"HTTPA would be voluntary. It would be up to software developers to adhere to its specifications when designing their systems."
New York, June 15 - Once you share your data with a private company, say a bank, for your online transactions, you hardly have any control over who exactly is using or misusing your data.
That could soon change as researchers are now developing a protocol they call HTTP with Accountability, or HTTPA which will automatically monitor the transmission of private data and allow the data owner to examine how it is being used.
With HTTPA, each item of private data would be assigned its own uniform resource identifier (URI) - a key component of the Semantic Web - a new set of technologies championed by World Wide Web Consortium (W3C).
This would convert the web from, essentially a collection of searchable text files, into a giant database.
Remote access to a web server would be controlled much the way it is now through passwords and encryption.
But every time the server transmitted a piece of sensitive data, it would also send a description of the restrictions on the data's usage.
And it would log the transaction, using only the URI, somewhere in a network of encrypted, special-purpose servers.
It is not that difficult to transform an existing website into an HTTPA-aware website, said Oshani Seneviratne from Massachusetts Institute of Technology in the US.
On every HTTP request, the server should say, 'OK, here are the usage restrictions for this resource', and log the transaction in the network of special-purpose servers, Seneviratne added.
HTTPA would be voluntary. It would be up to software developers to adhere to its specifications when designing their systems.
But HTTPA compliance could become a selling point for companies offering services that handle private data, researchers added.