Söderhamn, Sweden

Social networks have become widely used nowadays and are increasingly finding acceptance in different scenarios of our daily lives. Depending on the target group, different social networks have been set up to enhance the online experience of users or to provide them with an easy way to interact and share information with the other members of the network.

While some of the social networks make their resources available to a large target group (such as Facebook or Twitter), there are some specific communities, where it is desirable to limit the access to particular individuals or certain groups of users. This was the case in the ABC4Trust pilot. The target group were pupils of a school in the Municipality of Söderhamn in Sweden. The intention of the pilot was to provide online services for the members of our use case community. The pupils of this school were able to use different “community services” while their privacy was protected, at the same time, by enabling pseudonymous and anonymous access.

This use-case scenario primarily concerned privacy-enhancing online communication and the exchange of personal information between users (pupils and their guardians, school personnel, etc.). However, the pilot system offered a variety of different services such as online chats, discussion rooms, counselling sessions, document sharing, and polling. Furthermore, since some of the exchanged data were very sensitive in nature it required increased protection from unauthorised access by third parties.

Depending on the users’ roles in the pilot, the school was responsible for issuing corresponding credentials, e.g. a pupil’s credentials contained the respective attributes regarding their class, age, caretakers, teachers, etc. In order to access a chat or any other service provided by the communication network, a user only needed to prove that she/he possesses credentials with attributes that satisfy specific properties, without necessarily revealing the corresponding attribute values. So it was sufficient and possible to prove that a credential contained a date of birth that lies more than 14 years in the past without giving away the exact date.

One of the main functionalities were counselling sessions. Whenever a pupil had a problem, be it physical, psychological, mental, financial or any other, she/he was able to discuss it with a counsellor or the school nurse online. While pupils could feel assured that their identity was well protected, the counsellor was certain that the user was indeed a pupil of the school and entitled to access the service. Due to legal obligations of the school, which was the responsible authority for the communication system, it was not possible to conduct the counselling sessions completely anonymously, but only pseudonymously. Therefore, the optional feature of ‘inspection’ was deployed and tried in practice. The inspection feature enables the revelation of the user’s identity under strictly predefined conditions about which the user has to be informed in advance. Consequently, only the real identity of those users is revealed who fulfil the predefined conditions, such as committing an offence, or threatening the safety of the school or other pupils.

By staying unidentified pupils seemed more willing to talk about their problems, while they might have otherwise felt reluctant, shy or scared to talk about these issues. Privacy-enhancing Attribute-Based Credentials (Privacy-ABCs) are an enabler for such services. The technology allows users to log in by proving that only certain parts out of a larger certificate are valid (e.g. having a certain age or belonging to a specific school class) instead of presenting the whole certificate and disclosing all information contained therein.

The pilot showed that, while there may already exist a number of other solutions which provide functionalities and services similar to the ones provided by this pilot application, the value of trust and privacy can be added by deploying privacy-friendly technologies built upon Privacy-ABCs. Designed with privacy in mind, these technologies provide a trustworthy environment for the users, since the information the users share can not be linked to them in any way, as long as they choose to remain private.

Additional information