VivaTech Paris 2017

Paris in summer is a hot place. Especially a busy Parc d’Expositions! How do I know this? Because VivaTech Paris hosted at the Parc has just wrapped up and the Consentua team are happy returning attendees.

img center


VivaTech was a great show. The scale of the program laid on was possibly too big, but with scale comes excitement and opportunity. The main players were in attendance, not only from across France, but the wider EU and further beyond too. The sector coverage was broad from gaming, to media, to travel, to retail, finance and life services and the home.

The first day saw 42,000 attendees. More than the combined total over 3 days last year. Day two you could meet President Macron, (personally I did not), but I heard he was in the building. The third day is public day. So I could test my poor French out on an unsuspecting public. We quickly reverted to English.

Why are you Here?

img right

Often the first question asked of us was… “So why are you here?”. The answer is because we were invited. Consentua had a small stand in the Air France section - ‘Future of Travel’.

The format at VivaTech was compelling for conversations from a range of different business’ and organisations, many of whom were also attending; as well as some who were visiting VivaTech. The organisers had split the show into industry labs sponsored by a company (e.g. Air France) and dedicated company (e.g. Google, IBM, SAP) or regional showcases (e.g. Cote D’Azur, Belgium & Israel).

img center

Air France

Consentua was a guest of Air France and we were in the data and predictions challenge. We were well looked after by Air France and I thank the team at the show for their hospitality.

img center

VivaTech proved to be an exciting show for Consentua. Not only did we get a stand and an opportunity to discuss with anyone who cared to ask us what Consentua was. We also had a pitch slot to a panel. Although we did not win, missing out to ‘VChain’ with their APIS Blockchain fix in our challenge group. We did make some good new friends. Plus, a promise from our hosts to be back in touch after the summer. Awesome!

img center

The show also gave Consentua some great visibility to some fantastic international brands too. We will hopefully have some exciting news soon as a result of VivaTech. With positive interest from the finance, transport and luxury brands sectors.

img center

Consentua @ Air France

img right

With the change to data protection regulations due in May 2018 organisations now need to focus on capturing consent to process and use personal data. From an Air France perspective their focus is on “personalisation’ of the service they provide to passengers. So how do you obtain permission to process the personal data that will deliver this personalised service?

The answer of course is use Consentua to capture the consent to use this personal data. The essence of our pitch. Plus, Consentua has some other benefits too. Namely, the use of a single consent record to handle multiple different hosts of customers personal data. The ability to share this consent record across external systems. This is especially true in the airline industry where sharing of consent data across borders is essential. Finally, Consentua’s ability to support a new type of consent language, where we explain the benefits of this personal data exchange.

img center

Thats a Wrap

VivaTech was awesome. Saw some interesting things. Some old ideas realised too. Flashback several years courtesy of JC Deceaux.

img center img center img center

We got some great interest which we will follow up over the coming weeks. Thank you to the Air France and Hub Institute teams for looking after Tom and I so well.

Maybe a return in 2018?


img center

How to implement consent for your council under GDPR

A new service from KnowNow Information, Consentua, helps organisations build citizen trust as required under General Data Protection Regulations (GDPR). It provides data processing transparency and gives citizens the choice and control needed to share data safely and comfortably.

Consentua Lock

Consentua captures users’ consent to the use of their personal data. It provides GDPR compliance to organisations that process data. It also allows individuals to control how their personal data is being used.

You can now sign up to Consentua via CC2i, the collaborative government services co-funding platform at

What is Consentua?

Consentua is a consent management system from KnowNow Information that helps organisations to achieve GDPR’s data protection compliance. It also gives individuals choice and control over how their personal data is used.

The two founders of KnowNow Information, David Patterson and Chris Cooper, both previously worked for IBM. They were both experienced in creating new services using an agreed exchange of personal information. The industry, however, experienced a slow reduction in the number of people signing up for services due to privacy concerns.

Consentua was created at the Cognicity technology accelerator at London’s Canary Wharf, initially as an answer to these concerns. Not to mention the ease at which we were able to identify personal information from online services.

Richard Gomer, from Southampton University, one of the leading authorities on privacy and consent, was brought on board. Richard worked out exactly what would be required to capture consent from users that would be actionable for customer organisations.

Working alongside the European Commission as well as the UK Digital Catapult’s Personal Data and Trust Network, Consentua was developed according to security standards such as ISO 27001 and agreed industry best practice.

In June 2016, after a lengthy competition, Consentua won an InnovateUK competition for a pilot deployment, working alongside the organisation SharingEconomyUK and it’s members. This project is ongoing.

How does it work?

Consentua’s dynamic tokens, coupled with a user-friendly dashboard, allow consent to be queried, changed and even revoked.

Firstly an organisation that subscribes to the Consentua service will complete a Consent Template. The template states what consents are required and what data will be necessary to capture from the users. The applications that the organisation wants to enable with Consentua will then be given access to the service and a token is provided for each application and user of that application.

The user of an app needs to briefly set up their own individual consent profile for each application which uses personal data. This consent profile is easily captured within the application itself via the settings menu.

Once the consent profile for the app is captured, the Consentua token is populated on the user’s device. It will work even whilst offline, as the token is stored on the device and managed by the application.

The user story

When using the application, the user has the opportunity to review their consent settings. If a task requires access to their personal data then GDPR dictates the app validates that user consent has been granted. The Consentua record is requested by the application and, using the user’s email address as the common identifier, the app uses the Consentua API to confirm consent to access.

The previous consent setting is inherited should connectivity be poor or unavailable. This allows the app to carry on working without grinding to a halt, and the consent will be reviewed once connectivity is restored.

Users have access to a standalone dashboard app that provides a view as to which application providers have access to their data and what data is being collected. They will also receive a description of the benefits and services that provider is giving that specific user.

Your application managers can access an audit of consent by each user via a report run against the Consentua audit database. They will only see their apps consent audit trail. No personal data will be identifiable by your application managers.

How does it improve trust?

Firstly, trust is improved because the consumer always has a choice. With Consentua integrated into existing services, the consumer will always be aware when personal data is being requested. The consumer will also be provided with the ability to deny consent to that information.

Secondly, the consumer has control over the level of personal data available to a service. Previously, there was often only a binary decision to be made when signing up to a new service. “Do I agree to the service provider using all of my personal data in exchange for using their service or do I not agree and therefore lose the ability to use the service?” Consentua makes it explicit what data would be required, what you will get for the use of that data. Crucially it also alerts to what additional services the user might receive if they provide more personal data.

When it goes wrong it is often very unpleasant. In September 2016, Seagate was subjected to data theft which led to them being sued by their own employees. The employees had no control over what data the company kept on file and had not provided consent for some of the stolen data to be stored. It was found that personal information including names, addresses and social security numbers had been taken

What are the benefits to the citizen?

Consentua gives individual data subjects control over their personal data, allowing them to feel safe when engaging with digital services.

The ability to decide whether to accept a service and how much data to provide in exchange will revolutionise how citizens interact with those services. Some citizens will likely prefer to provide the bare minimum data because they do not see additional value in a more comprehensive service. Some are likely to become ‘superusers’, more than willing to exchange their personal information for the services because they identify great value in the services they subscribe to.

These super-users would be far more likely to be advocates for your services. They would become a segment of customers that could be worked with on developing future services or in marketing.

There’s also the likelihood that citizens would take opportunities to get value for information that would be shared anyway. It is anticipated that retailers will be quick to use these technologies and that may well inspire citizens to seek out other such opportunities from their public sector service providers.

What are the benefits to my organisation?

When it comes to complying with the new GDPR requirements around data-subject consent, Consentua could be your secret weapon. Collect and record consent with tested interaction mechanisms, query consent in real-time to detect revocation and use the provided audit trails to demonstrate the consent that your organisation relies on.

Recently, many online services have reported a decline in the number of potential users as they are asked to accept terms and conditions. Similar effects have been seen when cookie consent has been requested. Consentua allows your potential user to choose the level of personal data that they allow you to consume. It also allows you to tailor your service according to the degree of access your customer provides.

Accusations of acting like ‘big brother’ are often levelled at services that provide innovative services using personal data. Improvements in the perception of openness through the consent receipt should lead to a reduction in suspicion of ‘big brother’ when dealing with customers or citizens at large.

What would I need to commit?

Any authority considering deployment of Consentua would need to make two commitments as well as subscribing to the service.

Firstly, the authority would need to provide access to an estimated 1 person for 1 day to provide the information needed to work with our team and create the Consent Template.

Secondly, your development team will need to spend an estimated half day to work with our deployment team to integrate into your existing systems

What can I expect?

The first part of the engagement will provide you with a completed Consent Template. This will be valid and usable for all systems that require the use of personal data and help your business to conform to the General Data Protection Regulations. It will not be limited to Consentua enabled applications.

Consentua will be enabled to be integrated into your existing chosen services. This will give you the auditable consent receipts for the interactions with your users. Similarly, the service will be able to be integrated into applications that citizens use to interact with your authority.

Your citizens will have access to a separate Consent control application. This will be available via the normal app stores. It will enable them to amend their choices and see which applications they have consented to use their personal information. It will also control the level of data each application consumes.

How Consentua answers GDPR

Consentua helps organisations to build citizen trust as required under General Data Protection Regulations (GDPR) by providing data processing transparency. It also gives data subjects the choice and control that they need in order to share data safely and comfortably.

How do I sign my organisation up?

Firstly you can find out more and sign up via CC2i at

Send me an email to discuss how we can help your organisation with GDPR at

Alternatively, why not leave a comment below with how you are planning to address GDPR?

Thanks for reading. Follow me on twitter @david_patto.