The 3rd Internet Privacy Engineering Network (IPEN) Workshop took place on September 9, 2016 at the Goethe University of Frankfurt, Germany. IPEN was established in 2014 as a platform that brings together developers and data protection experts with a technical background from different areas in order to launch and support projects that build privacy into everyday tools and develop new tools which can effectively protect and enhance our privacy. The high-quality audience of this year’s IPEN event was led by Achim Klabunde, head of IT Policy sector of the European Data Projection Supervisor (EDPS). Other participants included representatives from data protection authorities like ENISA and ULD, industry like Deutsche Telekom and signatu, as well as researchers. CREDENTIAL was one of two H2020 projects offering financial support to the non-profit organizers. In his presentation, Nicolás Notario McDonnell (ATOS) presented the overall vision of CREDENTIAL as well as our approach towards privacy by design based on PRIPARE and LINDDUN methodologies, which was then followed by a brief discussion of the eHealth pilot scenario.
The discussion points involved aspects like the sensitivity of different meta-data (e.g., who is allowed to access data, when is it actually accessed by whom, size and format of stored data, etc.) or the relevance of allowing multiple different accounts for the same user. Besides constructive feedback, no major objections concerning the privacy-approach of CREDENTIAL were raised from the present experts.