[RFW0007] Brand Engagement via Data Subscriptions - Sharing user datasets between DIDs

[ProfilaMitchell]

Table of Contents

• Housekeeping
• The Problem
• User Story
• Request Type A/B
• Owner
• Summary
• Is This Really Necessary?
• Motivation
• Named concepts
• Examples, Risks & Assumptions
• Success Metrics
• Conceptual Design
• Drawbacks
• Alternatives
• New Data
• Business Release Date

Housekeeping

Make sure to clearly understand Type-A and Type-B requests, and the relevant limitations. Failing to follow the guidelines pertaining to the two acceptable types of RFWs will automatically lead to disqualification of the RFW.

Take time to complete each section below with as much detail as is required to establish a comprehensive understanding about the underlying product specification.

ALL BELOW FIELDS ARE REQUIRED

The Problem

There is no way to associate the P-DID or B-DID with in the data that is shared between users and brands

User Story

As Profila I want to verify that data is being sent between DIDs so that we can detach the actual user/brand from the data transfer

• Medium business severity - Data transfer is still possible, however the attachment of DIDs adds more security and privacy
• Medium priority - Privacy is a large part of Profila's mission

Request Type A/B

Type A
This RFW references the establishment of DIDs on the desktop platform desktop platform

Owner

Michiel Van Roey

Summary

This RFW facilitates the sharing of Profila user's datasets (consented via a data subscription) non-anonymously with a brand.

Is This Really Necessary?

The facilitation of DIDs in the sharing of data between brands and users ensures a secure and private sharing channel. This is the "best way" to deliver on Profila's goal of privacy and control.

Motivation

The motivation of this RFW is to facilitate data subscriptions by implementing the established ATALA DIDs into this process.

Named Concepts

Data Subscription - A request from a brand to a user for access to a specific set of data, for a specific amount of time, for defined remuneration. This data is used to serve the user ads based on their preferences. The subscription is recorded in a smart contract.

Examples, Risks & Assumptions

1. Explain concretely what will manifest as a result of this RFW.

Users will have an option to take their consent for sharing the whole of their profile, non-anonymously, with a specific brand (Data Subscription).

2. Explain how is it different from what is already manifesting i.e. what we already have?

Currently there is no DID association with the datasets shared between brands and users

3. Explain what Profila users/brands will experience as a result of this RFW. How will they feel as a result of it? How will they benefit as a result of it?

• Profila users will be able to allow brands to subscribe to them by configuring individual data settings for the brand

• Profila users will be able to have a private and secure channel with an individual brand to communicate and give ad attention (clickthrough and engagement)

• As a brand, I can create a private and secure channel with a Profila user to communicate and advertise to earn ad attention

• As a brand, I can see self-discovered, accurate, and invaluable user data from requesting a data subscription with a Profila user

4. If applicable, provide sample messages for any new messages the system will display as a result of this RFW.

N/A

5. Define what is out of scope in this request.

• The storage of user data is out of scope of this request
• Whilst the end results of the capabilities of both users and brands is mentioned above, the UI implementation of this is out of scope. The above (and below conceptual design) acts as part demonstration of the product feature which this RFW is a part of.

6. What are the data protection, privacy and security assumptions made for this request (example, should this be GDPR, HIPPA (healthcare), NIST compliant etc. - Speak to Michiel or Ipek!)

Sharing datasets between DIDs adds another layer of security to the platform

7. Explain how this user story will be supported (i.e customer support - if the user story fails technically, how will the user be supported).

N/A

8. Explain how this user story impacts revenue or billing (if applicable).

N/A

9. State any additional risks identified as a result of this user story.

Success Metrics

Conceptual Design

Attached here is IOG's original document outlining user stories surrounding brand engagement:
IOHK_Profila - User Stories.docx

Logic

• The initial focus is on data points which need to be verifiable.
• Profila then introduces the third party credential verification step for either an ID, passport, company registration document, etc. This information is verified, captured, and stored within the DID Wallet as a verified credential.
• During the above stage; Profila will tag users and brands, similar to Twitter blue tick, as DID verified customers and brands, thus confirming that they are verified humans and brands.
• Profila will also focus on sharing these verified datasets (and other datasets requested, but non-verified; such as psychographic data, images, etc) between the person and the brand.
• The consent and access rights will be managed by Profila, along with the verified credentials. This final process will be addressed in a separate project, where subscriptions will become smart contracts linked to the DID, once Plutus allows for such capabilities.

This RFW acts as a web3 layer on top of the data sharing model within the Profila platform. Brands will be granted (with permission) the ability to see user data. Adding the ability to share these datasets between two DIDs (of the brand and of the user) is the purpose of this RFW. Below are the outcomes facilitated by this, for the various parties involved:

For the Profila user:

• The Profila user has a way to manage their subscription offers from brands
• The Profila user, upon receiving a data subscription offer, sees clear information regarding the information that they are sharing
• The Profila user can accept the subscription, and it is recorded in a smart contract as immutable proof of the transaction and terms
• The Profila user can use a secure and private channel to communicate and give ad attention

For the specific brand:

• The brand can request specific information from a user (non-anonymous)
• The brand can dictate the terms of the subscription offer (however, acceptance is not guaranteed)
• The brand can utilise a secure and private channel to serve ads to the Profila user

For Profila:

• Profila can run AI privacy preserving analytics to access analysis of user data shared with consent
• Profila can share this analysis with brands about customer population anonymously

Flow:

Drawbacks

Alternatives

New Data

Business release date

A rough timing for the planned release for the specification possibly resulting from this request.

Delivery of the DID integration into user data access is requested by the end of Q1 2023.

[IpekSahiner]

Diagram for this RFW:
Team please review:
@shawnjensen @MichielVanRoey @parhelium @ProfilaMitchell @lucasbragg