Revocable Privacy

Revocable Privacy

Security and privacy are often seen as opposite, irreconcilable, goals. Privacy advocates and security hawks cling to rigid viewpoints, fighting each other in an ageing war of trenches. As a result, measures to increase our security scorn our privacy. And privacy enhancing technologies do very little to address legitimate security concerns.

Revocable privacy aims to bridge the two sides of the debate to break the status quo. Revocable privacy is a design principle (including the necessary toolbox) to build information systems that balance security and privacy needs. The underlying principle is to design a system that guarantees the privacy of its users, unless a user violates a predefined rule. In that case, (personal) information will be released. Laws and regulations by itself are insufficient: the can be changed or sidestepped later on. That is why the principle of “code as code” is taken as point of departure: the rules and regulations must be hard-wired into the architecture of the system itself. This project aims to develop models, tools and techniques for revocable privacy.

Project members

Wouter Lueks (RU), 1 fte. Jaap-Henk Hoepman (RU/TNO), 0,1 fte.

In this project we collaborated with Ronald Cramer (CWI) and TNO.

Additional information

Contact (project leader): Jaap-Henk Hoepman (

Funded by NWO/STW (within the Sentinels Programme).