Transparent and self-determined design of data usage in companies

Industry: Software / September 01, 2018

In the joint project “TrUSD – Transparent and self-determined design of data usage in companies”, Fraunhofer IESE and its project partners developed a practice-oriented and legally compliant approach for technology-supported employee data privacy. In this way, a bridge was built between the potential offered by data analytics and employees’ right to privacy.

Referenzprojekt:TrUSD — © Fraunhofer IESE

Last modified: September 01, 2018

The increasing digitalization in the world of work opens up the possibility for companies to collect and evaluate extensive data on various work processes. On the one hand, this development forms the basis for process optimizations; on the other hand, it presents companies with new challenges in terms of employee data protection and data security.

The collection, transfer, storage, and evaluation of personal data in a company, in particular, entails the risk of inadmissible monitoring and touches on issues of employees’ informational self-determination and the associated legal regulations (e.g., the European General Data Protection Regulation). Currently, however, employees generally have neither the knowledge nor the possibility to understand the collected data, its processing, and the associated consequences for their privacy (transparency), let alone to control it (self-determination).

In the project TrUSD, a practice-oriented and legally compliant approach for technology-supported employee data protection was therefore developed: Privacy dashboards enable companies to provide their employees with both transparency about company data processing procedures and self-determination possibilities regarding data processing. In addition, companies are supported by a participatory process model developed in TrUSD. This enables them to strengthen the organization-wide trust and work culture and at the same time allows them to benefit from business-enhancing analyses with personal data released by employees in a self-determined manner.

The project builds a bridge between the potential of comprehensive data analytics in organizations and the employees’ right to privacy. The requirements of employees, employee representatives (e.g., works councils, staff councils, trade unions) and employers with regard to employee privacy are reconciled better so that a fair balance of interests is achieved.

DATA & FACTS

TrUSD

Funded by: German Federal Ministry of Education and Research (BMBF)

Budget: 72,000 EUR (2018)

+ 218,000 EUR (2019)

+ 203,000 EUR (2020)

+ 67,000 EUR (2021)

= 560,000 EUR

Duration: 09/2018 – 08/2021

Project Partners: Fraunhofer IESE, HKBS, Institute for Technology and Work (ITA), Bonn-Rhein-Sieg University of Applied Sciences, Saarland University

Project Website: www.trusd-projekt.de

Challenge

Understanding the needs of employees and employers
Creating a fair balance of interests between employers and employees
Understandable packaging of complex facts in the area of data protection
Reconciling very different, sometimes competing quality characteristics

Contributions of Fraunhofer IESE

Systematic elicitation and documentation of needs and requirements
Definition of the framework
Development of a quality model for Usable Security and Privacy
Development of interaction concepts and UI mockups
Integration with our security solution MYDATA Control Technologies
Planning and performance of project evaluation

Goals / Results

Development of novel types of transparency technologies that provide users with appropriate situation-specific information about the use of their own data and which can comprehensively display the entire history of decisions and data accesses, so that the use of the data can be traced even after usage rights have been granted
Development of user-friendly co-determination options for employees
Investigation, development, and integration of enforcement components for employee privacy requirements (e.g., anonymization features, data usage control)
Support of a fair balance of interests between employees, employee representatives (e.g., works councils, staff councils, trade unions) and employers with regard to transparency and co-determination possibilities
Development of an optimized quality model that reconciles privacy, usability, and legal compliance
Development of a management-oriented process model that maps the required participatory negotiation processes in the implementation of privacy-friendly digital work processes and the data collection involved in companies
Development of a self-assessment tool for employee data protection in the digital world of work to raise companies’ awareness of the topic at a low threshold
Creation of legal compliance of the project results, in particular with regard to the new legal challenges, including those posed by the General Data Protection Regulation

Do you have a challenge for us?

Talk to us and benefit from having Fraunhofer as a research and industry partner.

Contact us!

We will be happy to support you and make time for you!

Schedule an appointment with us, by email or by phone.

Reference Project: TrUSD