What are permissions? In the Dataswift product context, permissions relate to an application’s access to read and write data in the personal data accounts (PDAs) of its users. When an organisation submits an application to Dataswift for review to go “live”, it is asking for Dataswift to set up the correct permissions for its app’s users. This then allows the app to use the data or the namespace in the PDA in a way that meets the app’s particular business needs. However, even after the contracts/permissions are set up by Dataswift, it is still up to the app to persuade its users to grant these permissions.

What is permissions set-up and why is this important?

Permissions set-up is an important function of Dataswift’s stewardship of the PDA owner’s data. Permissions set-up means Dataswift has to set up the terms upon which apps can read and write data. It also ensures that data integrity is maintained on the HATDeX Platform, as apps can only read and write data that they are permitted to. Only when permissions are confirmed will an owner's PDA’s APIs be enabled for data to go in and out of the PDA.

Go deeper into permissions?

There are usually four types of contracts that Dataswift is asked to set up for permissions:

Contract 1 - App Namespace Permissions:

Every app that’s building on the PDA would require permission to READ and WRITE data into its own namespace. When filling out the Permissions Request Form for Contract 1, application owners will need to provide the data attributes their app will be collecting and storing into their namespace, along with its purpose.
Type of permission: The right to read/write into a PDA namespace named after the app (sometimes referred to as a folder)

Contract 2 - Other Namespace Permissions:

This contract provides permissions for an app to READ data in a namespace other than its own (e.g. Facebook). When filling out the Permissions Request Form for Contract 2, application owners need to provide the data attributes their app will be requesting from other namespaces, along with its purpose and duration.
Type of permission: The right to read data from other namespaces on the PDA through. Note: reading data from other namespaces requires a technical process called a data debit.

Contract 3 - Tool Processing Permissions:

This contract provides permissions for an app to READ, WRITE and PROCESS data through a tool (also called a Smart HAT Engine or SHE function) that processes data within a PDA and outputs new data into namespaces within the PDA. In filling out the Permissions Request Form for Contract 3, application owners will need to provide information about the data that is used by the tool.
Type of permission: The right for a tool to read and process data within a PDA and output/write new data into namespaces within the PDA.

Contract 4 - Data Plug permissions:

This contract provides permissions for a data plug to WRITE data into a namespace. Data plugs are usually proprietary to Dataswift so it is unlikely that a data plug is created by a third party unless they are a Dataswift partner.
Type of permission: The right for the data plug to WRITE data into a permitted namespace (eg Facebook namespace for Facebook data) in the PDA.

How does an app request for permissions to be set up?

STEP 1:_ _Fill in Permissions Request Form.
The main artefact of the permissions process, the Permissions Request Form is a request from an application owner to set up the contracts that would give their app the necessary permissions to either access a namespace or get some data from their app users’ PDAs. The app owner will need to fill out this form to get an application through to the review process.
STEP 2: Go through App Review.
The permissions set-up request process is part of preparing an application review for ‘going live’ with their PDAs, and is captured in the Permissions Request Form. The process involves the app review process, where Dataswift’s Review Committee conducts the following reviews of the application:
  • Design review – to ensure design consistency across all apps in the ecosystem in terms of usage of terms and design assets.
  • Technical elements – to ensure the API endpoints are called on correctly, error handling has been attended to and there are no other technical issues
  • Contractual review – to ensure that the contract is valid and set up correctly for the right set of data within the PDA for the stipulated usage, duration, and purpose.
  • Compliance review - to ensure that standard platform rules are followed as well as ensuring compliance to data protection and privacy regulations.
  • Data Conduct review - to ensure that data collection, storage, usage and processing have been handled responsibly.
To prepare for this review process, application owners will need to run through the checklist for putting their app through review.

Information needed for review

Declarations: in order for Dataswift to set up the data contracts for the permissions between the application owner and app users, the app owner needs to make several declarations listed in this section of the Permissions Request Form. Should these declarations change once the app is live, the app owner will need to request for another app review.
Standard information: Application owners need to provide the information about their applications and tools so that this can be clearly displayed to the PDA owners on their PDA dashboard. This includes the data they place into the namespace, and is relevant for user applications, marketplace applications (for contracted PDAs) and tools. This information will also be used to place the application in app stores and in the HAT store.
Application for permissions contracts: Providing the necessary information to apply for any one of the different types of contracts (see above).
_Data conduct for personal data collection, storage, processing and sharin_g: Application owners will need to make a declaration of how their app handles personal data; ie the flow of data, where and how it's collected, where it is stored, when/where/how and what is processed and what/when/how it is shared and with whom.

How are the permissions governed?

When an app is live, contracts (internally called HAT Microserver Instructions Contract or HMIC) will be logged on the HATDeX platform when users register or login to the application and accept the contract. Dataswift logs its details, manages and maintains the HMICs, their versioning and updates on behalf of the application owners and their users. Dataswift monitors the applications’ compliance with their obligations under the Agreement, including necessary audits, under the oversight of the HAT Community Foundation (HCF).
Contracts are checked by Dataswift’s Performance and Monitoring committee to ensure apps behave in accordance with certain rules that may be regulatory (e.g. imposed by HCF) or other rules that may be introduced by the HCF or Dataswift. Apps have the right to appeal to HCF if they feel they have been unfairly treated.
Data flows between app and PDA would be automatically enabled once the permissions are given by users in the live environment.
Unlike “consent” where individuals consent to data being moved from one place to another, PDAs are legally owned by individuals. Permissions are therefore a result of legal contracts set up by Dataswift directly between the app and its users. Without the individual agreeing to these contracts, the app’s access to the PDAs would be illegal. Dataswift, as the steward of the platform of PDAs, has to ensure that any access must have the correct permissions and the individual must not have revoked the permissions, which they can do from the PDA dashboard (unless the PDA is a contracted PDA). If they have, the app will no longer have access to the PDA.
The legal aspect of the platform is about compliance to the law i.e. GDPR, intellectual property rights, database rights, obligations of data controllers and the data processors. Since PDAs are legally owned by individuals, Dataswift has an obligation to ensure that apps and even Dataswift ourselves do not encroach on the individuals’ rights under the law.
The governance aspect of the platform is about stewardship and ensuring that everyone plays by the same set of rules. The HATDeX rating of all applications sits within governance, as does the risk assessment of applications that wish to go live. Governance also has to manage the HAT Community Foundation (HCF)’s oversight of Dataswift’s decision to allow or not allow certain contracts/permissions to be set up.
The way to think about governance and legal is to use a simple analogy: if an application wishes to set up a contract to ask for ALL of the data within the PDA, this is legally permissable; Dataswift can set up the contract for the two parties (ie. the app and the individual) to agree. However, governance may not allow this as it could compromise Dataswift’s stewardship of PDA data. So when would Dataswift say yes or no? Apps should know that Dataswift has an objective way of deciding that, under the strict oversight of HCF whom they can appeal to if practices are deemed unfair.