blindnet-io · nweldev · Sep 2, 2022 · Sep 2, 2022
diff --git a/docs/research/White-Paper-May-2022.pdf b/docs/research/White-Paper-May-2022.pdf
diff --git a/docs/roadmap/img/prb.png b/docs/roadmap/img/prb.png
diff --git a/docs/roadmap/img/stack.png b/docs/roadmap/img/stack.png
diff --git a/docs/roadmap/q3-2022.md b/docs/roadmap/q3-2022.md
@@ -0,0 +1,135 @@
+# blindnet DevKit Product Roadmap
+
+| Status        | Snapshot                                                            |
+| :------------ | :------------------------------------------------------------------------------------- |
+| **PR #**      | [#55](https://github.com/blindnet-io/devrel-management/pull/55)               |
+| **Author(s)** | [milstan](https://github.com/milstan) ([email protected])                            |
+| **Updated**   | 2022-07-16                                                                             |
+
+
+## Introduction
+
+The purpose of this document is to give blindnet's clients and partners the visibility about what features can be expected when.
+
+## Product Definition
+
+[blindnet devkit](https://github.com/blindnet-io/product-management/blob/main/refs/lexicon/RFC-Lexicon-2.md#blindnet-devkit) is a set of software components for implementing [privacy-enabled connectedness](https://github.com/blindnet-io/product-management/blob/main/refs/notion-of-privacy/notion-of-privacy.md#privacy-enabled-connectedness).
+
+[Organizations](https://github.com/blindnet-io/product-management/blob/main/refs/lexicon/RFC-Lexicon-2.md#organization) use *blindnet devkit* to build [Trust](https://github.com/blindnet-io/product-management/blob/main/refs/notion-of-privacy/notion-of-privacy.md#privacy-is-strongly-linked-with-trust) among their Users, by allowing them to regulate [Privacy](https://github.com/blindnet-io/product-management/blob/main/refs/notion-of-privacy/notion-of-privacy.md#definition) in the relationship they have with the Organization.
+
+## Product Vision
+
+[blindnet devkit](https://github.com/blindnet-io/product-management/blob/main/refs/lexicon/RFC-Lexicon-2.md#blindnet-devkit) is the *lingua franca* for [privacy](https://github.com/blindnet-io/product-management/blob/main/refs/notion-of-privacy/notion-of-privacy.md#definition) on the Web.
+
+## Product Features
+
+Through its components, blindnet devkit offers:
+
+- **Complete Privacy Feature-set**: acts upon the 3 pillars of privacy in software systems [Confidentiality, Control, and Transparency](https://github.com/blindnet-io/product-management/blob/main/refs/notion-of-privacy/principles/RFC-SPEP.md):
+    - **Confidentiality** (delivered by **(Distributed) Encryption Engine**):
+        - e2ee - encrypt and decrypt data locally using SDKs and Web Components
+        - Manage encryption in the context of multiple systems exchanging data
+        - Support user in lost-access situations
+        - Compatibility with 3rd-party identity providers
+
+    - **Restitute Control to Data Subjects** (delivered by *Privacy Request Capture Interface* of the **Privacy Request Manager**):
+        - User-friendly interface for making Privacy Requests
+        - Privacy Request transfer: Make a request once - reach all corresponding systems having your data
+
+    - **Transparency** (delivered by Data Subject-facing Web Components of the **Metadata Engine** and by *Privacy Request Capture Interface* of the **Privacy Request Manager**):
+        - Inform-as-you-capture: Inform the data subjects about purposes and types of processing being done on their data, legal bases for processing and ways to exercise their rights
+        - Collect consents during data capture
+        - Single point of access to privacy-related information and controls
+        - Transparent Privacy Request Response process and proof of compliance
+
+- **(Out-of-the-box) Automated Privacy Management** (delivered by **Privacy Computation Engine**):
+    - Single point of configuration for privacy metadata and workflows
+    - Rich Privacy Metadata supporting automated response to most common Privacy Requests
+    - Management of retention policies and automatic data expiry
+    - Out-of-the box Privacy Requests resolution rule-sets for major regulations (GDPR etc.)
+    - Automatically reconcile multiple legal bases for processing (Consents, Contracts, Legitimate Interests, etc.)
+    - Configurable level of automation of Privacy Request Responses
+    - Centralized interface from DPOs for Privacy Requests oversight and Management
+    - Privacy Request history and proof of compliance
+
+- **Interoperability** (delivered by **Interoperability Formats and Protocols**):
+    - Shared understanding of privacy metadata and Privacy Request across systems sharing data
+    - Coordinated response to Privacy Requests across systems sharing data
+    - Consent and other Legal Base resolution in the context of multiple systems sharing data
+
+<img align="right" height="200" caption="Privacy Stack" src="./img/stack.png">
+
+## Product Components
+
+[blindnet devkit](https://github.com/blindnet-io/product-management/blob/main/refs/lexicon/RFC-Lexicon-2.md#blindnet-devkit) consists of a set of components, collectively called **Privacy Stack**. Those include:
+- **(Distributed) Encryption Engine**: A tool to ensure data confidentiality in a distributed setting. Corresponds to [Encryption and Access Management Engine of HLA](https://github.com/blindnet-io/product-management/tree/main/refs/high-level-architecture#encryption-and-access-management-engine)
+
+- **Metadata Engine**: Allows to create privacy-related metadata that enables cross-system privacy-management. Corresponds to [Capture Component of HLA](https://github.com/blindnet-io/product-management/tree/main/refs/high-level-architecture#capture-component) and handles correspondence between actual data and privacy-metadata
+
+<img align="right" height="200" caption="Privacy Request Builder" src="./img/prb.png">
+
+- **Privacy Request Manager**: Single point of communication around Privacy Requests. Allows Data Subjects to make Privacy Request in order to exercise control over their data. Allows DPOs to respond to Privacy Requests and generate proof of compliance. Corresponds to [Privacy Request Builder a.k.a. Privacy Request Capture Interface](https://github.com/blindnet-io/product-management/tree/main/refs/high-level-architecture#privacy-request-capture-interface) and [Data Consumer Interface](https://github.com/blindnet-io/product-management/tree/main/refs/high-level-architecture#data-consumer-interface)
+
+- **Interoperability Formats and Protocols**: Allows Systems and their components to precisely communicate meta-data related to privacy using universally-understood semantics. Corresponds to [Schemas Component of HLA](https://github.com/blindnet-io/product-management/tree/main/refs/high-level-architecture#schemas)
+
+- **Privacy Computation Engine**: Allows to automate the evaluation of compliance, retention date expiry, and the response to Privacy Requests. Corresponds to [Privacy Computation Engine component of HLA](https://github.com/blindnet-io/product-management/tree/main/refs/high-level-architecture#privacy-computation-engine)
+
+- **Privacy-Informed Storage**: A data-base wrapper allowing to store data in a way optimized for maximal automation of privacy-workflows.
+
+On top of **Privacy Stack**, blindnet may (alone, or in collaboration with partners) offer **Privacy Services** such as:
+- Privacy Request processing (external DPO)
+- Implementation services (Custom software and Privacy Stack integrations)
+- Compliance Consulting services around compliance and best practices
+- Management Consulting services, helping Organizations approach Privacy as an opportunity rather than as a threat
+
+## Expected Availability of Components
+<table>
+<thead>
+<tr>
+<th style="text-align:right">Component</th>
+<th style="text-align:left">2022-06-22</th>
+<th style="text-align:left">2022-09-23</th>
+<th style="text-align:left">2022-12-21</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td style="text-align:right">Encryption Engine</td>
+<td colspan=2 style="text-align:left">Available to businesses through Privateform (cf. <a href="https://blindnet.io">blindnet.io</a>). Available to developers through libraries and APIs (cf. <a href="https://blindnet.dev/docs/quickstart">Quick Start</a>)</td>
+<td style="text-align:left">Fully available as part of blindnet DevKit</td>
+</tr>
+<tr>
+<td style="text-align:right">Metadata Engine</td>
+<td style="text-align:left">NA</td>
+<td style="text-align:left">Available with certain limitations. Fully supports Consents, Legal Bases, Privacy Requests and Privacy Request Responses.</td>
+<td style="text-align:left">Fully available</td>
+</tr>
+<tr>
+<td style="text-align:right">Privacy Request Manager</td>
+<td style="text-align:left">Available to businesses through Privateform (cf. <a href="https://blindnet.io">blindnet.io</a>). Supports ACCESS, MODIFY and DELETE Privacy Requests.</td>
+<td colspan=2 style="text-align:left">Fully available as part of blindnet DevKit</td>
+</tr>
+<tr>
+<td style="text-align:right">Interoperability Formats and Protocols</td>
+<td style="text-align:left">First version of <a href="https://github.com/blindnet-io/product-management/blob/main/refs/schemas/priv/RFC-PRIV.md">PRIV</a> available.</td>
+<td colspan=2 style="text-align:left">Stable version of PRIV. First version of Privacy Request Multicast Protocol.</td>
+</tr>
+<tr>
+<td style="text-align:right">Privacy Computation Engine</td>
+<td style="text-align:left">NA</td>
+<td style="text-align:left">Fully supports Consents, Legal Bases, Privacy Requests and Privacy Request Responses. Limited support for Capture-based retention policies. Full Support for Event-based retention policies (e.g. end of contract, closed account, etc.)</td>
+<td style="text-align:left">Fully available</td>
+</tr>
+<tr>
+<td style="text-align:right">Privacy-Informed Storage</td>
+<td colspan=2 style="text-align:left">Available to businesses through Privateform (cf. <a href="https://blindnet.io">blindnet.io</a>)</td>
+<td style="text-align:left">Fully available as part of blindnet DevKit. Supports direct storage of Data Captures and Data Capture Fragments for purposes of maximal level of privacy automation</td>
+</tr>
+</tbody>
+</table>
+
+## References
+- **[Product Lexicon]**: [RFC Lexicon 2](https://github.com/blindnet-io/product-management/blob/main/refs/lexicon/RFC-Lexicon-2.md)
+- **[Communication Vocabulary]**: [RFC Vocabulary](../../vocabulary/RFC-vocabulary.md)
+- **[Notion of Privacy]**: [Definitions from literature](https://github.com/blindnet-io/product-management/blob/main/refs/notion-of-privacy/notion-of-privacy.md)
+- **[HLA]**: [High Level Architecture](https://github.com/blindnet-io/product-management/tree/main/refs/high-level-architecture)
diff --git a/docs/use-cases/bigid.md b/docs/use-cases/bigid.md
@@ -0,0 +1,68 @@
+# blindnet DevKit for BigId
+
+| **Author(s)** | [milstan](https://github.com/milstan) ([email protected]) |
+| :------------ | :---------------------------------------------------------- |
+| **Version**   | 1.1                                                         |
+| **Updated**   | 2022-07-21                                                  |
+
+## About BigId
+
+[BigID](https://bigid.com) offers a set of solutions allowing their clients to automate privacy and compliance.
+
+## Context
+
+Companies are under pressure from privacy regulations. They must now offer users a certain degree of transparency and control over how their data is processed. BigID offers advanced solutions for [cataloging legacy data](https://bigid.com/discovery-in-depth/), intake of [Privacy Requests](https://bigid.com/privacy/privacy-portal-app/) and [workflow automation of Privacy Request fulfillment](https://bigid.com/privacy/data-rights-automation-app/).
+
+## A Step Beyond
+
+BigID can offer an even more advanced service by offering an out-of-the box automation of Privacy Request fulfillment.
+
+blindnet has developed [PRIV (Privacy Request Interchange Vocabulary)](https://github.com/blindnet-io/product-management/blob/main/refs/schemas/priv/RFC-PRIV.md). It is an easy-to-use taxonomy of tags - entry point to the whole world of automation.
+It allows to connect an existing system with blindnet's knowledge base and rule engines in order to deliver the ultimate privacy experience.
+
+PRIV associates simple tags with rich semantics.
+As such they enable next-generation artificial intelligence.
+Thanks to PRIV tags, blindnet's Privacy Computation engine can leverage regulation-specific rule bases in order to decide, given a Privacy Request, if it is legal to decline it or not.
+
+## Using blindnet DevKit
+
+It takes three easy steps for BigID to include the most advanced privacy automation from blindnet DevKit in its existing software:
+
+### Step 1 - Mappings to PRIV
+
+Several of BigID's components should be given mappings of the data structures they use to [PRIV](https://github.com/blindnet-io/product-management/blob/main/refs/schemas/priv/RFC-PRIV.md) terms:
+
+- Categories coming out of [BigID's Data Classifier](https://bigid.com/data-classification/) should be mapped to PRIV Data Categories
+- [BigID's RoPA Mapping App](https://bigid.com/privacy/ropa-mapping-app/) should export the RoPA using PRIV's Processing Categories and Purposes
+- [BigID's Consent Governance App](https://bigid.com/privacy/consent-governance-app/) should be able to export consent data as PRIV Consents
+- [BigID's Data Rights Automation App](https://bigid.com/privacy/data-rights-automation-app/) should be able to express privacy requests as PRIV Privacy Request and read response suggestions in format of PRIV Privacy Request Response
+
+### Step 2 - Report Settings/Configuration and key events
+
+RoPA and similar general information should be fed to blindnet DevKit. Then, on an ongoing basis, all important events (in format of PRIV Events, such as PRIV Consent, PRIV Legal Base Event) should be fed to blindnet DevKit too.
+
+A chain of events is constructed and updated whenever an important thing happens. blindnet's Privacy Compiler (part of Privacy Computation Engine) processes the chain of events and updates a state of allowed processing.
+
+<img height="300" src="./img/PCEexplained.gif">
+
+When a user makes a Privacy Request, the Privacy Computation Engine is able to resolve it against that state and deliver Privacy Request Response recommendations.
+
+Those responses too, become a part of the chain of immutable PRIV events - a solid ground for history review and proof of compliance.
+
+### Step 3 - Offer Out-of-the-box Automation and Response Recommendations
+
+Mapping between BigID's data structures and PRIV terms done once, the advanced automation offered by blindnet can be offered consistently to all BigID's customers.
+
+BigID's Data Rights Automation App can act upon blindnet's Privacy Computation Engine response recommendations either by directly following them or by submitting them for human validation.
+
+## Need more?
+
+blindnet DevKit does much more. It is a complete solution for [privacy-enabled connectedness](https://github.com/blindnet-io/product-management/blob/main/refs/notion-of-privacy/notion-of-privacy.md), allowing developers to quickly gain ground on all the three pillars of privacy: [Transparency, Confidentiality and Control](https://github.com/blindnet-io/product-management/blob/main/refs/notion-of-privacy/principles/RFC-SPEP.md).
+
+- _Working with sensitive data?_ Offer end-to-end encryption using [blindnet's encryption services](https://github.com/blindnet-io/api-scala)
+- _Sharing Data with partners?_ Propagate users' Privacy Requests using blindnet's [Privacy Request Multicast Protocol](https://github.com/blindnet-io/product-management/blob/b7d2bd0aab509a5d83ed42822b0ba19e27bef905/refs/schemas/protocols/RFC-PRMP.md)
+
+## See also
+
+- [blindnet DevKit Feature Roadmap Q3 & Q4 2022](https://github.com/blindnet-io/devrel-management/blob/main/docs/roadmap/q3-2022.md)
+- [blindnet's White Paper: The Mixed Feelings of Privacy. May 2022](../research/White-Paper-May-2022.pdf)