Indisputable GDPR compliant signatures in ContractChain

Bachelor thesis (2019)

Authors

M.J.W. van den Hoek Electrical Engineering, Mathematics and Computer Science
H.M. Houwing Electrical Engineering, Mathematics and Computer Science
F.C.J. Vollebregt Electrical Engineering, Mathematics and Computer Science

Contributors

Z. Erkin Cyber Security - EEMCS (mentor)
O.W. Visser Computer Science & Engineering-Teaching Team - EEMCS (graduation committee member)
H. Wang (graduation committee member)
Faculty
Electrical Engineering, Mathematics and Computer Science, Electrical Engineering, Mathematics and Computer Science
Copyright: © 2019 Martijn van den Hoek, Krijn Houwing, Frank Vollebregt
More Info
expand_more

Published Date

07-08-2019

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Abstract

Nowadays, entering into a contract with an overseas company still relies on postal services to send a printed contract, which is signed on paper. Lizard Global is developing an online platform for constructing, reviewing and signing digital contracts for one of their clients. In the original system, when a signee signed a contract, his personal information was used as a signature and stored in blockchain. However, this way of signing a contract does not enjoy the same degree of legal validity as a written signature. Moreover, the implications on privacy legislation, specifically the European Data Protection Regulation (GDPR) had not yet been taken into account by Lizard Global. This project describes how agile development was used to construct a high quality software solution to the problem, thereby implementing firstly an advanced e-signature to make signing a contract legally binding and secondly functionality to store this signature in blockchain such that it is compliant with the GDPR legislation. This is done by only storing hashed values in the blockchain and adding a user panel. In this panel, signees are able to control their personal data. High quality is obtained by testing thoroughly (100 per cent branch coverage), using the static analysis tool ESLint and requesting, receiving and implementing feedback from the software improvement group.