A middleware architecture for privacy protection

The issue of user privacy is constantly in spotlight since an ever increasing number of online services collects and processes personal information from users, in the context of personalized service provision. In fact, recent advances in mobile communications, location and sensing technologies and data processing are boosting the deployment of context-aware personalized services and the creation of smart environments; but at the same time, they pose a serious risk on individuals’ privacy rights. Although technology makes the collection of data easy, its protection against abuse is left to data protection legislation. However, the privacy requirements, other than being general and abstract terms to be regarded as legislature issues, should be brought down in technological reality and carefully accounted for in devising technical solutions. In order to limit the disclosure and avoid the misuse of personal data, this paper discusses an architectural proposal for a middleware system that will enforce protection of user privacy through technical means. The proposed architecture mediates between the users, the service providers and the law, constituting a middleware shield for individuals’ personal data.