Towards an Accountable Web of Personal Information: The Web-of-Receipts

Research output: Contribution to journalArticlepeer-review


Consent is a corner stone in any Privacy practice or public policy. Much beyond a simple “accept” button, we show in this paper that obtaining and demonstrating valid Consent can be a complex matter since it is a multifaceted problem. This is important for both Organisations and Users. As shown in recent cases, not only cannot an individual prove what they accepted at any point in time, but also organisations are struggling with proving such consent was obtained leading to inefficiencies and non-compliance. To a large extent, this problem has not obtained sufficient visibility and research effort. In this paper, we review the current state of Consent and tie it to a problem of Accountability. We argue for a different approach to how the Web of Personal Information operates: the need of an accountable Web in the form of Personal Data Receipts which are able to protect both individuals and organisation. We call this evolution the Web-of-Receipts: online actions, from registration to real-time usage, is preceded by valid consent and is auditable (for Users) and demonstrable (for Organisations) at any moment by using secure protocols and locally stored artefacts such as Receipts. The key contribution of this paper is to elaborate on this unique perspective, present proof-of-concept results and lay out a research agenda.
Original languageEnglish
Pages (from-to)25383 - 25394
JournalIEEE Access
Early online date29 Jan 2020
Publication statusPublished - 10 Feb 2020

Bibliographical note

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see


Dive into the research topics of 'Towards an Accountable Web of Personal Information: The Web-of-Receipts'. Together they form a unique fingerprint.

Cite this