 - 5 depicts a consumer application that can be deployed on a client computing device according to a disclosure of the present invention.
- FIGS. 6 A- 6 B depicts an enterprise application that can be deployed on an enterprise computing device according to a disclosure of the present invention.
- FIG. 7 depicts a decentralized consumer data ecosystem according to an implementation of the present disclosure.
- FIG. 8 depicts a method for enterprise-enabled digital consumer data network registration according to an implementation of the present disclosure.
- FIG. 9 depicts a method for privacy and consumer data management according to an implementation of the present disclosure.
- FIG. 10 depicts a method for data aggregation and creation of a consumer data profile according to an implementation of the present disclosure.
- FIG. 11 depicts a method for data synthesis exchange according to an implementation of the present disclosure.
- FIG. 12 depicts a block system diagram for implementation of the claimed system according to an embodiment of the disclosure.
- FIG. 13 depicts exemplary mechanisms by which enterprises generate Data Requests according to an embodiment of the disclosure.
- FIG. 14 depicts a flow chart of an implementation of the public blockchain, wherein the identity management is reverse mapped to the identities of the enterprises holding consumer information according to an embodiment of the disclosure.
- FIG. 15 depicts a flow chart of an implementation of the private blockchain, wherein the users' private consumer data is mapped to private data vaults, according to an embodiment of the disclosure.
- FIG. 16 depicts an exemplary extensible implementation of the disclosed system according to an embodiment of the disclosure.
- FIG. 1 depicts an example system 100 that can be used in implementations of the present disclosure.
- the example system 100 includes a plurality of client computing devices 102 - 110 , each of the computing devices being associated with one of consumer users 120 a - 120 e , respectively.
- Individual consumer users 120 a - 120 e may be referred to as user 120 or consumer 120 .
- User 120 may also be an entity, such as an enterprise, that may generate data about the characteristics of the entity.
- Client computing devices 102 - 106 (singularly referred to as client computing device 102 or portable device 102 ) may be implemented in the form of smartphones, tablets, smartwatches, IOT (Internet of things) endpoints including smart cars, smart fridges, smart meters or other portable handheld computing devices.
- IOT Internet of things
- Client computing devices 108 - 110 may be implemented in the form of a desktop computer, laptop computer, or other similar devices.
- the system 100 also includes a network 114 , and a computing system 112 .
- the computing devices 102 - 110 and the computing system 112 can communicate with each other through the network 114 .
- the computing system 112 can include one or more computing devices 116 (e.g., one or more servers) and one or more computer-readable storage devices 118 (e.g., one or more databases that could be local to the end point or another client node purely for the purpose of storage).
- the system 100 may also include enterprise computing devices 130 - 132 , each of the enterprise computer devices being associated with one of enterprise 140 a - 140 b .
- Individual enterprises 140 a - 140 b may be referred to as enterprise 140 .
- Enterprise computing devices 130 - 132 may be implemented in the form of a smartphones, tablets, smartwatches, or other portable handheld computing devices, or a desktop computer, laptop computer, or other similar device.
- Client computing devices 102 - 110 , computing system 112 , and enterprise computing devices 130 - 132 may be connected to network 114 though LAN, Wi-Fi. DSL, fiber, broadband, or other wired or wireless connections, or combinations thereof.
- Client computing devices 102 - 110 , computing devices 116 , and enterprise computing devices 130 - 132 may each contain one or more memories for storing instructions for execution by a processor, and one or more processors for executing the instructions.
- FIG. 2 depicts a consumer application 300 that can be deployed on a client computing device 102 according to a disclosure of the present invention.
- Consumer application 300 may be implemented as a super app, container, browser, browser plugin or by a service integration which can be used to provide controls or instructions to other applications on portable device 102 .
- User 120 can access consumer application 300 through a signup 301 feature, which may require user 120 to provide personal information such as a phone number or email address, along with a password, to create a user profile. The user 120 may then access the consumer application through login 302 .
- the integration with the ecosystem may happen through a hardware connectivity associated with the users.
- FIGS. 3 A- 3 B depict a consumer application 300 that can be deployed on a client computing device 102 according to a disclosure of the present invention.
- the application 300 After logging into application 300 , the application 300 will display a home screen for the application 300 .
- the home screen may contain profile interface 304 , home screen interface 306 , monetization feedback interface 308 , notifications interface 310 , data providing applications 312 , application interface 314 , vault interface 316 , leaderboard interface 318 , profile interface 320 , and money earned interface 322 .
- Profile interface 304 and profile interface 320 may provide access to a user profile display.
- the user profile display may display on application 300 .
- the user profile display may contain a listing of the user personal information, such as the phone number or email address used to create a user profile, including the ability to change the same.
- the user profile display may also provide preference and setting for the application 300 .
- the user profile display may also provide links to payment sources, such as a bank account, cryptocurrency account, or other sources of value for funding the queries that are run to get the required analytics or insights from the users that wish to share their information.
- Home screen interface 306 may permit the user 120 of application 300 to return to the home screen display of application 300 , as shown in FIG. 3 A , from another display within the application 300 , such as the profile display, the leaderboard display, and the user data vault display 328 , as shown and described in FIG. 5 .
- Monetization feedback interface 308 may provide visual feedback to users 120 of application 300 as to the amount of money earned by the user 120 through the usage of application 300 .
- the $120 figure represents a total amount of money earned over a set period of time.
- the set period of time may be the current day, week, month, year, or other time interval as set by the application 300 .
- the +1.00 figure represents an amount of money earned in a second time internal, typically shorter than the other period of time, such as the last 10 minutes or the last time the user 120 accessed application 300 .
- Notifications interface 310 provides a visual feedback to user 120 of application 300 of alerts or notices from the application 300 .
- the alerts or notices may include feedback to user 120 .
- Exemplary data providing applications 312 are shown in FIGS. 3 A- 3 B , which may include social network applications, such as Facebook®, Twitter®, and Snapchat®, media applications, such as YouTube® and Vine®, health applications, such as MyFitnessPal®, and financial applications, such as Bank of America®.
- the data providing applications 312 are not limited to the data providing applications shown in FIGS. 4 A- 4 B or listed here.
- Data providing applications 312 may include any downloadable application that collects or uses personal information, such as personal/consumer information defined under GDPR. CCPA, PDP. POPI Act or other variations as defined by various states, countries or unions. Adding, removing, or otherwise modifying the data providing applications 312 may be achieved through the apps interface 314 .
- Vault interface 316 may provide access to the user data value display 328 as shown in FIG. 5 and discussed further below.
- Leaderboard interface 318 may provide access to a leaderboard display on application 300 .
- the leaderboard display may provide a listing of users 120 of application 300 .
- the listing of other users 120 may be shown in rank order in the amount of money earned through usage of application 300 .
- the leaderboard may also provide a filter of the other users to list only other users selected by a user 120 (such as a friend list), or by geographic region, or another filter.
- Money earned interface 322 may provide a graphical depiction to users 120 of application 300 as to the amount of money earned by the user 120 through the usage of application 300 .
- An exemplary money earned interface 322 is shown in FIG. 3 B , providing visual feedback to users 120 of application 300 of the amount of money earned each month over a set number of months.
- Money earned interface 322 may provide other time-based visual feedback on money earned by the user 120 through the usage of application 300 .
- FIGS. 4 A- 4 B depict a further feature of a consumer application 300 that can be deployed on a client computing device 102 according to a disclosure of the present invention.
- FIGS. 4 A- 413 depict an exemplary data providing application 312 , and as shown is Facebook data providing application 324 . If user 312 enable Facebook data providing application 324 , user 120 may use data permission toggles 326 that may grant or deny permission by the user 120 to share personal data with the data providing application 312 .
- Personal data may include any information that relates to an individual who can be directly or indirectly identified. Personal data may include data determined by law to be personal information, such as personal information defined by GDPR or CCPA.
- FIGS. 4 A- 4 B further include exemplary data permission toggles 326 , such as orders, services, interested cities, cites checked in, pictures 13 tagged in, and location.
- Each data permission toggle 326 represent a data feed that capture information about user 120 , so user 120 can tell which information user 120 wants to collect, which information user 120 want to share and user 120 decides not to share.
- Each data permission toggle 326 may correspond with a data field of personal information collected by a data providing application 312 .
- FIG. 5 depict a further feature of a consumer application 300 that can be deployed on a client computing device 102 according to a disclosure of the present invention.
- vault interface 316 may provide access to the user data value display 328 , the user 120 may be able to select what categories of personal information the user 120 wants to share or get back with data providing applications 312 .
- Exemplary categories of personal information are shown in FIG. 5 , such as “Entertainment”, which would relate to personal information about the entertainment preferences of user 120 .
- Toggles may be provided under the categories of personal information.
- Exemplary toggles are shown in FIG.
- toggle 5 such as a toggle for the “Entertainment” category, and toggles for “movie wishlisted”, “movies watched”, and “TV Shows Watched.”
- consumer application 300 will grant permission to share information collected from data providing applications 312 that indicate which movies user 120 has watched and share them with enterprises that query for personal information.
- User data value display 328 may also include an option to turn off and on all toggles in one category together or each toggle separately.
- user 120 may access consumer application 300 though a web browser or a plug-in for a web browser. Through the web browser or a plug-in for a web browser, user 120 may access the same functions as shown in consumer application 300 .
- FIGS. 6 A- 6 B depict an enterprise application 400 that can be deployed on an enterprise computing device 130 according to a disclosure of the present invention.
- the enterprise application 400 After logging into enterprise application 400 , the enterprise application 400 will display a home screen for the enterprise application 400 .
- the home screen may contain profile interface 404 , home screen interface 306 , notifications interface 410 , available balance indicator 412 , query interface 414 , recent query interface 416 , home screen interface 418 , trending query interface 420 , community interface 422 , and profile interface 424 .
- Profile interface 404 and profile interface 424 may provide access to an enterprise profile display.
- the enterprise profile display may be shown on enterprise application 400 .
- the enterprise profile display may contain a listing of the enterprise personal information, such as the phone number or email address used to create an enterprise profile, including the ability to change the same.
- the enterprise profile display may also provide preference and setting for the enterprise application 400 .
- the enterprise profile display may also provide links to payment sources, such as a bank account or cryptocurrency account for funding the queries that are run to get the required analytics or insights from the individual users. This transfer of value could also be in terms of digital rewards or services that is deemed agreeable between the participants.
- Home screen interface 406 and home screen interface 418 may permit the enterprise 140 of enterprise application 400 to return to the home screen display of enterprise application 400 , as shown in FIG. 6 A , from another display within the enterprise application 400 , such as the profile display, the trending query display 430 , and the community display.
- Available balance indicator 412 shows how much funds are available for performing queries through enterprise application 400 . Amounts may be deducted from the available balance after performing queries, as described below.
- the enterprise 140 of enterprise application 400 may use the query interface 414 to generate queries of the characteristics of the users 120 or other business shared information of application 300 .
- Enterprise 140 may input a query such as “Users who went to Inox Koramangala” into query interface 414 to initiate the process of generating a report on the users 120 who went to Inox Koramangala.
- a number of the most recent queries performed by enterprise 140 of enterprise application 400 may be shown in recent query interface 416 .
- Enterprise application 400 may use system 1000 , as shown in FIG. 12 and described below, to perform natural language processing on the queries inputted at query interface 414 to determine relevant fields for searching. Examples of relevant fields identified by the natural language processing on the inputted queries ae highlighted in recent query interface 416 .
- An enterprise 140 that selects trending query interface 420 may display trending query display 430 , as shown in FIG. 6 B .
- Trending query display 430 may provide query visual feedback 426 , which may show an aggregation of queries made across a number of enterprises 140 over a set time period. For example, query visual feedback 426 may show the number of queries all enterprises 140 have requested over the past week, as broken out by day. Query visual feedback 426 may also show queries performed per year, per month, per day, and per hour. Query visual feedback 426 may also queries performed by enterprises 140 in a certain region, such as a country or a state.
- Trending query display 430 may also provide a trending query list 428 , which shows queries that have significant interest from across all enterprises 140 using enterprise application 400 over a set time interval. Trending query list 428 may be used to determine current query trends across all enterprises 140 or over a certain type of enterprise 140 .
- An enterprise 140 that selects community interface 422 may display a community interface display.
- the community interface display provide a list of subsets of users 120 based on demographics of users 120 .
- enterprise 140 may access enterprise application 400 though a web browser or a plug-in for a web browser. Through the web browser or a plug-in for a web browser, enterprise 140 may access the same functions as shown in enterprise application 400 .
- This interface could also be integrated with other software applications that specialize in query or analytics management through an API/service mechanism.
- FIG. 7 depicts a decentralized consumer data ecosystem according to an implementation of the present disclosure.
- a consumer profile 301 may be created through user-provided user information by the consumer, such as the consumer's phone number or the consumer's email, with a password.
- the system 1000 creates a record of the consumer profile 301 based upon the consumer's inputted information, creating a security profile.
- the data for the consumer profile 502 is outputted as credentials to step 504 .
- the outputted credentials are utilized to create a session to ensure that it is a valid session.
- Data for the consumer profile at step 502 may also be outputted to step 508 , which may be used to create a profile for the user 120 .
- user 120 logins into application 300 through user profile 301 at credential entry 302 , selects the data providing applications 312 the user 120 wants to include in application 300 data privacy profile.
- User 120 may select the data providing application(s) 312 from a list of data providing application(s) 312 compatible with application 300 . After selection of the data providing application(s) 312 , those data providing application(s) 312 are now registered as a part of the application 300 portfolio.
- the user 120 may configure which information the user 120 want to capture, and which information the user 120 wants to store in system 1000 .
- the user may utilize the function of application 300 by adjusting data permission toggles 326 as shown and discussed in FIGS. 4 A- 4 B . Adjusting data permission toggles 326 alter the application filters on either a field level, application level, industry domain level, or metadata level.
- the user 120 may be able to adjust a course level or fine grain of security in the application 300 depending on what personal data the data providing applications 312 may collect and the data user 120 wants to share.
- Step 506 output is a security profile for user 120 being created and attached to the consumer profile for user 120 for use in step 512 .
- an entity profile is created.
- An entity profile may be created from a consumer profile from a user 120 at step 502 or an organization profile from an enterprise 140 at step 536 .
- the data for the entity profiles are then stored in a profile storage medium at step 524 .
- the result of step 524 is the creation of a consumer data profile of the consumer profile 502 for a user 120 and an enterprise data profile from the organizational profile at step 532 .
- the profile storage medium of step 524 may be any suitable data storage used as part of system 1000 .
- An example of a suitable data storage for the profile storage medium may be implemented as a public blockchain such as Ethereum.
- a portion of the consumer data profile may be stored on a public blockchain, and in particular the portion of the consumer data profile concerning management of that consumer data to ensure immutability and consensus to enable identity and transaction management.
- the consumer data profile of the consumer profile from a user 120 may be stored in a personal data vault at step 516 .
- the enterprise data profile of the organizational profile from an enterprise 140 may be stored in an enterprise data vault at step 518 .
- Each enterprise 140 may have its own enterprise data vault at step 518 .
- the personal data vault and the enterprise data value may each be stored in a suitable data storage medium either local or over a network, attached to a private blockchain or distributed ledger, accessible by the user 120 and the enterprise 140 , respectively.
- An example of a suitable private blockchain or distributed ledger may be the use of a distributed ledger from AWS called QLDB or broader footprint using IBM-Hyperledger, R3-Corda or Enigma blockchains.
- the user profile 301 for application 300 may be associated with a bank account, cryptocurrency account, or other financial account or device.
- the linking may be accomplished through data inputted by the user 120 during the creation of user profile 301 .
- the organization profile from an enterprise 140 may be associated with a bank account, cryptocurrency account, or other financial account or device.
- the linking may be accomplished through data inputted by the enterprise 140 during the creation of enterprise profile 401 .
- selected personal data will begin trickling through system 1000 .
- the selected personal data may be sent to a portion of system 1000 that contains metadata storage device at step 526 .
- the data being sent through data trickle at step 512 is determined in part by the data providing applications 312 , which may be nearly a complete set of data as provided by the data providing application 312 .
- all of the data feeds from Facebook that are exposed by the data providing application 312 include approximately 180 unique data feeds (subject to change at Facebook's direction), represent the potentially collectable data from data providing application 312 .
- the selected personal data from the data trickle at step 512 is filtered for the metadata that determines the type of personal data the data trickle is providing, and then the metadata of the personal data is then mapped to predetermined metadata fields as determined in the metadata store at step 526 .
- the metadata is filtered to determine if the metadata personal data is a location or a city, or that it is media information.
- the personal data is then populated into the personal data vault at step 516 , which includes the use of a storage medium for storing the personal data associated with the filtered metadata.
- the metadata of the personal data is mapped to metadata fields by having a structure identifying how specific type of personal data is structured, such as how a location data looks, how demographic data looks, how something else looks.
- the metadata may be mapped by utilizing 16+ different superstructures that identify what those data structures actually look like.
- System 1000 may take the raw data received from the data trickle, map the data to the particular structure and stored as relevant consumer data.
- the personal data vault of system 1000 is provided with the data filtered against the metadata store at step 526 .
- Each consumer profile may have its own personal data value at step 516 .
- the personal data vault may be implemented on any suitable storage device, such as a local hard drive of user 120 , a storage medium on the client computing device 102 - 110 , a user-designated cloud storage device, an on-premises storage device or a cloud-based storage device provided by system 1000 .
- Personal data vaults may have instances of consumer take or enterprise take for access over a network.
- enterprise 140 may create an organizational profile 401 for the enterprise 140 using enterprise application 400 .
- An organizational profile 401 may be created through enterprise-provided enterprise information by the enterprise, such as the enterprise's phone number or the enterprise's email, with a password.
- the system 1000 creates a record of the organizational profile 401 based upon the enterprise's inputted information, creating a security profile.
- the data for the organizational profile 401 is outputted as credentials to step 532 .
- the outputted credentials are utilized to create a session to ensure that it is a valid session.
- Data for the organizational profile 401 at step 536 may also be outputted to step 508 , which may be used to create a profile for the enterprise 140 .
- an enterprise 140 using enterprise using enterprise application 400 makes an analytics query.
- the analytics query is used by the enterprise 140 to obtain information on users 120 that meet the criteria of the inputted query. Examples of inputs for the analytics query at step 538 include characteristics of users, such as location, gender, age, and interests.
- the analytics query generated at step 538 is outputted to query management at step 514 .
- the analytics query at step 538 may be sent to step 514 and step 520 through homomorphic encryption or other suitable encryption. Further examples of an analytics query at step 514 are described below in FIG. 11 .
- the value realization could at a minimum be in the form of digital rewards like a car service from an automotive manufacturer, a decrease in interest rate from a mortgage company to actual transfer of cash/crypto currency between the participants.
- digital rewards like a car service from an automotive manufacturer
- a decrease in interest rate from a mortgage company to actual transfer of cash/crypto currency between the participants.
- it is defined by a participation level mapped to the digital reward tiers by the organization as to one time or a long-term relationship.
- the system 1000 performs a data snap process for determining the personal data vaults from step 516 that meet the criteria generated by the query management at step 514 .
- the system at step 520 will take the nested queries generated at step 514 and return a subset of “1s” representing the count of personal data vaults that meet the criteria for the first nested query.
- the process will repeat for each of the nested queries until all nested queries are completed, return a subset of “1s” representing the total count of the personal data vaults or profiles represented by the data vaults that meet the criteria for each subsequent nested query.
- the system 1000 will aggregate all of the “1s” at step 520 .
- the results of the data snap process are outputted to step 522 to generate an analytics report and to step 528 to generate a secret contract.
- the analytics report at step 522 provides a count of the number of users 120 that meet the criteria for analytics query generated at step 528 .
- the analytics report may provide a multidimensional report on the number of users 120 that meet each of the unique sub-queries.
- the analytics report/data set generated at step 522 may be stored in the enterprise profile at step 524 of the enterprise that generated the analytics query for the report.
- the secret/smart contract establishes a transaction endpoint between an enterprise 140 that makes an analytics query from step 538 , and the users 120 of the personal data vault(s) 516 that are participating in providing that information and house that information.
- the value of the query will be deducted from the account associated with the enterprise 140 and added to accounts associated with users 120 .
- the enterprise will take the payment total for the analytics query from step 538 and divide the payment total between the identities of the users 120 that are returned by the query at step 530 .
- enterprise pays $1,000 for an analytics query and a thousand personal data vaults are providing that data then $1 may be distributed for each of the users 120 that are returned by the query at step 530 .
- the identities of user 120 are maintained anonymously to the enterprise 140 , while still permitting the exchange of information and financial payments between the enterprise 140 and users 120 .
- enterprise 140 can monetize its created analytics reports from step 522 stored in the profile at step 524 associated with the enterprise 140 . For example, if enterprise 140 has entered an analytics query at step 538 , generating an analytics report at step 522 , enterprise 140 has already received the analytics report in exchange for payment given through the secret contract at step 528 . Enterprise 140 can configure its previously generated analytics reports at step 534 for sharing with other enterprises for certain payment.
- the previously generated analytics reports or the holistic dataset of other enterprises may not be shared in an embodiment.
- the other enterprises may define their query based on metadata elements of the data that is being made available either through an individual or an enterprises dataset which is used to source from the appropriate source.
- the previously generated analytics reports may be published holistically for other enterprises to purchase.
- the system ensures that enterprise 140 cannot access the raw data of the user 120 as stored in the private blockchain personal data vault 516 . Instead, enterprise 140 , through an analytics query 538 , can only access anonymized data as aggregated through query management 514 . This ensures the privacy of the data shared by user 120 and permits the user 120 to control which personal information, if any, is shared with enterprises 140 .
- user 120 selects the privacy controls and data aggregation into the user 120 configuration.
- user 120 may enter application 300 add Facebook, Google, Twitter, or similar data providing applications 312 into the portfolio,
- FIG. 8 depicts a method for enterprise-enabled digital consumer data network registration according to an implementation of the present disclosure.
- enterprise 626 may send a request for a data subject request (DSR) opt-in at Step 602 .
- a data subject request (DSR) is a request from a data subject to a data controller asking for modification of personal data held by a third party.
- the DSR is sent to digital consumer 630 to opt into the DSR at step 604 .
- Digital consumer 630 may be user 120 .
- the digital consumer 630 installs an app or plugin as appropriate to the digital consumer's device.
- step 608 digital consumer 630 creates a unique privacy profile on the app or plugin.
- the unique privacy profile may include personally-identifiable information of digital consumer 630 that will permit the unique privacy profile to be associated with the digital consumer 630 .
- the personally-identifiable information of digital consumer 630 is then passed to step 610 of data network system 628 to store the personally-identifiable information of digital consumer 630 as associated with the digital consumer to create a private profile of the digital consumer 630 .
- the digital consumer private profile is created on a storage medium that is accessible as directed by the digital consumer. Synthesized data associated with the private profile of the digital consumer 630 is created and sent to a publicly-accessible storage medium, creating a digital consumer public profile at step 612 .
- the anonymized digital consumer public profile is then passed back to enterprise 626 at step 614 .
- the personally-identifiable information of digital consumer 630 from step 608 is also passed to step 616 , where the digital consumer registers one or more mobile applications, web-based applications and Kur devices that require privacy management with the digital consumer's unique privacy profile.
- the digital consumer enables the privacy preferences for one or more of the mobile applications, web-based applications and OT devices added in step 616 .
- the digital consumer 630 can either implement privacy preferences for individual mobile applications, web-based applications and IOT devices, or collectively through a standard templatized setting for privacy profiles for the digital consumer's unique privacy profile.
- step 622 the digital consumer 630 creates a personal data vault at the location of the choosing of the digital consumer 630 .
- the digital consumer may choose a local, on-premise storage location, a private cloud-based storage location, or at a location provided by data network system 628 .
- the choice of storage location is provided to step 624 , where the personal data vault location and access information is added to the unique privacy profile of digital consumer 630 .
- the information from step 618 , step 622 , and step 624 are then passed to step 620 , where the unique privacy profile of the digital consumer 630 is defined. This unique privacy profile is stored at the digital consumer's unique privacy profile.
- FIG. 9 depicts a method for privacy and consumer data management according to an implementation of the present disclosure.
- digital consumer 736 logins into application 300 to connect to a data providing application(s) 312 at step 702 .
- Digital consumer 736 then continues to step 704 where the digital consumer 736 opens a desired data providing application 312 .
- the digital consumer 736 loads the chosen data providing application 312 and the digital consumer private profile stored from step 708 in data network system 734 .
- digital consumer 736 sends a signal to the enterprise 732 application through application 300 using the privacy paraments retrieved in step 708 .
- the opening of the enterprise 732 application is then achieved in step 712 which initiates a session for the digital consumer 732 digital engagement.
- the consumer application 300 may act as a firewall to restrict access to unsupported privacy parameters.
- the consumer data that flows through the consumer application may be checked against permitted fields that the consumer application 300 has toggled on or off to permit or deny access to such data.
- Enterprise 732 application may then request for insights into the personal information of the digital consumer 736 through the application 300 at step 716 .
- the requested personal information of the digital consumer 736 is approved at step 718 based on the privacy parameters loaded from step 708 , then the requested personal information may then be transmitted to the enterprise 732 application back at step 716 .
- the denial is transmitted back to the digital consumer 736 through application 30 ) at step 722 to have the application 300 obtain a copy of the historical information and real time information from enterprise 732 concerning digital consumer 736 .
- the personal information of the digital consumer 736 that can be restricted as determined from step 720 is then identified at step 724 , when then initiates a DSR to delete a copy of the personal information of the digital consumer 736 that can be restricted.
- the identified data from step 724 is passed on to step 726 , where the personal data vault of the digital consumer 736 is updated with information from the requested personal information of digital consumer 736 .
- a suitable personal data vault may be the personal data vault as described at step 516 of FIG. 8 .
- enterprise 732 receives the DSR from the application 300 through a DSR gateway of the enterprise 732 application, which is the portion of enterprise 732 application configured to receive DSRs.
- enterprise 732 removes the requested personal information as restricted at step 720 from the enterprise 732 application.
- FIG. 10 depicts a method for data aggregation and creation of a consumer data profile insights according to an implementation of the present disclosure.
- the digital consumer 824 engages with a data providing application(s) 312 through the application 300 at step 802 .
- the digital consumer 824 may be user 120 using a client computing device 102 .
- the digital consumer loads privacy preferences from step 804 in data network system 822 .
- the privacy preferences from step 804 are also sent as data subject and privacy preferences at step 806 , which are in turn passed back to the digital consumer 824 through application 300 at step 808 for data filtering, aggregation and DSR management.
- the digital consumer 824 decides the personally-identifiable information the digital consumer 824 desires to share from the one or more data providing application(s) 312 .
- These preferences on which personally-identifiable information the digital consumer 824 desires to share is passed to the data privacy management of data network system 822 at step 810 .
- the data privacy management of data network system 822 will send a DSR at steps 812 a - 812 n to seek information from applications at steps 814 a - 814 n based upon the data privacy management settings from step 810 .
- Applications at steps 814 a - 814 n may include enterprises (I to n) 820 , which may be data providing application(s) 312 .
- the applications at steps 814 a - 814 n will send the requested information through a service and data exchange back through the application 300 of the digital consumer at step 808 and then through the data privacy management at step 810 , and then application data for each one of application or service at steps 816 a - 816 n as corresponding to applications and services from steps 814 a - 814 n .
- the consumer information data retrieved at steps 816 a - 816 n is then passed to the digital consumer data vault at step 818 .
- the digital consumer data vault at step 818 may be referred to as a “consumer 360 ” as it provides a complete profile of the digital consumer, as it can integrate information across different types of applications and services, such as those from steps 814 a - 814 n.
- FIG. 11 depicts a method for data synthesis exchange according to an implementation of the present disclosure.
- an enterprise 916 may create a new data query at step 902 .
- a new data query may be created by enterprise 140 using enterprise computing device 130 creates a new data query using enterprise application 400 at step 902 .
- a new data query may be combination of a number of characteristics of users 120 , such as “women over the age of 65 that watch Game of Thrones.”
- the new data query of step 902 is sent to the query engine of data network system 918 at step 903 .
- the query engine of data network system 918 may be implemented using system 1000 .
- the query engine of data network system 918 may be configured to call and touchpoint and read data from a multiplicity of data vaults, rather than a centralized data vault.
- the query engine of data network system 918 may parse the new data query into a nested query, a series of sub-queries that make up the larger query.
- the new data query of “women over the age of 65 in California that watch Game of Thrones” may be parsed into sub-queries “users that watch Game of Thrones”, “users that live in California”, “users that are over the age of 65” and “users that are women.”
- the parsed query will then be passed to iterative query 1 of step 906 a of data network system 918 .
- the iterative query 1 at step 906 a is outputted to a multiplicity of consumer data vaults 1 through n at steps 908 a - 908 n of digital consumer ( 1 . . . n) 920 .
- Consumer data vaults 1 through n may be implemented as personal data vaults 516 , as described above.
- Digital consumers ( 1 . . . n) 920 may be composed of a multiplicity of users 120 using application 300 on client computing devices 102 .
- Each of the consumer data vaults 1 through n at steps 908 a - 908 n will return an indication that the consumer data of a consumer data vault meets the iterative query 1 at step 910 .
- the method will repeat for steps 906 b - n , returning subsets of consumer data vaults that meet each iterative query 2 through n.
- data network system 918 will return the final query results that aggregate the users 120 that meet the new data query.
- Data network system 918 will return the query results to the enterprise 916 at step 914 , indicating which user(s) 120 meet the new data query.
- the query results at step 914 may be grouped by category.
- iterative query 1 may be “users that watch Game of Thrones.” This iterative query is sent as a binary inquiry to all of the available consumer data vaults at steps 908 a - n , inquiring whether each user 120 meets the iterative query 1 .
- the consumer data vaults that indicate a record with a match to iterative query 1 will return a “1” while the consumer data vaults that do not indicate a record with a match to iterative query 1 will return a “0”.
- the data network system 918 will compile all of the consumer data vaults that return a “1” as a list of the subset of all consumer data vaults.
- the data network system 918 will then proceed to process iterative query 2 at step 906 b , which in this example may be “users that live in California.”
- the data network system 918 will then query the subset of consumer data vaults at steps 908 a - n that returned a positive response from iterative query 1 .
- the data network system 918 will compile all of the subset of consumer data vaults that return a “I” as a list of the smaller subset of all consumer data vaults.
- Data network system 918 will then continue to process iterative quires 906 c - n in a similar manner until all quires have been completed.
- the system will subsequently query “users that are over the age of 65” and “users that are women.”
- the query results will return those “1”s that meet all of the criteria of the parsed query.
- the process as illustrated in FIG. 11 demonstrates an example of distributive querying as contemplated by the system 1000 .
- the ability of system 1000 to search using the search capabilities of each personal data vault of each user 120 permits increased efficiency in returning queries as initiated by an enterprise 140 .
- FIG. 12 depicts a block system diagram for implementation of the disclosed system 1000 .
- Digital Service Providers 1002 include enterprises that provide digital functionality to their customers/consumers. Examples of Digital Service Providers 1002 include Google®, Facebook®, and Bank of America®. Digital Service Providers 1002 may be an enterprise 140 that may create an organizational profile 401 for the enterprise 140 using enterprise application 400 through an enterprise application.
- Digital Service Providers 1002 may provide and receive information via Network 1004 .
- An example of Network 1004 may be implemented through Network 114 .
- Data suitable for entry on the Public Blockchain 1006 is passed from the Digital Service Providers 1002 to the Public Blockchain 1006 via Network 1004 .
- Public Blockchain 1006 may be configured as described with regard to FIG. 15 below.
- Public Blockchain 1006 may communicate with a Data Network System 1014 via a Data Gateway 1008 .
- Data Gateway may include Services Layer Functions Create Entity Profiles 508 , Crypto/Block Account 510 , Data Trickle 512 , and Query Management 514 .
- Data Gateway 1008 after identification and valuation is issued from public blockchain, use may also communicate with Super App/Container 1010 .
- Super App/Container 1010 may be implemented as consumer application 300 .
- the Super App/Container 1010 may be comprised of a plurality of Mini Apps 1012 , which in turn correspond to an enterprise 140 .
- Mini Apps 1012 may be implemented as data providing applications 312 .
- Data Network System 1014 may also communicate with Analytics and Data Science 1016 , which may be implemented as Query Management 514 and generate Analytics Report 522 .
- Data Network System 1014 may also communicate with Compliance Management 1018 .
- Compliance Management 1018 may be configured to ensure compliance with privacy laws, such as GDPR, CCPA, PDP, and the POPI Act that are being enacted to protect consumers digital rights especially in terms of data ownership, consent, right to know the use of data and the right to be forgotten among other things.
- Data Network System 1014 may also communicate with Consent Management 1020 .
- Consent Management 1020 may manage on an individual user 140 basis the permissions and accesses a Digital Service Provider 1002 has to the data of user 140 to seek, document and share the approval details of the use of said information like sharing of purchases, storing of location information, etc. both for internal use and external sharing by said enterprises.
- Data Network may further communicate with Private Blockchain 1022 , which may be implemented as described with respect to FIG. 1 S .
- Private Blockchain 1022 may host Data Vault 1024 which may be comprised of Personal Data Vault 516 and Enterprise Data Vault 518 .
- FIG. 13 depicts exemplary mechanisms by which enterprises may expose the data of the consumer stored by them to the consumers request to get a copy of their data back using a Data Request as per referenced in FIG. 5 A on the top right showing the data subject request.
- Data Requests refers to the multiple mechanisms by which system 1100 can obtain information from the enterprises.
- the identification of the Data Requests are exemplary and not limiting.
- Digital Service Providers 1102 may provide and receive information via Network 1204 .
- Network 1204 may in turn provide data requests API Gateway 1206 , Native Integration 1208 , Web Forms 1110 , and Email Requests 1112 to Data Gateway 1114 .
- API Gateway 1206 may be implemented as an API (Application programming interface) gateway, which may be used to make and receive API calls from the digital service providers' API gateway.
- Native Integration 1108 may provide implemented as the integration of the filtering, data ingestion and data aggregation protocol's within the Customer enterprise's digital footprint either at a software or a hardware level. Native Integration 1108 may also include integration of IOT devices, inclusion within mobile applications, websites, and the like.
- Web forms 1110 and Email requests 1112 may be implemented as web form or email, respectively, in order to obtain a copy of the user's data. These implementations may be used by enterprises to comply with current privacy laws such as GDPR and CCPA.
- FIG. 14 depicts a flow chart depicts the implementation of a public blockchain, as shown for example in FIG. 7 , according to an embodiment of the present disclosure.
- the public blockchain may be constructed wherein the identity management reverse mapped to the identities of the enterprises holding consumer information.
- Digital Service Providers 1202 a - 1202 n may each correspond to an instance of a UserID (labeled UserID1- n , respectively).
- the UserID corresponds to User Information for a particular user associated with the UserID, each of the UserIDs associated with a particular enterprise 140 .
- the network 1204 which may be implemented as network 1004 , communicates using Digital Profiles Handles 1208 a - n , after ensuring the authentication, authorization, and accounting mechanism at block 1206 .
- the authentication at block 1206 may authenticate the data associated with a Digital Service Provider 1202 .
- the authorization at block 1206 may check the permissions from the consumer to obtain the data from the Digital Service Provider 1202 .
- the accounting at block 1206 maintains a ledger of all interactions between Digital Service Providers 1202 a - 1202 n and system 1200 , which are in turn used to create a security profile management for the user 120 associated with a UserID.
- Digital Profile Handles for each of the associated with the UserIDs for each of the digital service providers 1202 a - n may be created.
- Each of the Digital Profile Handles 1208 a - n contain an Authorization ID (“Auth ID”) 1 - n , corresponding to the Digital Profile Handle 1208 a - n .
- the Auth ID may be provided by the digital service providers to provide authorization to take information from the digital service provider.
- Super Profiles 1210 a - n may in turn be generated, each corresponding to a specific user 120 .
- Super Profile 1210 a may contain a SuperID, an Authentication Handle, and a Date Stamp.
- the Super Profile 1210 a components which may include an Authentication Handle and a Date Stamp, are used to maintain the identification of a user 120 .
- Data associated with a Super Profile 1210 a are then in turn stored with specific nodes of a public blockchain 1212 in blocks 1212 a - n.
- Public blockchain 1212 may comprised of a plurality of nodes 1212 a - n (referred to singularly as 1212 a ).
- Each node 1212 a may be a computing system that is configured to perform functions related to the processing and management of the blockchain, including the generation of blockchain data values, verification of proposed blockchain transactions, verification of digital signatures, generation of new blocks, validation of new blocks, and maintenance of a copy of the blockchain.
- the blockchain may be a distributed ledger that is comprised of at least a plurality of blocks.
- Each block may include at least a block ID and one or more data values.
- Each block ID may include at least a timestamp, a block reference value, and a data reference value.
- the timestamp may be a time at which the block ID was generated and may be represented using any suitable method (e.g., UNIX timestamp, DateTime, etc.).
- the block reference value may be a value that references an earlier block (e.g., based on timestamp) in the blockchain.
- a block reference value in a block header may be a reference to the block ID of the most recently added block prior to the respective block.
- the data reference value may similarly be a reference to the one or more data values stored in the block that includes the block header.
- Each blockchain data value may correspond to a blockchain transaction.
- a blockchain transaction may consist of at least: a digital signature of the sender of data that is generated using the sender's private key, a blockchain address of the recipient of the data generated using the recipient's public key, and a blockchain data that is transferred.
- the transaction may also include one or more blockchain addresses of the sender where blockchain data is currently stored (e.g., where the digital signature proves their access to such data), as well as an address generated using the sender's public key for any change that is to be retained by the sender.
- a blockchain transaction may also include the sender's public key, for use by any entity in validating the transaction.
- such data may be provided to a node 1212 a in the public blockchain 1212 , either by the client via a computing device 102 - 110 or by an enterprise by the computing devices 116 .
- the node 1212 a may verify the digital signature and the sender's access to the data, and then include the blockchain transaction in a new block.
- the new block may be validated by other nodes in the public blockchain 1212 before being added to the blockchain and distributed to all of the nodes in the public blockchain 1212 .
- FIG. 15 depicts a flow chart of an implementation of the private blockchain 1400 , wherein the users' private consumer data is mapped to private data vaults, according to an embodiment of the disclosure.
- the private blockchain 1400 as shown and described in FIG. 7 may be implemented as shown in FIG. 15 .
- Data for private blockchain 1400 may originate as a data trickle 1402 as being sent data trickle at step from the data providing applications 312 .
- Each user 120 of the private blockchain 1400 may have a SuperID and data trickles 1402 a - n associated with a specific user 120 .
- the individual data trickles 1402 a - n are in turn associate with the data originating from the digital service providers 1202 a - n.
- the personal data associated with a personal set of data trickles 1402 a is in turn used to create a hash table, which may consist of a SuperID and a table of data hashes_T1 through Tn as shown in block 1404 a .
- the data hashes_T1 through Tn may be created through appropriate encryption methods to ensure privacy of the personal data is maintained.
- the data associated with the hash table generated as blocks 1404 a - n are in turn stored in a corresponding consumer data storage vault 1406 a - n .
- Consumer data storage vault 1406 a - n may be implemented as Personal Data Vault 516 , whereby the metadata of the consumer data is separated from the consumer data stored in the consumer data storage vault 1406 a - n to ensure a digital service provider cannot access the user data stored in the consumer data storage vault 1406 a - n.
- FIG. 16 depicts an exemplary implementation of the disclosed system according to an embodiment of the disclosure.
- FIG. 16 depicts the disclosed system from FIG. 13 as an extensible system, where the disclosed platform can be implemented in multiple different configurations.
- the system 1300 includes digital service providers 1002 and network 1004 , as described above for FIG. 13 .
- the extensible system 1300 may include a private instance 1306 , a public instance 1308 , and a hybrid instance 1310 .
- Private instance 1306 may be adopted as a walled garden for enterprises, nations, and unions wherein the data is contained within the control of the enterprise, nation, or union logically or physically as required.
- Public instance 1308 may be adopted as a global instance wherein any potential users of the extensible system 1300 can participate in a data economy irrespective of the user or enterprise's actual presence or the origin of the service.
- Hybrid instance 1310 may be adopted where, for example, the requirements of the local governments are met in creating a walled garden but the access to the insights is across geopolitical boundaries.
- System 1300 may contain one or more of private instance 1306 , public instance 1308 , and hybrid instance 1310 . Regardless of the number of private instances 1306 , public instances 1308 , or hybrid instances 1310 in system 300 , analytics from private instance 1306 , a public instance 1308 , or hybrid instance 1310 , as described in Analytics and Data Science 1016 , may be shared between instances.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Multimedia (AREA)
- Mechanical Engineering (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Pivots And Pivotal Connections (AREA)
Abstract
The present disclosure provides for a system for protecting personal information data comprising a private blockchain or distributed ledger, comprised of a first plurality of blocks, wherein each of the first plurality of blocks represent a personal data vault for storing personal information data, a public blockchain, comprised of a second plurality of blocks, wherein each of the second plurality of blocks represents a public profile for each user, associating the user of each of the second plurality of blocks with the same user of the first plurality of blocks, and a metadata filtering device, configured to match personal information data from an inputted data stream of personal information data with prestored metadata fields, and producing personal information data tagged with an associated metadata tags.
Description
- The present continuation application includes subject matter disclosed in and claims priority to PCT application of the same title, filed Mar. 16, 2022 and assigned Serial No. PCT/US22/20636, and to provisional application entitled “System and Method for Decentralized, Controlled, and Managed Consumer Personal Data” filed Mar. 17, 2021 and assigned Ser. No. 63,162.386, describing inventions made by the present inventor, herein incorporated by reference.
- The present disclosure creates a network of data creators (digital consumers) and data consumers (enterprises) where aggregation of data happens at the source and sharing happens at the synthesis level. This disclosure creates innovation in multiple areas including:
-
- 1) The creation of a personal data vault for the digital consumer at the source.
- 2) Exchanging the data synthesis instead of raw data for value
- 3) Maintaining privacy, immutability and compliance using a distributed ledger.
- The present disclosure further includes a method establishing an abstraction and filtering of sensitive, personal and secure data between an end-point networked device/interface of a digital consumer(DC) and an end point of a networked device/interface of an Enterprise(EU) through a secure data network management capability the Operating Fabric(OF). The DC registers with the OF obtaining their unique identity obtaining the filtering capability on their end point device/interface, this filtering capability allows the DC to engage digitally across a wide variety of websites and applications providing digital services by the EU to the DC. This filtering capability while filtering out the information that is not essential to the digital transaction between the DC and EU, also obtains a copy of the data footprint that is transmitted into the DC secure Data Vault, in addition all historical information collected and stored by the EU of the DC is automatically downloaded and copied into the secure data vault. This information collecting and storing the historical and transactional data of a DC from the EU creates a holistic copy (or close to) digital footprint of the DC.
- The EU to obtain insights about the DC can create a query requesting for data synthesis without the need for a copy of the data. This query gets transmitted to the OF and upon the consent of the DC to share the data synthesis to the EU or the type of, a synthesis (usually a binary value) is created by the DC data vault and transmitted back to the OF. The aggregation of the information collected through this mechanism is sent back to the EU by the OF without the identity or a copy of the data elements.
- Digital Enterprises today are challenged with how they will engender digital trust with their digital consumers while both balancing their business growth needs through lean data science and reducing their risks due to data breaches and compliance.
- Specifically, these challenges arise due to the current need to purchase and store low quality data from multiple data brokers and aggregators in creating a reverse Consumer 360. The advent of new and evolving regulations triggered by GDPR, CCPA, HIPAA, etc. has made it an immediate priority to drive consumer inclusion. An example of an enterprise customer facing this need, is a healthcare organization's desire to measure the vaccine effectiveness for COVID while respecting digital privacy for the consumer using a smartwatch.
- This disclosure focuses on creating a copy of the individual's digital footprint at the source (i.e., personal data vault). This personal data vault will organically create the first Consumer 360 at source using a combination of privacy protocols, metadata and immutability to ensure the quality of the data, is secure and holistic.
- This disclosure will for the digital consumer:
-
- Avoid exfiltration of data-to-data brokers or data aggregators
- Source/Trickle the historical digital footprint to a personal data vault
- Create a complete profile of digital consumers using the meta data engine (a
- “Consumer 360”); and
- Enable the exchange of data synthesis without the identity or the data elements from the digital consumer to the digital enterprise.
- In an embodiment of the present disclosure, a system for protecting personal information data comprising: a private blockchain or distributed ledger, comprised of a first plurality of blocks, wherein each of the first plurality of blocks represent a personal data vault for storing personal information data; a public blockchain, comprised of a second plurality of blocks, wherein each of the second plurality of blocks represents a public profile for each user, associating the user of each of the second plurality of blocks with the same user of the first plurality of blocks; and a metadata filtering device, configured to match personal information data from an inputted data stream of personal information data with prestored metadata fields, and producing personal information data tagged with an associated metadata tags.
- In an embodiment of the present disclosure, a system where a block from the first plurality of blocks associated with a user of the private blockchain/distributed ledger is further configured to store personal information data for each user as filtered by the metadata tags and the associated metadata tags.
- In an embodiment of the present disclosure, a system that restricts access to the personal information data stored in the personal data vault of the user associated with the personal data vault.
- In an embodiment of the present disclosure, a method of an enterprise enabling a digital consumer data network registration, comprising the steps of: transmitting a data subject rights request from an enterprise to an application for a digital consumer, receiving a signal from the application for the digital consumer indicating the consumer opts into the subject rights request; creating a private profile based on the signal from the application for the digital consumer; creating a public profile from the application for the digital consumer; registering the public profile with a data network for the enterprise; and setting privacy preferences for the digital consumer based on settings from the application for the digital consumer.
- In an embodiment of the present disclosure, a method where the private profile is a block on a private blockchain or distributed ledger.
- In an embodiment of the present disclosure, a method where the public profile is a block on a public blockchain.
- In an embodiment of the present disclosure, a system for registering a digital consumer data network, comprising: a processor; and a memory operatively coupled to the processor, wherein the memory stores instructions that when executed by the processor cause the processor to: transmit a data subject rights request from an enterprise to an application for a digital consumer; receive a signal from the application for the digital consumer indicating the consumer opts into the subject rights request; create a private profile based on the signal from the application for the digital consumer; create a public profile from the application for the digital consumer; register the public profile with a data network for the enterprise; and set privacy preferences for the digital consumer based on settings from the application for the digital consumer.
- In an embodiment of the present disclosure, a method of managing consumer privacy, comprising the steps of: opening a privacy rights management application; selecting an application from the privacy rights management application; loading a privacy preference from a privacy profile for the privacy rights management application; retrieving a data determined by the privacy preference associated from the application; storing the retrieved data in a private storage medium for the privacy rights management application; and transmitting a signal to the application to delete the retrieved data from the application.
- In an embodiment of the present disclosure, a method where the private storage medium is a block of a private blockchain or distributed ledger.
- In an embodiment of the present disclosure, a system for managing consumer privacy, comprising: a processor; and a memory operatively coupled to the processor, wherein the memory stores instructions that when executed by the processor cause the processor to: open a privacy rights management application; select an application from the privacy rights management application; load privacy preference from a privacy profile for the privacy rights management application; retrieve a data determined by the privacy preference associated from the application: store the retrieved data in a private storage medium for the privacy rights management application; and transmit a signal to the application to delete the retrieved data from the application.
- In an embodiment of the present disclosure, a method for creating a private consumer profile, comprising the steps of: loading a pre-configured privacy profile defining the types of personal information a user desires for the private consumer profile; identifying a third-party application that stores the types of personal information the user desires for the private consumer profile; using the pre-configured privacy profile to generate data subject rights requests for the third-party application; transmitting the data subject rights requests to the third-party application requesting retrieval of the personal information and deletion of the personal information; and populating the private consumer profile with the personal information.
- In an embodiment of the present disclosure, a method where the private consumer profile is stored on a block of a blockchain.
- In an embodiment of the present disclosure, a system for managing consumer privacy, comprising: a processor; and a memory operatively coupled to the processor, wherein the memory stores instructions that when executed by the processor cause the processor to: load a pre-configured privacy profile defining the types of personal information a user desires for the private consumer profile; identify a third-party application that stores the types of personal information the user desires for the private consumer profile; use the pre-configured privacy profile to generate data subject rights requests for the third-party application; transmit the data subject rights requests to the third-party application requesting retrieval of the personal information and deletion of the personal information; and populate the private consumer profile with the personal information.
- In an embodiment of the present disclosure, a method of obtaining query results from distributive sources comprising the steps of receiving a data query; parsing the data query into a plurality of ordered nested data queries; and transmitting a first of the ordered nested data queries to a plurality of storage mediums.
- In an embodiment of the present disclosure, a method for obtaining query results from distributive sources comprising the steps of receiving from each of the plurality of storage mediums a signal whether data stored in the associated storage mediums matches the first of the ordered nested data queries; aggregating the plurality of storage mediums that returned the signal indicating an affirmative match with the first of the ordered nested data queries, creating a subset of the plurality of storage mediums; and outputting a query based on the subset of plurality of storage mediums.
- In an embodiment of the present disclosure, a method where the plurality of storage mediums are blocks on a blockchain, the plurality of blocks on the blockchain associated with a plurality of consumer data vaults on a one-to-one basis.
- In an embodiment of the present disclosure, a system for obtaining query results from distributive sources, comprising: a processor, and a memory operatively coupled to the processor, wherein the memory stores instructions that when executed by the processor cause the processor to: receive a data query; parse the data query into a plurality of ordered nested data queries; and transmit a first of the ordered nested data queries to a plurality of storage mediums.
- In an embodiment of the present disclosure, a system where the memory stores further instructions to: receive from each of the plurality of storage mediums a signal whether data stored in the associated storage mediums matches the first of the ordered nested data queries. aggregate the plurality of storage mediums that returned the signal indicating an affirmative match with the first of the ordered nested data queries, creating a subset of the plurality of storage mediums; and output a query based on the subset of plurality of storage mediums.
- In an embodiment of the present disclosure, a system that collects information from multiple parent nodes to a child node, the implementation of which can be expanded across multiple parent-child relationships. A mechanism by which the decentralization of information typically held at the parent nodes currently held in bits and pieces relating to the child node is collected back while in transit or by batch to create a complete and full profile of the child node digital engagement. The child node is typically associated with a digital user.
- In an embodiment of the present disclosure, a node could stand alone or be a part of multiple nodes associated with a digital user engaged with multiple parent nodes to typically send information for the purpose of a digital transaction.
- In an embodiment of the present disclosure, a system that creates consumer 360 through organic and inorganic means for a digital consumer by reversing the current dataflows for data storage as widely used by digital services by an enterprise, including a distributed ledger, comprised of a first plurality of blocks, wherein each of the first plurality of blocks represent a personal data vault for storing personal information data, a public blockchain, comprised of a second plurality of blocks, wherein each of the second plurality of blocks represents a public profile for each user, associating the user of each of the second plurality of blocks with the same user of the first plurality of blocks, a data trickle configured to obtain personal data associated with the user from an enterprise-side data service of the enterprise, for storage in the personal data vault, wherein the system is configured to delete the personal data associated with the user from the enterprise-side data service upon storage of the personal data in the personal data vault.
-
FIG. 1 depicts a system that can be used in implementations of the present disclosure. -
FIGS. 2-5 depicts a consumer application that can be deployed on a client computing device according to a disclosure of the present invention. -
FIGS. 6A-6B depicts an enterprise application that can be deployed on an enterprise computing device according to a disclosure of the present invention. -
FIG. 7 depicts a decentralized consumer data ecosystem according to an implementation of the present disclosure. -
FIG. 8 depicts a method for enterprise-enabled digital consumer data network registration according to an implementation of the present disclosure. -
FIG. 9 depicts a method for privacy and consumer data management according to an implementation of the present disclosure. -
FIG. 10 depicts a method for data aggregation and creation of a consumer data profile according to an implementation of the present disclosure. -
FIG. 11 depicts a method for data synthesis exchange according to an implementation of the present disclosure. -
FIG. 12 depicts a block system diagram for implementation of the claimed system according to an embodiment of the disclosure. -
FIG. 13 depicts exemplary mechanisms by which enterprises generate Data Requests according to an embodiment of the disclosure. -
FIG. 14 depicts a flow chart of an implementation of the public blockchain, wherein the identity management is reverse mapped to the identities of the enterprises holding consumer information according to an embodiment of the disclosure. -
FIG. 15 depicts a flow chart of an implementation of the private blockchain, wherein the users' private consumer data is mapped to private data vaults, according to an embodiment of the disclosure. -
FIG. 16 depicts an exemplary extensible implementation of the disclosed system according to an embodiment of the disclosure. - Non-limiting embodiments of the present disclosure will be further described by referring to the accompanying drawings. It should be understood that the embodiments illustrated in the drawings are for description of the invention only and shall not be construed as any limitation to the present disclosure. The scope of the invention would rather be defined by the appended claims.
- It should be understood that the accompanying drawings are merely used to illustrate embodiments of the present disclosure and are not necessarily drawn to scale.
-
FIG. 1 depicts anexample system 100 that can be used in implementations of the present disclosure. Theexample system 100 includes a plurality of client computing devices 102-110, each of the computing devices being associated with one ofconsumer users 120 a-120 e, respectively.Individual consumer users 120 a-120 e may be referred to asuser 120 orconsumer 120.User 120 may also be an entity, such as an enterprise, that may generate data about the characteristics of the entity. Client computing devices 102-106 (singularly referred to asclient computing device 102 or portable device 102) may be implemented in the form of smartphones, tablets, smartwatches, IOT (Internet of things) endpoints including smart cars, smart fridges, smart meters or other portable handheld computing devices. Client computing devices 108-110 (singularly referred to as client computing device 108) may be implemented in the form of a desktop computer, laptop computer, or other similar devices. Thesystem 100 also includes anetwork 114, and acomputing system 112. The computing devices 102-110 and thecomputing system 112 can communicate with each other through thenetwork 114. Thecomputing system 112 can include one or more computing devices 116 (e.g., one or more servers) and one or more computer-readable storage devices 118 (e.g., one or more databases that could be local to the end point or another client node purely for the purpose of storage). - The
system 100 may also include enterprise computing devices 130-132, each of the enterprise computer devices being associated with one of enterprise 140 a-140 b. Individual enterprises 140 a-140 b may be referred to as enterprise 140. Enterprise computing devices 130-132 may be implemented in the form of a smartphones, tablets, smartwatches, or other portable handheld computing devices, or a desktop computer, laptop computer, or other similar device. Client computing devices 102-110,computing system 112, and enterprise computing devices 130-132 may be connected to network 114 though LAN, Wi-Fi. DSL, fiber, broadband, or other wired or wireless connections, or combinations thereof. Client computing devices 102-110,computing devices 116, and enterprise computing devices 130-132 may each contain one or more memories for storing instructions for execution by a processor, and one or more processors for executing the instructions. -
FIG. 2 depicts aconsumer application 300 that can be deployed on aclient computing device 102 according to a disclosure of the present invention.Consumer application 300 may be implemented as a super app, container, browser, browser plugin or by a service integration which can be used to provide controls or instructions to other applications onportable device 102.User 120 can accessconsumer application 300 through asignup 301 feature, which may requireuser 120 to provide personal information such as a phone number or email address, along with a password, to create a user profile. Theuser 120 may then access the consumer application throughlogin 302. In the case of service integration, the integration with the ecosystem may happen through a hardware connectivity associated with the users. -
FIGS. 3A-3B depict aconsumer application 300 that can be deployed on aclient computing device 102 according to a disclosure of the present invention. After logging intoapplication 300, theapplication 300 will display a home screen for theapplication 300. The home screen may containprofile interface 304,home screen interface 306,monetization feedback interface 308, notifications interface 310,data providing applications 312,application interface 314,vault interface 316,leaderboard interface 318,profile interface 320, and money earnedinterface 322. -
Profile interface 304 andprofile interface 320 may provide access to a user profile display. The user profile display may display onapplication 300. The user profile display may contain a listing of the user personal information, such as the phone number or email address used to create a user profile, including the ability to change the same. The user profile display may also provide preference and setting for theapplication 300. The user profile display may also provide links to payment sources, such as a bank account, cryptocurrency account, or other sources of value for funding the queries that are run to get the required analytics or insights from the users that wish to share their information. -
Home screen interface 306 may permit theuser 120 ofapplication 300 to return to the home screen display ofapplication 300, as shown inFIG. 3A , from another display within theapplication 300, such as the profile display, the leaderboard display, and the userdata vault display 328, as shown and described inFIG. 5 . -
Monetization feedback interface 308 may provide visual feedback tousers 120 ofapplication 300 as to the amount of money earned by theuser 120 through the usage ofapplication 300. As shown by way of example inFIG. 3A , the $120 figure represents a total amount of money earned over a set period of time. The set period of time may be the current day, week, month, year, or other time interval as set by theapplication 300. The +1.00 figure represents an amount of money earned in a second time internal, typically shorter than the other period of time, such as the last 10 minutes or the last time theuser 120 accessedapplication 300. - Notifications interface 310 provides a visual feedback to
user 120 ofapplication 300 of alerts or notices from theapplication 300. The alerts or notices may include feedback touser 120. - Exemplary
data providing applications 312 are shown inFIGS. 3A-3B , which may include social network applications, such as Facebook®, Twitter®, and Snapchat®, media applications, such as YouTube® and Vine®, health applications, such as MyFitnessPal®, and financial applications, such as Bank of America®. Thedata providing applications 312 are not limited to the data providing applications shown inFIGS. 4A-4B or listed here.Data providing applications 312 may include any downloadable application that collects or uses personal information, such as personal/consumer information defined under GDPR. CCPA, PDP. POPI Act or other variations as defined by various states, countries or unions. Adding, removing, or otherwise modifying thedata providing applications 312 may be achieved through theapps interface 314. -
Vault interface 316 may provide access to the userdata value display 328 as shown inFIG. 5 and discussed further below. -
Leaderboard interface 318 may provide access to a leaderboard display onapplication 300. The leaderboard display may provide a listing ofusers 120 ofapplication 300. The listing ofother users 120 may be shown in rank order in the amount of money earned through usage ofapplication 300. The leaderboard may also provide a filter of the other users to list only other users selected by a user 120 (such as a friend list), or by geographic region, or another filter. - Money earned
interface 322 may provide a graphical depiction tousers 120 ofapplication 300 as to the amount of money earned by theuser 120 through the usage ofapplication 300. An exemplary money earnedinterface 322 is shown inFIG. 3B , providing visual feedback tousers 120 ofapplication 300 of the amount of money earned each month over a set number of months. Money earnedinterface 322 may provide other time-based visual feedback on money earned by theuser 120 through the usage ofapplication 300. -
FIGS. 4A-4B depict a further feature of aconsumer application 300 that can be deployed on aclient computing device 102 according to a disclosure of the present invention.FIGS. 4A-413 depict an exemplarydata providing application 312, and as shown is Facebookdata providing application 324. Ifuser 312 enable Facebookdata providing application 324,user 120 may use data permission toggles 326 that may grant or deny permission by theuser 120 to share personal data with thedata providing application 312. Personal data may include any information that relates to an individual who can be directly or indirectly identified. Personal data may include data determined by law to be personal information, such as personal information defined by GDPR or CCPA. In addition, the data set may include the individual's behaviors, demographics, transactions, locations, preferences, and searches all of which may be defined by law under GDRP. CCPA, or similar laws in broad category as information related to an individual or an entity who use the digital application, but not a necessity for the purpose of this disclosure.FIGS. 4A-4B further include exemplary data permission toggles 326, such as orders, services, interested cities, cites checked in, pictures 13 tagged in, and location. Eachdata permission toggle 326 represent a data feed that capture information aboutuser 120, souser 120 can tell whichinformation user 120 wants to collect, whichinformation user 120 want to share anduser 120 decides not to share. Eachdata permission toggle 326 may correspond with a data field of personal information collected by adata providing application 312. -
FIG. 5 depict a further feature of aconsumer application 300 that can be deployed on aclient computing device 102 according to a disclosure of the present invention. After selectinguser 120 selectsvault interface 316 may provide access to the userdata value display 328, theuser 120 may be able to select what categories of personal information theuser 120 wants to share or get back withdata providing applications 312. Exemplary categories of personal information are shown inFIG. 5 , such as “Entertainment”, which would relate to personal information about the entertainment preferences ofuser 120. Toggles may be provided under the categories of personal information. Exemplary toggles are shown inFIG. 5 , such as a toggle for the “Entertainment” category, and toggles for “movie wishlisted”, “movies watched”, and “TV Shows Watched.” By way of example, ifuser 120 turns of the toggle for “Movies Watched”,consumer application 300 will grant permission to share information collected fromdata providing applications 312 that indicate whichmovies user 120 has watched and share them with enterprises that query for personal information. Userdata value display 328 may also include an option to turn off and on all toggles in one category together or each toggle separately. - In an embodiment of the present disclosure where the
user 120 utilizes client computing devices 108-110, such as a laptop or desktop computer, or an IOT device interacting with the application ecosystem through a API,user 120 may accessconsumer application 300 though a web browser or a plug-in for a web browser. Through the web browser or a plug-in for a web browser,user 120 may access the same functions as shown inconsumer application 300. -
FIGS. 6A-6B depict anenterprise application 400 that can be deployed on anenterprise computing device 130 according to a disclosure of the present invention. After logging intoenterprise application 400, theenterprise application 400 will display a home screen for theenterprise application 400. The home screen may containprofile interface 404,home screen interface 306, notifications interface 410,available balance indicator 412,query interface 414,recent query interface 416,home screen interface 418, trendingquery interface 420,community interface 422, andprofile interface 424. -
Profile interface 404 andprofile interface 424 may provide access to an enterprise profile display. The enterprise profile display may be shown onenterprise application 400. The enterprise profile display may contain a listing of the enterprise personal information, such as the phone number or email address used to create an enterprise profile, including the ability to change the same. The enterprise profile display may also provide preference and setting for theenterprise application 400. The enterprise profile display may also provide links to payment sources, such as a bank account or cryptocurrency account for funding the queries that are run to get the required analytics or insights from the individual users. This transfer of value could also be in terms of digital rewards or services that is deemed agreeable between the participants. -
Home screen interface 406 andhome screen interface 418 may permit the enterprise 140 ofenterprise application 400 to return to the home screen display ofenterprise application 400, as shown inFIG. 6A , from another display within theenterprise application 400, such as the profile display, the trendingquery display 430, and the community display. -
Available balance indicator 412 shows how much funds are available for performing queries throughenterprise application 400. Amounts may be deducted from the available balance after performing queries, as described below. - The enterprise 140 of
enterprise application 400 may use thequery interface 414 to generate queries of the characteristics of theusers 120 or other business shared information ofapplication 300. Enterprise 140 may input a query such as “Users who went to Inox Koramangala” intoquery interface 414 to initiate the process of generating a report on theusers 120 who went to Inox Koramangala. A number of the most recent queries performed by enterprise 140 ofenterprise application 400 may be shown inrecent query interface 416.Enterprise application 400 may usesystem 1000, as shown inFIG. 12 and described below, to perform natural language processing on the queries inputted atquery interface 414 to determine relevant fields for searching. Examples of relevant fields identified by the natural language processing on the inputted queries ae highlighted inrecent query interface 416. - An enterprise 140 that selects trending
query interface 420 may display trendingquery display 430, as shown inFIG. 6B .Trending query display 430 may provide queryvisual feedback 426, which may show an aggregation of queries made across a number of enterprises 140 over a set time period. For example, queryvisual feedback 426 may show the number of queries all enterprises 140 have requested over the past week, as broken out by day. Queryvisual feedback 426 may also show queries performed per year, per month, per day, and per hour. Queryvisual feedback 426 may also queries performed by enterprises 140 in a certain region, such as a country or a state.Trending query display 430 may also provide atrending query list 428, which shows queries that have significant interest from across all enterprises 140 usingenterprise application 400 over a set time interval.Trending query list 428 may be used to determine current query trends across all enterprises 140 or over a certain type of enterprise 140. - An enterprise 140 that selects
community interface 422 may display a community interface display. The community interface display provide a list of subsets ofusers 120 based on demographics ofusers 120. - In an embodiment of the present disclosure where the u enterprise 140 utilizes
enterprise computing device 132, such as a laptop or desktop computer, enterprise 140 may accessenterprise application 400 though a web browser or a plug-in for a web browser. Through the web browser or a plug-in for a web browser, enterprise 140 may access the same functions as shown inenterprise application 400. This interface could also be integrated with other software applications that specialize in query or analytics management through an API/service mechanism. -
FIG. 7 depicts a decentralized consumer data ecosystem according to an implementation of the present disclosure. - After
consumer 120 initiates the process as depicted inFIG. 3 atStart 500, the consumer engages theapplication 300 by creating aconsumer profile 301. Aconsumer profile 301 may be created through user-provided user information by the consumer, such as the consumer's phone number or the consumer's email, with a password. Thesystem 1000 creates a record of theconsumer profile 301 based upon the consumer's inputted information, creating a security profile. The data for theconsumer profile 502 is outputted as credentials to step 504. The outputted credentials are utilized to create a session to ensure that it is a valid session. Data for the consumer profile atstep 502 may also be outputted to step 508, which may be used to create a profile for theuser 120. - At
step 504,user 120 logins intoapplication 300 throughuser profile 301 atcredential entry 302, selects thedata providing applications 312 theuser 120 wants to include inapplication 300 data privacy profile.User 120 may select the data providing application(s) 312 from a list of data providing application(s) 312 compatible withapplication 300. After selection of the data providing application(s) 312, those data providing application(s) 312 are now registered as a part of theapplication 300 portfolio. - At
step 506, for each of thedata providing applications 312 in the portfolio ofapplication 300, theuser 120 may configure which information theuser 120 want to capture, and which information theuser 120 wants to store insystem 1000. The user may utilize the function ofapplication 300 by adjusting data permission toggles 326 as shown and discussed inFIGS. 4A-4B . Adjusting data permission toggles 326 alter the application filters on either a field level, application level, industry domain level, or metadata level. Depending on the permissions and data collected by adata providing application 312, theuser 120 may be able to adjust a course level or fine grain of security in theapplication 300 depending on what personal data thedata providing applications 312 may collect and thedata user 120 wants to share. Step 506 output is a security profile foruser 120 being created and attached to the consumer profile foruser 120 for use instep 512. - At
step 508, an entity profile is created. An entity profile may be created from a consumer profile from auser 120 atstep 502 or an organization profile from an enterprise 140 atstep 536. The data for the entity profiles are then stored in a profile storage medium atstep 524. The result ofstep 524 is the creation of a consumer data profile of theconsumer profile 502 for auser 120 and an enterprise data profile from the organizational profile at step 532. The profile storage medium ofstep 524 may be any suitable data storage used as part ofsystem 1000. An example of a suitable data storage for the profile storage medium may be implemented as a public blockchain such as Ethereum. In an embodiment of the present disclosure, a portion of the consumer data profile may be stored on a public blockchain, and in particular the portion of the consumer data profile concerning management of that consumer data to ensure immutability and consensus to enable identity and transaction management. - The consumer data profile of the consumer profile from a
user 120 may be stored in a personal data vault atstep 516. The enterprise data profile of the organizational profile from an enterprise 140 may be stored in an enterprise data vault atstep 518. Each enterprise 140 may have its own enterprise data vault atstep 518. The personal data vault and the enterprise data value may each be stored in a suitable data storage medium either local or over a network, attached to a private blockchain or distributed ledger, accessible by theuser 120 and the enterprise 140, respectively. An example of a suitable private blockchain or distributed ledger may be the use of a distributed ledger from AWS called QLDB or broader footprint using IBM-Hyperledger, R3-Corda or Enigma blockchains. - At
step 510, theuser profile 301 forapplication 300 may be associated with a bank account, cryptocurrency account, or other financial account or device. The linking may be accomplished through data inputted by theuser 120 during the creation ofuser profile 301. Additionally, atstep 510, the organization profile from an enterprise 140 may be associated with a bank account, cryptocurrency account, or other financial account or device. The linking may be accomplished through data inputted by the enterprise 140 during the creation of enterprise profile 401. - At
step 512, selected personal data, as determined by data permission toggles 326 indata providing application 312, will begin trickling throughsystem 1000. The selected personal data may be sent to a portion ofsystem 1000 that contains metadata storage device atstep 526. The data being sent through data trickle atstep 512 is determined in part by thedata providing applications 312, which may be nearly a complete set of data as provided by thedata providing application 312. For the example of Facebook as thedata providing application 312, all of the data feeds from Facebook that are exposed by thedata providing application 312, such as through an API or in through a flat file made available through a web form, email or other that are generally made available through a public API, private API provisioned through a technology/business partnership or exposed as DSR requests, include approximately 180 unique data feeds (subject to change at Facebook's direction), represent the potentially collectable data fromdata providing application 312. - At
step 526, the selected personal data from the data trickle atstep 512 is filtered for the metadata that determines the type of personal data the data trickle is providing, and then the metadata of the personal data is then mapped to predetermined metadata fields as determined in the metadata store atstep 526. For example, the metadata is filtered to determine if the metadata personal data is a location or a city, or that it is media information. When a metadata of the personal data is matched with a corresponding metadata field atstep 526, the personal data is then populated into the personal data vault atstep 516, which includes the use of a storage medium for storing the personal data associated with the filtered metadata. The metadata of the personal data is mapped to metadata fields by having a structure identifying how specific type of personal data is structured, such as how a location data looks, how demographic data looks, how something else looks. The metadata may be mapped by utilizing 16+ different superstructures that identify what those data structures actually look like.System 1000 may take the raw data received from the data trickle, map the data to the particular structure and stored as relevant consumer data. - At
step 516, the personal data vault ofsystem 1000 is provided with the data filtered against the metadata store atstep 526. Each consumer profile may have its own personal data value atstep 516. The personal data vault may be implemented on any suitable storage device, such as a local hard drive ofuser 120, a storage medium on the client computing device 102-110, a user-designated cloud storage device, an on-premises storage device or a cloud-based storage device provided bysystem 1000. - Personal data vaults may have instances of consumer take or enterprise take for access over a network.
- At
step 536, enterprise 140 may create an organizational profile 401 for the enterprise 140 usingenterprise application 400. An organizational profile 401 may be created through enterprise-provided enterprise information by the enterprise, such as the enterprise's phone number or the enterprise's email, with a password. Thesystem 1000 creates a record of the organizational profile 401 based upon the enterprise's inputted information, creating a security profile. The data for the organizational profile 401 is outputted as credentials to step 532. The outputted credentials are utilized to create a session to ensure that it is a valid session. Data for the organizational profile 401 atstep 536 may also be outputted to step 508, which may be used to create a profile for the enterprise 140. - At
step 538, an enterprise 140 using enterprise usingenterprise application 400 makes an analytics query. The analytics query is used by the enterprise 140 to obtain information onusers 120 that meet the criteria of the inputted query. Examples of inputs for the analytics query atstep 538 include characteristics of users, such as location, gender, age, and interests. The analytics query generated atstep 538 is outputted to query management atstep 514. The analytics query atstep 538 may be sent to step 514 and step 520 through homomorphic encryption or other suitable encryption. Further examples of an analytics query atstep 514 are described below inFIG. 11 . - The value realization could at a minimum be in the form of digital rewards like a car service from an automotive manufacturer, a decrease in interest rate from a mortgage company to actual transfer of cash/crypto currency between the participants. In the case of the prior, it is defined by a participation level mapped to the digital reward tiers by the organization as to one time or a long-term relationship. On the later it will be based on the supply and demand, number of participants, quality of data among others.
- At
step 520, thesystem 1000 performs a data snap process for determining the personal data vaults fromstep 516 that meet the criteria generated by the query management atstep 514. The system atstep 520 will take the nested queries generated atstep 514 and return a subset of “1s” representing the count of personal data vaults that meet the criteria for the first nested query. The process will repeat for each of the nested queries until all nested queries are completed, return a subset of “1s” representing the total count of the personal data vaults or profiles represented by the data vaults that meet the criteria for each subsequent nested query. Thesystem 1000 will aggregate all of the “1s” atstep 520. - The results of the data snap process are outputted to step 522 to generate an analytics report and to step 528 to generate a secret contract. The analytics report at
step 522 provides a count of the number ofusers 120 that meet the criteria for analytics query generated atstep 528. Depending on the number of unique sub-queries generated by the query management atstep 514, the analytics report may provide a multidimensional report on the number ofusers 120 that meet each of the unique sub-queries. The analytics report/data set generated atstep 522 may be stored in the enterprise profile atstep 524 of the enterprise that generated the analytics query for the report. - At
step 528, the secret/smart contract establishes a transaction endpoint between an enterprise 140 that makes an analytics query fromstep 538, and theusers 120 of the personal data vault(s) 516 that are participating in providing that information and house that information. The value of the query will be deducted from the account associated with the enterprise 140 and added to accounts associated withusers 120. The enterprise will take the payment total for the analytics query fromstep 538 and divide the payment total between the identities of theusers 120 that are returned by the query atstep 530. By way of example, if enterprise pays $1,000 for an analytics query and a thousand personal data vaults are providing that data, then $1 may be distributed for each of theusers 120 that are returned by the query atstep 530. Through this process, the identities ofuser 120 are maintained anonymously to the enterprise 140, while still permitting the exchange of information and financial payments between the enterprise 140 andusers 120. - At
step 540, enterprise 140 can monetize its created analytics reports fromstep 522 stored in the profile atstep 524 associated with the enterprise 140. For example, if enterprise 140 has entered an analytics query atstep 538, generating an analytics report atstep 522, enterprise 140 has already received the analytics report in exchange for payment given through the secret contract atstep 528. Enterprise 140 can configure its previously generated analytics reports atstep 534 for sharing with other enterprises for certain payment. The previously generated analytics reports or the holistic dataset of other enterprises may not be shared in an embodiment. The other enterprises may define their query based on metadata elements of the data that is being made available either through an individual or an enterprises dataset which is used to source from the appropriate source. The previously generated analytics reports may be published holistically for other enterprises to purchase. - When the disclosure is implemented in a manner as shown and described in
FIG. 7 , the system ensures that enterprise 140 cannot access the raw data of theuser 120 as stored in the private blockchainpersonal data vault 516. Instead, enterprise 140, through ananalytics query 538, can only access anonymized data as aggregated throughquery management 514. This ensures the privacy of the data shared byuser 120 and permits theuser 120 to control which personal information, if any, is shared with enterprises 140. - In particular the
user 120 selects the privacy controls and data aggregation into theuser 120 configuration. By way of example,user 120 may enterapplication 300 add Facebook, Google, Twitter, or similardata providing applications 312 into the portfolio, -
FIG. 8 depicts a method for enterprise-enabled digital consumer data network registration according to an implementation of the present disclosure. Afterstart 600enterprise 626 may send a request for a data subject request (DSR) opt-in atStep 602. A data subject request (DSR) is a request from a data subject to a data controller asking for modification of personal data held by a third party. The DSR is sent todigital consumer 630 to opt into the DSR atstep 604.Digital consumer 630 may beuser 120. After thedigital consumer 630 accepts the DSR, atstep 606 thedigital consumer 630 installs an app or plugin as appropriate to the digital consumer's device. - After the application or plug-in is installed, the method continues to step 608, where
digital consumer 630 creates a unique privacy profile on the app or plugin. The unique privacy profile may include personally-identifiable information ofdigital consumer 630 that will permit the unique privacy profile to be associated with thedigital consumer 630. The personally-identifiable information ofdigital consumer 630 is then passed to step 610 ofdata network system 628 to store the personally-identifiable information ofdigital consumer 630 as associated with the digital consumer to create a private profile of thedigital consumer 630. The digital consumer private profile is created on a storage medium that is accessible as directed by the digital consumer. Synthesized data associated with the private profile of thedigital consumer 630 is created and sent to a publicly-accessible storage medium, creating a digital consumer public profile atstep 612. The anonymized digital consumer public profile is then passed back toenterprise 626 atstep 614. - The personally-identifiable information of
digital consumer 630 fromstep 608 is also passed to step 616, where the digital consumer registers one or more mobile applications, web-based applications and Kur devices that require privacy management with the digital consumer's unique privacy profile. Atstep 618, the digital consumer enables the privacy preferences for one or more of the mobile applications, web-based applications and OT devices added instep 616. Thedigital consumer 630 can either implement privacy preferences for individual mobile applications, web-based applications and IOT devices, or collectively through a standard templatized setting for privacy profiles for the digital consumer's unique privacy profile. - The method continues at
step 622, where thedigital consumer 630 creates a personal data vault at the location of the choosing of thedigital consumer 630. The digital consumer may choose a local, on-premise storage location, a private cloud-based storage location, or at a location provided bydata network system 628. The choice of storage location is provided to step 624, where the personal data vault location and access information is added to the unique privacy profile ofdigital consumer 630. The information fromstep 618,step 622, and step 624 are then passed to step 620, where the unique privacy profile of thedigital consumer 630 is defined. This unique privacy profile is stored at the digital consumer's unique privacy profile. -
FIG. 9 depicts a method for privacy and consumer data management according to an implementation of the present disclosure. Afterstart 700,digital consumer 736 logins intoapplication 300 to connect to a data providing application(s) 312 atstep 702.Digital consumer 736 then continues to step 704 where thedigital consumer 736 opens a desireddata providing application 312. Atstep 706, thedigital consumer 736 loads the chosendata providing application 312 and the digital consumer private profile stored fromstep 708 indata network system 734. - At
step 710,digital consumer 736 sends a signal to theenterprise 732 application throughapplication 300 using the privacy paraments retrieved instep 708. The opening of theenterprise 732 application is then achieved instep 712 which initiates a session for thedigital consumer 732 digital engagement. Atstep 714, theconsumer application 300 may act as a firewall to restrict access to unsupported privacy parameters. The consumer data that flows through the consumer application may be checked against permitted fields that theconsumer application 300 has toggled on or off to permit or deny access to such data.Enterprise 732 application may then request for insights into the personal information of thedigital consumer 736 through theapplication 300 atstep 716. If the requested personal information of thedigital consumer 736 is approved atstep 718 based on the privacy parameters loaded fromstep 708, then the requested personal information may then be transmitted to theenterprise 732 application back atstep 716. Atstep 720, if the requested personal information is restricted based on the privacy parameters loaded fromstep 708, then the denial is transmitted back to thedigital consumer 736 through application 30) atstep 722 to have theapplication 300 obtain a copy of the historical information and real time information fromenterprise 732 concerningdigital consumer 736. - The personal information of the
digital consumer 736 that can be restricted as determined fromstep 720 is then identified atstep 724, when then initiates a DSR to delete a copy of the personal information of thedigital consumer 736 that can be restricted. The identified data fromstep 724 is passed on to step 726, where the personal data vault of thedigital consumer 736 is updated with information from the requested personal information ofdigital consumer 736. A suitable personal data vault may be the personal data vault as described atstep 516 ofFIG. 8 . Atstep 728,enterprise 732 receives the DSR from theapplication 300 through a DSR gateway of theenterprise 732 application, which is the portion ofenterprise 732 application configured to receive DSRs. Atstep 730,enterprise 732 removes the requested personal information as restricted atstep 720 from theenterprise 732 application. -
FIG. 10 depicts a method for data aggregation and creation of a consumer data profile insights according to an implementation of the present disclosure. After starting the method atstep 800, thedigital consumer 824 engages with a data providing application(s) 312 through theapplication 300 atstep 802. Thedigital consumer 824 may beuser 120 using aclient computing device 102. The digital consumer loads privacy preferences from step 804 indata network system 822. The privacy preferences from step 804 are also sent as data subject and privacy preferences atstep 806, which are in turn passed back to thedigital consumer 824 throughapplication 300 atstep 808 for data filtering, aggregation and DSR management. - At
step 808, thedigital consumer 824 decides the personally-identifiable information thedigital consumer 824 desires to share from the one or more data providing application(s) 312. These preferences on which personally-identifiable information thedigital consumer 824 desires to share is passed to the data privacy management ofdata network system 822 atstep 810. The data privacy management ofdata network system 822 will send a DSR at steps 812 a-812 n to seek information from applications at steps 814 a-814 n based upon the data privacy management settings fromstep 810. Applications at steps 814 a-814 n may include enterprises (I to n) 820, which may be data providing application(s) 312. The applications at steps 814 a-814 n will send the requested information through a service and data exchange back through theapplication 300 of the digital consumer atstep 808 and then through the data privacy management atstep 810, and then application data for each one of application or service at steps 816 a-816 n as corresponding to applications and services from steps 814 a-814 n. The consumer information data retrieved at steps 816 a-816 n is then passed to the digital consumer data vault atstep 818. The digital consumer data vault atstep 818 may be referred to as a “consumer 360” as it provides a complete profile of the digital consumer, as it can integrate information across different types of applications and services, such as those from steps 814 a-814 n. -
FIG. 11 depicts a method for data synthesis exchange according to an implementation of the present disclosure. After starting the method atstep 900, anenterprise 916 may create a new data query atstep 902. A new data query may be created by enterprise 140 usingenterprise computing device 130 creates a new data query usingenterprise application 400 atstep 902. By way of example, a new data query may be combination of a number of characteristics ofusers 120, such as “women over the age of 65 that watch Game of Thrones.” The new data query ofstep 902 is sent to the query engine ofdata network system 918 atstep 903. The query engine ofdata network system 918 may be implemented usingsystem 1000. The query engine ofdata network system 918 may be configured to call and touchpoint and read data from a multiplicity of data vaults, rather than a centralized data vault. Atstep 904, the query engine ofdata network system 918 may parse the new data query into a nested query, a series of sub-queries that make up the larger query. - Using the above example, the new data query of “women over the age of 65 in California that watch Game of Thrones” may be parsed into sub-queries “users that watch Game of Thrones”, “users that live in California”, “users that are over the age of 65” and “users that are women.”
- The parsed query will then be passed to
iterative query 1 ofstep 906 a ofdata network system 918. Theiterative query 1 atstep 906 a is outputted to a multiplicity of consumer data vaults 1 through n at steps 908 a-908 n of digital consumer (1 . . . n) 920. Consumer data vaults 1 through n may be implemented as personal data vaults 516, as described above. Digital consumers (1 . . . n) 920 may be composed of a multiplicity ofusers 120 usingapplication 300 onclient computing devices 102. Each of the consumer data vaults 1 through n at steps 908 a-908 n will return an indication that the consumer data of a consumer data vault meets theiterative query 1 atstep 910. The method will repeat forsteps 906 b-n, returning subsets of consumer data vaults that meet eachiterative query 2 through n. Atstep 912, after completing the iterative query n atstep 906 n,data network system 918 will return the final query results that aggregate theusers 120 that meet the new data query.Data network system 918 will return the query results to theenterprise 916 atstep 914, indicating which user(s) 120 meet the new data query. The query results atstep 914 may be grouped by category. - In the above example,
iterative query 1 may be “users that watch Game of Thrones.” This iterative query is sent as a binary inquiry to all of the available consumer data vaults at steps 908 a-n, inquiring whether eachuser 120 meets theiterative query 1. The consumer data vaults that indicate a record with a match toiterative query 1 will return a “1” while the consumer data vaults that do not indicate a record with a match toiterative query 1 will return a “0”. Atstep 910, thedata network system 918 will compile all of the consumer data vaults that return a “1” as a list of the subset of all consumer data vaults. Thedata network system 918 will then proceed to processiterative query 2 atstep 906 b, which in this example may be “users that live in California.” Thedata network system 918 will then query the subset of consumer data vaults at steps 908 a-n that returned a positive response fromiterative query 1. Atstep 910, thedata network system 918 will compile all of the subset of consumer data vaults that return a “I” as a list of the smaller subset of all consumer data vaults.Data network system 918 will then continue to processiterative quires 906 c-n in a similar manner until all quires have been completed. In this example, the system will subsequently query “users that are over the age of 65” and “users that are women.” The query results will return those “1”s that meet all of the criteria of the parsed query. - The process as illustrated in
FIG. 11 demonstrates an example of distributive querying as contemplated by thesystem 1000. The ability ofsystem 1000 to search using the search capabilities of each personal data vault of eachuser 120 permits increased efficiency in returning queries as initiated by an enterprise 140. -
FIG. 12 depicts a block system diagram for implementation of the disclosedsystem 1000. As shown inFIG. 12 ,Digital Service Providers 1002 include enterprises that provide digital functionality to their customers/consumers. Examples ofDigital Service Providers 1002 include Google®, Facebook®, and Bank of America®.Digital Service Providers 1002 may be an enterprise 140 that may create an organizational profile 401 for the enterprise 140 usingenterprise application 400 through an enterprise application. -
Digital Service Providers 1002 may provide and receive information viaNetwork 1004. An example ofNetwork 1004 may be implemented throughNetwork 114. Data suitable for entry on thePublic Blockchain 1006 is passed from theDigital Service Providers 1002 to thePublic Blockchain 1006 viaNetwork 1004.Public Blockchain 1006 may be configured as described with regard toFIG. 15 below.Public Blockchain 1006 may communicate with aData Network System 1014 via aData Gateway 1008. Data Gateway may include Services Layer FunctionsCreate Entity Profiles 508, Crypto/Block Account 510,Data Trickle 512, andQuery Management 514.Data Gateway 1008 after identification and valuation is issued from public blockchain, use may also communicate with Super App/Container 1010. Super App/Container 1010 may be implemented asconsumer application 300. The Super App/Container 1010 may be comprised of a plurality ofMini Apps 1012, which in turn correspond to an enterprise 140.Mini Apps 1012 may be implemented asdata providing applications 312. -
Data Network System 1014 may also communicate with Analytics andData Science 1016, which may be implemented asQuery Management 514 and generateAnalytics Report 522.Data Network System 1014 may also communicate withCompliance Management 1018.Compliance Management 1018 may be configured to ensure compliance with privacy laws, such as GDPR, CCPA, PDP, and the POPI Act that are being enacted to protect consumers digital rights especially in terms of data ownership, consent, right to know the use of data and the right to be forgotten among other things.Data Network System 1014 may also communicate withConsent Management 1020.Consent Management 1020 may manage on an individual user 140 basis the permissions and accesses aDigital Service Provider 1002 has to the data of user 140 to seek, document and share the approval details of the use of said information like sharing of purchases, storing of location information, etc. both for internal use and external sharing by said enterprises. Data Network may further communicate withPrivate Blockchain 1022, which may be implemented as described with respect toFIG. 1S .Private Blockchain 1022 may hostData Vault 1024 which may be comprised ofPersonal Data Vault 516 andEnterprise Data Vault 518. -
FIG. 13 depicts exemplary mechanisms by which enterprises may expose the data of the consumer stored by them to the consumers request to get a copy of their data back using a Data Request as per referenced inFIG. 5A on the top right showing the data subject request. Data Requests refers to the multiple mechanisms by whichsystem 1100 can obtain information from the enterprises. The identification of the Data Requests are exemplary and not limiting.Digital Service Providers 1102 may provide and receive information viaNetwork 1204.Network 1204 may in turn provide datarequests API Gateway 1206, Native Integration 1208,Web Forms 1110, andEmail Requests 1112 toData Gateway 1114. -
API Gateway 1206 may be implemented as an API (Application programming interface) gateway, which may be used to make and receive API calls from the digital service providers' API gateway.Native Integration 1108 may provide implemented as the integration of the filtering, data ingestion and data aggregation protocol's within the Customer enterprise's digital footprint either at a software or a hardware level.Native Integration 1108 may also include integration of IOT devices, inclusion within mobile applications, websites, and the like. -
Web forms 1110 andEmail requests 1112 may be implemented as web form or email, respectively, in order to obtain a copy of the user's data. These implementations may be used by enterprises to comply with current privacy laws such as GDPR and CCPA. -
FIG. 14 depicts a flow chart depicts the implementation of a public blockchain, as shown for example inFIG. 7 , according to an embodiment of the present disclosure. The public blockchain may be constructed wherein the identity management reverse mapped to the identities of the enterprises holding consumer information. Digital Service Providers 1202 a-1202 n may each correspond to an instance of a UserID (labeled UserID1-n, respectively). The UserID corresponds to User Information for a particular user associated with the UserID, each of the UserIDs associated with a particular enterprise 140. Thenetwork 1204, which may be implemented asnetwork 1004, communicates using Digital Profiles Handles 1208 a-n, after ensuring the authentication, authorization, and accounting mechanism atblock 1206. The authentication atblock 1206 may authenticate the data associated with a Digital Service Provider 1202. The authorization atblock 1206 may check the permissions from the consumer to obtain the data from the Digital Service Provider 1202. The accounting atblock 1206 maintains a ledger of all interactions between Digital Service Providers 1202 a-1202 n andsystem 1200, which are in turn used to create a security profile management for theuser 120 associated with a UserID. - At 1208 a-n, Digital Profile Handles for each of the associated with the UserIDs for each of the digital service providers 1202 a-n may be created. Each of the Digital Profile Handles 1208 a-n contain an Authorization ID (“Auth ID”)1-n, corresponding to the Digital Profile Handle 1208 a-n. The Auth ID may be provided by the digital service providers to provide authorization to take information from the digital service provider.
- Super Profiles 1210 a-n may in turn be generated, each corresponding to a
specific user 120.Super Profile 1210 a may contain a SuperID, an Authentication Handle, and a Date Stamp. TheSuper Profile 1210 a components, which may include an Authentication Handle and a Date Stamp, are used to maintain the identification of auser 120. Data associated with aSuper Profile 1210 a are then in turn stored with specific nodes of apublic blockchain 1212 inblocks 1212 a-n. -
Public blockchain 1212 may comprised of a plurality ofnodes 1212 a-n (referred to singularly as 1212 a). Eachnode 1212 a may be a computing system that is configured to perform functions related to the processing and management of the blockchain, including the generation of blockchain data values, verification of proposed blockchain transactions, verification of digital signatures, generation of new blocks, validation of new blocks, and maintenance of a copy of the blockchain. The blockchain may be a distributed ledger that is comprised of at least a plurality of blocks. Each block may include at least a block ID and one or more data values. Each block ID may include at least a timestamp, a block reference value, and a data reference value. The timestamp may be a time at which the block ID was generated and may be represented using any suitable method (e.g., UNIX timestamp, DateTime, etc.). The block reference value may be a value that references an earlier block (e.g., based on timestamp) in the blockchain. In some embodiments, a block reference value in a block header may be a reference to the block ID of the most recently added block prior to the respective block. The data reference value may similarly be a reference to the one or more data values stored in the block that includes the block header. - Each blockchain data value may correspond to a blockchain transaction. A blockchain transaction may consist of at least: a digital signature of the sender of data that is generated using the sender's private key, a blockchain address of the recipient of the data generated using the recipient's public key, and a blockchain data that is transferred. In some blockchain transactions, the transaction may also include one or more blockchain addresses of the sender where blockchain data is currently stored (e.g., where the digital signature proves their access to such data), as well as an address generated using the sender's public key for any change that is to be retained by the sender. In some cases, a blockchain transaction may also include the sender's public key, for use by any entity in validating the transaction. For the processing of a blockchain transaction, such data may be provided to a
node 1212 a in thepublic blockchain 1212, either by the client via a computing device 102-110 or by an enterprise by thecomputing devices 116. Thenode 1212 a may verify the digital signature and the sender's access to the data, and then include the blockchain transaction in a new block. The new block may be validated by other nodes in thepublic blockchain 1212 before being added to the blockchain and distributed to all of the nodes in thepublic blockchain 1212. -
FIG. 15 depicts a flow chart of an implementation of theprivate blockchain 1400, wherein the users' private consumer data is mapped to private data vaults, according to an embodiment of the disclosure. Theprivate blockchain 1400 as shown and described inFIG. 7 may be implemented as shown inFIG. 15 . - Data for
private blockchain 1400 may originate as adata trickle 1402 as being sent data trickle at step from thedata providing applications 312. Eachuser 120 of theprivate blockchain 1400 may have a SuperID anddata trickles 1402 a-n associated with aspecific user 120. The individual data trickles 1402 a-n are in turn associate with the data originating from the digital service providers 1202 a-n. - The personal data associated with a personal set of data trickles 1402 a is in turn used to create a hash table, which may consist of a SuperID and a table of data hashes_T1 through Tn as shown in
block 1404 a. The data hashes_T1 through Tn may be created through appropriate encryption methods to ensure privacy of the personal data is maintained. The data associated with the hash table generated asblocks 1404 a-n are in turn stored in a corresponding consumer data storage vault 1406 a-n. Consumer data storage vault 1406 a-n may be implemented asPersonal Data Vault 516, whereby the metadata of the consumer data is separated from the consumer data stored in the consumer data storage vault 1406 a-n to ensure a digital service provider cannot access the user data stored in the consumer data storage vault 1406 a-n. -
FIG. 16 depicts an exemplary implementation of the disclosed system according to an embodiment of the disclosure. In particular,FIG. 16 depicts the disclosed system fromFIG. 13 as an extensible system, where the disclosed platform can be implemented in multiple different configurations. As shown inFIG. 16 , the system 1300 includesdigital service providers 1002 andnetwork 1004, as described above forFIG. 13 . The extensible system 1300 may include aprivate instance 1306, apublic instance 1308, and ahybrid instance 1310. -
Private instance 1306 may be adopted as a walled garden for enterprises, nations, and unions wherein the data is contained within the control of the enterprise, nation, or union logically or physically as required. -
Public instance 1308 may be adopted as a global instance wherein any potential users of the extensible system 1300 can participate in a data economy irrespective of the user or enterprise's actual presence or the origin of the service. -
Hybrid instance 1310 may be adopted where, for example, the requirements of the local governments are met in creating a walled garden but the access to the insights is across geopolitical boundaries. - System 1300 may contain one or more of
private instance 1306,public instance 1308, andhybrid instance 1310. Regardless of the number ofprivate instances 1306,public instances 1308, orhybrid instances 1310 insystem 300, analytics fromprivate instance 1306, apublic instance 1308, orhybrid instance 1310, as described in Analytics andData Science 1016, may be shared between instances. - Having described the preferred embodiments of the invention, it is understood that the invention defined by the appended claims is not to be limited by particular details set forth in the above description, as many apparent variations thereof are possible without departing from the spirit or scope thereof.
Claims (8)
1. A system for protecting personal information data comprising:
a distributed ledger, comprised of a first plurality of blocks, wherein each of the first plurality of blocks represent a personal data vault for storing personal information data;
a public blockchain, comprised of a second plurality of blocks, wherein each of the second plurality of blocks represents a public profile for each user, associating the user of each of the second plurality of blocks with the same user of the first plurality of blocks; and
a metadata filtering device, configured to match personal information data from an inputted data stream of personal information data with prestored metadata fields, and producing personal information data tagged with an associated metadata tags.
2. The system of claim 3 , wherein the distributed leger is implemented as a private blockchain.
3. The system of claim 3 , wherein a block from the first plurality of blocks associated with a user of the distributed ledger is further configured to store personal information data for each user as filtered by the metadata tags and the associated metadata tags.
4. The system of claim 3 , wherein the system restricts access to the personal information data stored in the personal data vault to the user associated with the personal data vault.
5. A method of an enterprise enabling a digital consumer data network registration, comprising the steps of:
transmitting a data subject rights request from an enterprise to an application for a digital consumer;
receiving a signal from the application for the digital consumer indicating the consumer opts into the subject rights request;
creating a private profile based on the signal from the application for the digital consumer;
creating a public profile from the application for the digital consumer;
registering the public profile with a data network for the enterprise; and
setting privacy preferences for the digital consumer based on settings from the application for the digital consumer.
6. The method of claim 5 , wherein the private profile is a block on a private blockchain or distributed ledger.
7. The method of claim 5 , wherein the public profile is a block on a public blockchain.
8. A method of managing consumer privacy, comprising the steps of:
opening a privacy rights management application;
selecting an application from the privacy rights management application;
loading a privacy preference from a privacy profile for the privacy rights management application;
retrieving a data determined by the privacy preference associated from the application;
storing the retrieved data in a block of a private blockchain or distributed ledger for the privacy rights management application; and
transmitting a signal to the application to delete the retrieved data from the application.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US18/369,800 US20240020411A1 (en) | 2022-03-16 | 2023-09-18 | System and Method for Decentralized, Controlled, and Managed Consumer Personal Data |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/US2022/020636 WO2022197861A2 (en) | 2021-03-17 | 2022-03-16 | System and method for decentralized, controlled, and managed consumer personal data |
US202263407576P | 2022-09-16 | 2022-09-16 | |
US18/369,800 US20240020411A1 (en) | 2022-03-16 | 2023-09-18 | System and Method for Decentralized, Controlled, and Managed Consumer Personal Data |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2022/020636 Continuation WO2022197861A2 (en) | 2021-03-17 | 2022-03-16 | System and method for decentralized, controlled, and managed consumer personal data |
Publications (1)
Publication Number | Publication Date |
---|---|
US20240020411A1 true US20240020411A1 (en) | 2024-01-18 |
Family
ID=89510073
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US18/369,783 Pending US20240092266A1 (en) | 2022-09-16 | 2023-09-18 | Utv side mirror mounting and adjustment system |
US18/369,800 Pending US20240020411A1 (en) | 2022-03-16 | 2023-09-18 | System and Method for Decentralized, Controlled, and Managed Consumer Personal Data |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US18/369,783 Pending US20240092266A1 (en) | 2022-09-16 | 2023-09-18 | Utv side mirror mounting and adjustment system |
Country Status (1)
Country | Link |
---|---|
US (2) | US20240092266A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20240005026A1 (en) * | 2022-07-01 | 2024-01-04 | Charles Finkelstein Consulting LLC | Universal third party privacy and personal data management system |
-
2023
- 2023-09-18 US US18/369,783 patent/US20240092266A1/en active Pending
- 2023-09-18 US US18/369,800 patent/US20240020411A1/en active Pending
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20240005026A1 (en) * | 2022-07-01 | 2024-01-04 | Charles Finkelstein Consulting LLC | Universal third party privacy and personal data management system |
Also Published As
Publication number | Publication date |
---|---|
US20240092266A1 (en) | 2024-03-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11588619B2 (en) | Generating customized smart contracts | |
US11620642B2 (en) | Digital contracts in blockchain environments | |
US10564936B2 (en) | Data processing systems for identity validation of data subject access requests and related methods | |
US20210084105A1 (en) | System and apparatus to manage data using a peer-to-peer network and the blockchain | |
US20190354606A1 (en) | Private Cryptocoinage in Blockchain Environments | |
TWI479333B (en) | Aggregating and searching profile data from multiple services | |
US10185773B2 (en) | Systems and methods of precision sharing of big data | |
JP5872535B2 (en) | Query model for information as a networked service | |
US20060004789A1 (en) | Method of sharing social network information with existing user databases | |
US20120158792A1 (en) | Aggregated profile and online concierge | |
US20170034182A1 (en) | System and protocol for programmatic inheritance of digital assets | |
US20180089320A1 (en) | Systems and Methods for Use in Securing Data of a Multi-Tenant Data Structure | |
US20240020411A1 (en) | System and Method for Decentralized, Controlled, and Managed Consumer Personal Data | |
US20230274019A1 (en) | System for data access token management | |
US20130152155A1 (en) | Providing user attributes to complete an online transaction | |
US20230069247A1 (en) | Data sharing solution | |
US20230237499A1 (en) | Non-fungible preference token | |
KR20200092316A (en) | Union Personally Identifiable Information Service | |
US20220058651A1 (en) | Authentication of financial transaction | |
US20210133760A1 (en) | Multi-factor authentication for business to consumer transactions | |
KR102523748B1 (en) | Method and apparatus for providing augmented reality service using non-fungible token content | |
US20230318837A1 (en) | Zero-Knowledge Proofs for Providing Browsing Data | |
WO2022197861A2 (en) | System and method for decentralized, controlled, and managed consumer personal data | |
AU2021249146B2 (en) | Secure identity verification marketplace using hashed data and forward hashing search functions | |
US20230177528A1 (en) | Systems and methods for data insights from consumer accessible data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |