Databox: Privacy-Aware Infrastructure for Managing Personal Data

Lead Research Organisation: Imperial College London
Department Name: Design Engineering


Building privacy, trust and security into the evolving digital ecosystem is broadly recognized as a key societal challenge. Regulatory activities in the US, Europe and Japan are complemented by industry initiatives that seek to rebalance "the crisis in trust" occasioned by widespread personal data harvesting. All parties agree that key to this challenge are increased accountability and control. Accountability not only seeks to strengthen compliance but also make the emerging ecosystem more transparent to consumers, while control seeks to empower consumers and provide them with the means of actively exercising choice. This proposal will develop the underlying technology infrastructure required to deliver both accountability and control.

Although personal data management is generally considered an intensely personal matter, it is also inherently social: it is impractical to withdraw from all online activity simply to protect one's privacy. The success of the modern Internet and the "free" services it supports largely rests on the ability for advertisers and analytics providers to make money with the result that approaches that remove or diminish advertising revenues have been doomed to failure. The many motivations and uses for systems enabling personal management of personal data point to a need for tools enabling individuals to take more explicit control over the collection and usage of their data and the information inferred from their online activities, while addressing the challenges of HDI.

Working with partner organisations we have refined our vision of just such a tool, a Databox, an on-demand personal data aggregation and query point, control over which rests directly with the user. The Databox vision is of an open-source personal networked device augmented by cloud-hosted services that collates, curates, and mediates access to our personal data. The Databox will enable and, in some cases, may even host third party applications and services that process personal data. The Databox will form the heart of an individual's personal data processing ecosystem, providing a platform for managing secure access to these data and enabling authorised third parties to provide the owner with authenticated services while roaming outside the home environment.

Planned Impact

The proposed research will benefit society through numerous pathways: industry, academia, and through several user communities including open-source developers, Internet advocacy groups, and engagement in the many live policy and other debates currently active in the personal data space. Fundamentally however, realisation of the Databox as an open-source platform for the broader community will be of most significant benefit to all citizens. The combination of infrastructure that enables open source development and drives critical mass, with commercial and policy impact opportunities via our industrial and advocacy partners will add significant momentum to the growing community of HDI practitioners.

Perhaps the most critical pathway to impact is the Databox itself. Databox is a practical open-source platform whose methodology entails deployment of working artefacts with users. These artefacts will create a comprehensive software platform that enables trusted service-to-user solutions across multiple market segments. These software tools will realise various advantages to individuals for better control over their personal data, digital identity and privacy. This provides more possibilities of access to personal data for third party applications, generating new businesses and differentiating their products with innovative services.

There are a number of other impact channels:
- The Emerging HDI Community http://
- The Open Source Development Community
- Industry
- Advocacy Groups
- Broader Society
- Academics

Full details of the engagement plans are presented in the attached Pathways to Impact document.


10 25 50
publication icon
Chamberlain A (2017) Special theme on privacy and the Internet of things in Personal and Ubiquitous Computing

publication icon
Crabtree A (2018) Building accountability into the Internet of Things: the IoT Databox model. in Journal of reliable intelligent environments

publication icon
Crabtree A (2017) Repacking 'Privacy' for a Networked World. in Computer supported cooperative work : CSCW : an international journal

publication icon
Lodge T (2019) Privacy Engineering for Domestic IoT: Enabling Due Diligence. in Sensors (Basel, Switzerland)

publication icon
Malekzadeh M (2020) Privacy and utility preserving sensor-data transformations in Pervasive and Mobile Computing

publication icon
Malekzadeh M (2019) Mobile sensor data anonymization

publication icon
Osia S (2020) Deep Private-Feature Extraction in IEEE Transactions on Knowledge and Data Engineering

publication icon
Osia S (2020) A Hybrid Deep Learning Architecture for Privacy-Preserving Mobile Analytics in IEEE Internet of Things Journal

publication icon
Perera C (2017) Valorising the IoT Databox : creating value for everyone Valorising the IoT Databox : creating value for everyone in Transactions on Emerging Telecommunications Technologies

publication icon
Shamsabadi A (2020) PrivEdge: From Local to Distributed Private Training and Prediction in IEEE Transactions on Information Forensics and Security

publication icon
Tolmie P (2017) The practical politics of sharing personal data in Personal and Ubiquitous Computing

publication icon
Urquhart L (2019) Demonstrably doing accountability in the Internet of Things in International Journal of Law and Information Technology

publication icon
Zhang C (2019) Deep Learning in Mobile and Wireless Networking: A Survey in IEEE Communications Surveys & Tutorials

Related Projects

Project Reference Relationship Related To Start End Award Value
EP/N028260/1 31/10/2016 31/10/2017 £1,238,585
EP/N028260/2 Transfer EP/N028260/1 01/11/2017 31/05/2020 £998,335
Description The award has lead to the Human-Data Interaction EPSRC NetworkPlus The award has lead to the Defence Against Dark Artefacts EPSRC grant The research has been showcased at Victoria & Albert Museum and Tate by the BBC.
First Year Of Impact 2018
Sector Digital/Communication/Information Technologies (including Software),Security and Diplomacy
Impact Types Societal,Economic

Description Input into the Government CDEI report on home assistants
Geographic Reach National 
Policy Influence Type Gave evidence to a government review
Impact Our research provided evidence for the "Smart Speakers and Voice Assistants" paper as part of the "CDEI Snapshot Series" The Centre for Data Ethics and Innovation (CDEI) is an advisory body set up by the UK government and led by an independent board of experts. It is tasked with identifying the measures we need to take to maximise the benefits of AI and data-driven technology for our society and economy. The CDEI has a unique mandate to advise government on these issues, drawing on expertise and perspectives from across society. The CDEI Snapshots are a series of briefing papers that aim to improve public understanding of topical issues related to the development and deployment of AI. These papers are intended to separate fact from fiction, clarify what is known and unknown, and suggest areas for further investigation.
Description Royal Academy of Engineering report on Data Sharing 
Form Of Engagement Activity A magazine, newsletter or online publication
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Policymakers/politicians
Results and Impact Databox has been featured as a case study at the Royal Academy of Engineering report "Towards trusted data sharing: guidance and case studies"

Read all about it here:
Year(s) Of Engagement Activity 2019
Description Victoria and Albert Museum exhibition of the Living room of the future 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach Regional
Primary Audience Public/other audiences
Results and Impact Full details via and

The Living Room of the Future

BBC R&D and the Databox team are also, in collaboration with the Foundation for Art and Creative Technology (FACT) and the British Council, organising a public experiment called 'The Living Room of the Future', which seeks to explore the relationship between our hyper-connected homes and next generation broadcasting techniques in ways that enhance inhabitants' media experiences while protecting their privacy and security.

The HDI principles that underpin Databox development have also been applied in an innovative collaboration with BBC R&D centring on 'Object Based Media' (OBM). OBM adapts media to devices, environments, and people to create bespoke personalised experiences. BBC R&D and the Databox team undertook a public experiment at the 2016 Mozilla Festival to explore the potential relationship between OBM and Databox. The experiment leveraged the OBM 'Cook-Along Kitchen Experience' alongside Internet of Things technologies to engage members of the public in an innovative cooking experience. Mediated by the Databox, the experience used data generated by participants' interactions with Internet-enabled utensils and kitchen appliances to drive the timely delivery of recipe instructions.
Year(s) Of Engagement Activity 2018