| CPC H04L 9/0618 (2013.01) [G06F 21/602 (2013.01); H04L 9/0819 (2013.01)] | 19 Claims |
|
1. A method for managing data privacy for a system, comprising:
receiving, from a user device, an indication of consent to support a data processing activity for a set of data associated with a user operating the user device;
generating a plurality of data processing permits, wherein a data processing permit of the plurality of data processing permits is generated for the user based at least in part on the indication of consent, the data processing permit indicating permission to perform the data processing activity on the set of data;
storing the plurality of data processing permits, each data processing permit of the plurality of data processing permits indicating respective permission to perform a respective data processing activity on a respective set of data;
receiving a request to perform the data processing activity on a data object;
checking the plurality of data processing permits for permission to perform the data processing activity on the data object based on the request;
determining, based on the checking, that the data processing permit of the plurality of data processing permits supports the request based at least in part on the data processing permit indicating the permission to perform the data processing activity on the set of data and based at least in part on the set of data comprising the data object;
identifying, based on the determining that the data processing permit supports the request, a permit key comprising a pointer pointing to the data processing permit that supports the request, wherein the permit key permits access to a plaintext version of the data object;
decrypting an encrypted version of a cryptographic key using the permit key to obtain the cryptographic key; and
decrypting a ciphertext version of the data object using the cryptographic key to obtain the plaintext version of the data object.
|