These course materials aim to strengthen the capacity of civil society organisations (CSOs), academics and the interested public around privacy and technical aspects of Digital Public Infrastructures (DPI).
DPI usually entail digital identity, digital payment and data exchange systems. They are characterised by being developed or operated by or on behalf of a government, spanning across large parts of the population of a country and they are increasingly also used by the private sector. Learn more about DPI here.
DPI systems should aim to act in the public interest, which distinguishes them from widely-used digital services provided by the private sector. It is widely acknowledged that DPI can only be successful when relying on public trust. These materials hope to showcase why and how privacy is an important cornerstone for achieving public trust and a resilient infrastructure.
<aside> <img src="notion://custom_emoji/32cb205f-8248-81b0-8fb6-0003113cbd2c/240b205f-8248-80e0-8b74-007a49345f26" alt="notion://custom_emoji/32cb205f-8248-81b0-8fb6-0003113cbd2c/240b205f-8248-80e0-8b74-007a49345f26" width="40px" />
These materials have been created by the Vienna-based digital rights NGO Epicenter.works.
All materials in this course are licensed under Creative Commons Attribution-ShareAlike 4.0 International.
</aside>
Intro video of what you can expect here
Intro video of what you can expect here
We use the term relying party
to refer to the party that wants to verify the users' credentials. They are referred to as "relying parties" because they rely on the DPI. "Relying parties" are sometimes also referred to as "verifiers". This can be any state institution or private company the user is interacting with via the DPI.
<aside> <img src="/icons/arrow-right_gray.svg" alt="/icons/arrow-right_gray.svg" width="40px" />
Modul 1: Introduction
</aside>
<aside> <img src="/icons/arrow-right_gray.svg" alt="/icons/arrow-right_gray.svg" width="40px" />
Modul 2: Technical Foundations
</aside>
<aside> <img src="/icons/arrow-right_gray.svg" alt="/icons/arrow-right_gray.svg" width="40px" />
Modul 3: Core Data Protection Principles
General Concepts of Data Protection Law
User Control and Consent in DPI
Self-Sovereign Architecture and Signed Data
</aside>
<aside> <img src="/icons/arrow-right_gray.svg" alt="/icons/arrow-right_gray.svg" width="40px" />
Modul 4: Privacy Preserving Technologies
Privacy-by-design architecture
Asymmetric Privacy (Payment DPI)
</aside>
<aside> <img src="/icons/arrow-right_gray.svg" alt="/icons/arrow-right_gray.svg" width="40px" />
Modul 5: Governance
The right to Identity, Anonymity and Pseudonymity
Interoperability and Open Source
</aside>
Version 1.1 as of September 15th 2025
Creative Commons by-sa 4.0 epicenter.works