Pavlos S. Efraimidis, Georgios Drosatos, Fotis Nalbadis and Aimilia Tasidou
In order to enhance privacy protection during electronic transactions, the purpose of this paper is to propose, develop, and evaluate a personal data management framework called…
Abstract
Purpose
In order to enhance privacy protection during electronic transactions, the purpose of this paper is to propose, develop, and evaluate a personal data management framework called Polis that abides by the following principle: every individual has absolute control over his/her personal data that reside only at his/her own side.
Design/methodology/approach
This paper identifies representative electronic transactions that involve personal data and proposes Polis‐based protocols for them. The approach is evaluated on a Polis prototype both as a stand‐alone application and as part of a commercial database management system.
Findings
The results of this paper indicate that electronic transactions can remain both feasible and straightforward, while personal data remain only at the owner's side.
Research limitations/implications
This paper describes a Polis‐approach implementing prototype, which is easy to deploy and friendly to current information management technologies. However, the usability of the prototype has to be enhanced with supporting tools for editing personal data and policies and a more intuitive user interface. Finally, the Polis‐platform enables a new class of user‐centered distributed applications, which it intends to investigate.
Practical implications
Even though the conditions for a personal data management approach like Polis are mature, and Polis can be progressively adopted, it still entails a major change in current business practices.
Originality/value
This paper proposes a new paradigm for the management of personal data, which admits individuals to have their personal data stored only at their own side. The new approach can be of mutual benefit to both individuals and companies.