Enforcing Privacy Requirements on Oblivious Network Agents - A Software Solution of a Type System Generated from COPPA

Abstract

The last couple of decades have shown increases in worldwide privacy-oriented regulatory practices focused on online usage. According to the 2000 U.S. federal law Children’s Online Privacy Protection Act (COPPA), a child is not allowed to send personal information to a website without consent from its parent. Since the General Data Protection Regulation (GDPR) came into force in 2018, companies in the European Union have a legal obligation to incorporate some privacy-oriented practices with regard to the processing of personal data. Robin Adams and Sibylle Schupp have created a method for designing a privacy-compliant architecture that satisfies some given privacy constraints without needing to know the source code or internal structure of any individual component. Using message passing over TCP/IP and a public-key cryptosystem, this project shows that Robin and Sibylle’s theory can be translated into actual software by creating an open-source software implementation in C++, with COPPA under consideration.