TOPIC : Cybersecurity PPP: Privacy, Data Protection, Digital Identities
|Publication date:||14 October 2015|
|Types of action:||IA Innovation action|
|DeadlineModel: Opening date:||single-stage 01 March 2017||Deadline:||24 August 2017 17:00:00|
|Time Zone : (Brussels time)|
Topic DescriptionSpecific Challenge:
The use of modern telecommunications and on-line services involve users' personal information.. For example, using search engines exposes the query terms used, which can be both sensitive and identifying, as illustrated by the exposure of search terms; social networking services expect users to reveal their social connections, messages and preferences, that could lead to direct privacy violation if exposed. Browsing the web also leaves traces of where users have gone, their interests, and their actions - meta-data that can be used to profile individuals.
The implementation the draft General Data Protection Regulation (GDPR - currently in the law-making process) presents both technological as well as organisational challenges for organisations which have to implement novelties such as the right to data portability, the right to be forgotten, data protection impact assessments and the various implementations of the principle of accountability.
Many services on the Internet depend on the availability of secure digital identities which play a crucial role in safeguarding the data and privacy of citizens as well as protecting them and other actors such as private companies or public services form various online threats. At the same time, many European countries already have or are in the process of developing an electronic identity (eID) scheme. Most of these projects are built to be at a very high security level, which makes them very suitable for diverse eGovernment processes. But in turn they may lack usability for commercial applications.Scope:
Innovation Actions: Proposals may cover one of the strands identified below.
Privacy-enhancing Technologies (PET)
Novel designs and tools to provide users with the functionality they require without exposing any more information than necessary, and without losing control over their data, to any third parties. PET should be available in a broad spectrum of products and services, with usable, friendly and accessible safeguards options. PET should be developed having also cost effective solutions.
Comprehensive and consistent Privacy Risks Management Framework should be available, in order to allow people to understand their privacy exposure (i.e. helping people to understand what happens to their data when they go online, use social networks etc).
Open source and externally auditable solutions are encouraged in order to maximise uptake and increase the trustworthiness of proposed solutions.
General Data Protection Regulation in practice
Tools and methods to assist organisations to implement the GDPR taking into account the final provisions of GDPR and guidance from relevant authorities (Data Protection Authorities, Art 29 WP or its successor).
Proposals may also address the need to provide support (procedures, tools) for entities to understand how to operate without requiring unnecessary information (so as to promote privacy respecting practices), in particular when the issue is mainly related to the fact that organizations (businesses, service providers, and government agencies) often require too much information from their target customer/user.
Secure digital identities
With a view to reducing identity fraud while protecting the privacy of citizens, proposals should develop innovative, secure and privacy enhancing digital identity platforms beyond national eID systems.
Activities may leverage existing European electronic identification and authentication platforms with clearly defined interfaces based on the General Data Protection Regulation (GDPR).
- Leverage evidence-based identities (using adequate correlation of multiple soft proofs of identity, as opposed to the usage of a central register);
- Provide a function for so called “qualified anonymity”, which means, that the online service does not have any information about the user but a pseudonym. The real identity of the user can only be revealed under specific conditions such as at the request of legal authorities;
- Consider cost-effective and user-friendly verification methods for mobile identity documents.
For all strands, proposals should identify and address the societal and ethical dimensions of the strand they choose to cover taking into consideration the possibly divergent perspectives of pertinent stakeholders.
Proposals have to address the specific needs of the end-user, private and public security end users alike. Proposals are encouraged to include public security end-users and/or private end users.
The Commission considers that proposals requesting a contribution from the EU between EUR 2 and 3 million would allow these areas to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.
The outcome of the proposals is expected to lead to development up to Technology Readiness Level (TRL) 6 to 7; please see part G of the General Annexes.Expected Impact:
- Support for Fundamental Rights in Digital Society.
- Increased Trust and Confidence in the Digital Single Market
- Increase in the use of privacy-by-design principles in ICT systems and services
Topic conditions and documents
Please read carefully all provisions below before the preparation of your application.
- List of countries and applicable rules for funding: described in part A of the General Annexes of the General Work Programme.
Note also that a number of non-EU/non-Associated Countries that are not automatically eligible for funding have made specific provisions for making funding available for their participants in Horizon 2020 projects (follow the links to China, Japan, Republic of Korea, Mexico, Russia, Taiwan).
- Eligibility and admissibility conditions: described in part B and C of the General Annexes of the General Work Programme
Proposal page limits and layout: Please refer to Part B of the standard proposal template.
3.1 Evaluation criteria and procedure, scoring and threshold: described in part H of the General Annexes of the General Work Programme
3.2 Submission and evaluation process: Guide to the submission and evaluation process
- Indicative timetable for evaluation and grant agreement:
Information on the outcome of single-stage evaluation: maximum 5 months from the deadline for submission.
Signature of grant agreements: maximum 8 months from the deadline for submission.
- Provisions, proposal templates and evaluation forms for the type(s) of action(s) under this topic:
Specific provisions and funding rates
Standard proposal template
Standard evaluation form
H2020 General MGA -Multi-Beneficiary
Annotated Grant Agreement
- Additional provisions:
Horizon 2020 budget flexibility
Technology readiness levels (TRL) – where a topic description refers to TRL, these definitions apply.
Financial support to Third Parties – where a topic description foresees financial support to Third Parties, these provisions apply.
- Open access must be granted to all scientific publications resulting from Horizon 2020 actions.
Where relevant, proposals should also provide information on how the participants will manage the research data generated and/or collected during the project, such as details on what types of data the project will generate, whether and how this data will be exploited or made accessible for verification and re-use, and how it will be curated and preserved.
Open access to research data
The Open Research Data Pilot has been extended to cover all Horizon 2020 topics for which the submission is opened on 26 July 2016 or later. Projects funded under this topic will therefore by default provide open access to the research data they generate, except if they decide to opt-out under the conditions described in annex L of the Work Programme. Projects can opt-out at any stage, that is both before and after the grant signature.
Note that the evaluation phase proposals will not be evaluated more favourably because they plan to open or share their data, and will not be penalised for opting out.
Open research data sharing applies to the data needed to validate the results presented in scientific publications. Additionally, projects can choose to make other data available open access and need to describe their approach in a Data Management Plan.
- Projects need to create a Data Management Plan (DMP), except if they opt-out of making their research data open access. A first version of the DMP must be provided as an early deliverable within six months of the project and should be updated during the project as appropriate. The Commission already provides guidance documents, including a template for DMPs.
- Eligibility of costs: costs related to data management and data sharing are eligible for reimbursement during the project duration.
The legal requirements for projects participating in this pilot are in the article 29.3 of the Model Grant Agreement.
- Additional documents:
H2020 Work Programme 2016-17: Introduction
H2020 Work Programme 2016-17: Innovation in SMEs
H2020 Work Programme 2016-17: Secure societies – protecting freedom and security of Europe and its citizens
H2020 Work Programme 2016-17: Cross-cutting activities (Focus Areas)
H2020 Work Programme 2016-17: Dissemination, Exploitation and Evaluation
H2020 Work Programme 2016-17: General Annexes
Legal basis: Horizon 2020 - Regulation of Establishment
Legal basis: Horizon 2020 Rules for Participation
Legal basis: Horizon 2020 Specific Programme
To access the Electronic Submission Service of the topic, please select the type of action that is most relevant to your proposal from the list below and click on the 'Start Submission' button. You will then be asked to confirm your choice of the type of action and topic, as these cannot be changed in the submission system. Upon confirmation you will be linked to the correct entry point.
To access existing draft proposals for this topic, please login to the Participant Portal and select the My Proposals page of the My Area section.
|Type of Action||Innovation action [IA]|
|Topic||Cybersecurity PPP: Privacy, Data Protection, Digital Identities - DS-08-2017|
|Guidance on proposal submission:||H2020 online manual|
H2020 Online Manual your online guide on the procedures from proposal submission to managing your grant.
Participant Portal FAQ – Submission of proposals.
National Contact Points (NCP) - contact your NCP for further assistance.
Research Enquiry Service – ask questions about any aspect of European research in general and the EU Research Framework Programmes in particular.
Enterprise Europe Network – contact your EEN national contact for advice to businesses with special focus on SMEs. The support includes guidance on the EU research funding.
IT Helpdesk- contact the Participant Portal IT helpdesk for questions such as forgotten passwords, access rights and roles, technical aspects of submission of proposals, etc.
Ethics – for compliance with ethical issues, see the Participant Portal and Science and Society Portal
European IPR Helpdesk assists you on intellectual property issues
CEN and CENELEC, the European Standards Organisations, advise you how to tackle standardisation in your project proposal. Contact CEN-CENELEC Research Helpdesk at firstname.lastname@example.org.
The European Charter for Researchers and the Code of Conduct for their recruitment
Partner Search Services help you find a partner organisation for your proposal