Vijon Baraku presented his work on personal data sovereignty at PCI 2026 in Athens, Greece, which took place from the 24th to 26th April. His paper, “Transparent Accountability for Personal Data Sovereignty: Blockchain-Based Verification of Policy Compliance,” was well-received by the audience, and demonstrates how blockchain technology can be integrated with ontology-driven data frameworks to provide immutable object logging. The full slides and open-access paper can be found below.
Abstract
Personal data sovereignty frameworks enable individuals to discover and govern their distributed personal data. Yet these frameworks face a practical limitation: policy expression does not guarantee policy enforcement. Individuals can define governance rules for their data, but they lack mechanisms to verify whether organisations actually respect these preferences. This paper presents a blockchain-based verification component that addresses this accountability gap within a data sovereignty framework. Building on ontology-based data federation and ODRL policy control, we introduce immutable audit logging through Ethereum smart contracts. The blockchain component records policy definitions and access decisions, creating an auditable trail that allows data subjects to review how their data is being accessed. We acknowledge that organisations can bypass such systems by querying their databases directly. The blockchain cannot prevent this. What it provides is accountability infrastructure: transparent, tamper-proof records of all access that does pass through the system. We present the design of this verification mechanism, and show that this combination of semantic federation, machine-readable policies, and blockchain accountability does not exist in current personal data sovereignty frameworks.