Dazza Greenwood

Dazza Greenwood is Protocol Lead at CR Digital Lab, where he is developing a data rights protocol to provide a common open specification for enabling consumers and companies to process the exercise of individual data rights as a consumer-connected digital service.

About Me

First End-to-End Test of Draft Data Rights Protocol Completed Successfully

Yesterday Ethyca, Incogni, and Consumer Reports’ Digital Lab successfully conducted the first live end-to-end interoperability test of the Data Rights Protocol.

The Data Rights Protocol (DRP) is a technical standard for exchanging data rights requests under the California Consumer Privacy Act (CCPA). First announced at an MIT Media Lab in October 2021, the protocol is being co-developed by a consortium of implementing companies working to achieve faster, cheaper processing of data rights requests sent by consumers.

Yesterday’s test with Ethyca, Incogni, and CR’s Digital Lab was the first ever exchange of machine-readable Data Rights Protocol requests end-to-end. The test used Fides, the open-source privacy engineering platform developed by Ethyca, to perform the privacy infrastructure provider role. Ethyca’s implementation of Data Rights Protocol was tested against two authorized agent implementations: Incogni and Permission Slip by Consumer Reports. The test used Data Rights Protocol v0.5.

“Privacy rights should be an easy-to-provide feature of every technology system, benefiting the consumer and simplifying complex privacy for every organization.” said Cillian Kieran, Founder and CEO of Ethyca. The Data Rights Protocol is a leap forward in defining an open-source interoperable standard for privacy rights industry-wide.”

“Taking back data has been shown to be an extremely tedious procedure, which requires legal knowledge and lots of persistence” added Darius Belejevas, Head of Incogni. Machine-readable data rights protocol requests end-to-end should make consumer lives a lot easier.”

This test is the first of many end-to-end tests scheduled for the Data Rights Protocol this spring. The purpose of each test is to prove the interoperability of the protocol among different consortium members serving in the authorized agent and privacy infrastructure provider roles.

“The first end-to-end test of a standard protocol for data rights is a major milestone for consumer privacy,” said Ginny Fahs, Associate Director of Product R&D at CR’s Digital Lab. “Standardization will make data rights requests far more efficient and reliable for consumers; today we caught our first glimpse of that future.”

For more information about the Data Rights Protocol, visit datarightsprotocol.org.