27.08.2019

Data Security in the Application Process

Even more than a year after the entry into force of the General Data Protection Regulation (GDPR), managing applications in compliance with data protection is still a major challenge for many companies, especially for small and medium-sized enterprises. In the framework of the project "EDV – Einfaches Digitales Vergessen" (easy digital forgetting) the FZI Research Center for Information Technology has developed a user-friendly, GDPR-compliant solution: a platform for the secure, encrypted and self-determined data exchange. On the occasion of the project completion, the results will be publicly presented on August 28, 2019 at Innotec Pforzheim.

Image source: Pixabay

Karlsruhe, August 27, 2019 – The transfer of data to companies and the exchange of data within companies usually happens by email today. However, this poses significant risks, especially when involving sensitive data, such as in the applicant management: Senders don't have any possibility to control to which group of recipients their email is forwarded to and they usually also don't have an influence on how long and where their data are stored. Jochen Rill, computer scientist at the FZI in Karlsruhe, knows that this is a problem:

 "Even if a company honestly tries to implement the requirements of the GDPR – as soon as personal data are shared via email, any effort is pointless. This is where the project EDV starts: Together with different partners we have developed a new platform for end-to-end encrypted data exchange. This means that the transferred information undergo a cryptographic procedure through all stations. In addition, the person sharing the sensitive data has control over who is allowed to see his data, at all times. In the application process this would be the applicants themselves."

For two years, the FZI developed, evaluated and tested the security concept for the EDV platform to vulnerabilities. The resulting system ensures the data originator as well as the recipient that the exchanged knowledge will be treated according to standardised and transparent rules and directives. Data protection requirements can thus be easily implemented in particular. Applied to the applicant management this means: As soon as the data shall be passed on, a confirmation of the applicant is necessary. Through this extended control, it is at any time clear who has access to the data. Besides that, data are centrally stored and managed; thus erasure obligations required by data protection law can be implemented in a controlled and automatic way. The platform EDV thus strengthens the right to informational self-determination in the application process. However, this solution can also be used in other sectors and fields, for instance in the project or contract management.

The project "EDV – Einfaches Digitales vergessen" was launched on June 1, 2019 and runs until August 21, 2019. It is funded by the German Federal Ministry for Economic Affairs and Energy (BMWi). Under the supervision of the esentri ag, the FZI Research Center for Information Technology, the CAS Software AG and the Pforzheim University formed the consortium. Further information on EDV can be found at: www.digitalesvergessen.de

About the FZI Research Center for Information Technology

The FZI Research Center for Information Technology, with its head office in Karlsruhe and a branch office in Berlin, is a non-profit institution for applied research in information technology and technology transfer. Its task is to provide businesses and public institutions with the latest research findings in information technology. It also qualifies young researchers for their career in academics or business as well as self-employment. Led by professors from different faculties, research teams at the FZI interdisciplinarily develop and prototype concepts, software, hardware and system solutions for their clients. The FZI House of Living Labs provides a unique research environment for applied research. The FZI is the innovation partner of the Karlsruhe Institute of Technology (KIT).

Further information

Julia Feilen, Communications
FZI Forschungszentrum Informatik
Haid-und-Neu-Str. 10-14, 76131 Karlsruhe, Germany
Phone: +49 721 9654-943
Email: feilen@fzi.de
Web: www.fzi.de/en