Provably Private Communications

Abstract

The aim of this project was to implement a private communication system, called Provably Private Communications (PPC), based on the paper Constructing Independently Verifiable Privacy-Compliant Type Systems for Message Passing between Black-Box Components [1]. Originally conceived in reaction to new privacy laws such as GDPR, PPC puts constraints on communication between different parties, such that participants can only send messages of pre-defined types and under certain conditions. Both users and third-party actors can verify that if the messages being sent follow the given type system then the global privacy constraints will hold. The main result of the thesis is a software library which can be used in many types of real-world applications. The library can be used in desktop platforms as well as on the web. On top of that, demos of useful applications have been developed. The library allows a developer to define a system of types of users, where each type of user is only allowed to send and receive data of predetermined types. PPC has the potential to be widely adopted in the future as privacy laws change.