SIOC – Self Data Protection in Online Commerce

01.04.2016 - 30.03.2019


E-Commerce is playing an increasingly important role for both, operators of shop-ping platforms and customers. The forecasted revenue for the German E-Commerce market amounts to EUR 46.7 million, which equals to more than 10% of the total retail sector. 30% of the online purchases in Germany are done via a mobile de-vice.

Despite an increasing public awareness of the issue of data protection, nowadays only in the rarest cases customers are enabled to decide how and whether their per-sonal information and buying behavior is stored and processed. This threat to the right to informational self-determination is further exacerbated by the fact that the increasing use of smartphones, tablets and other portable devices leads to an ever more detailed profiling and thus in a deeper engagement in the privacy of each indi-vidual. 

Based on this situation, the SIOC project´s vision is the improvement of the self-data protection in E-Commerce. SIOC enables customers to perform the online-shopping process transparent, as anonymous as possible and following the principle of data thrift/minimization (collection limitation principle). At the same time online plat-form providers still have the possibility to submit personalized offers and recom-mendations based on anonymized, voluntary aggregated customer profiles. Moreo-ver, in case of non-paying customers, anonymization can be revoked to clearly iden-tify customers.

Thus, SIOC objective is the design of an anonymous approach to online shopping in accordance to Stakeholders requirements and business models to achieve the best compromise between these conflicting interests while implementing data protection by design and data protection by default as essential principles of EU data protection rules.






  • Pape, S.; Tasche, D.; Bastys, I.; Grosz, A.; Laessig, J. and Rannenberg, K.: Towards an Architecture for Pseudonymous E-Commerce -- Applying Privacy by Design to Online Shopping. In Sicherheit 2018: Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 9. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI), 25.-27. April 2018, Konstanz, 2018, to appear.