| Self-Awareness Data Collection Protocol |
| Phase 1: Public Key and Public Identity Submissions |
| The data collector broadcasts a submission request to respondents. Each |
| generates a cryptographic key pair and a public identity by encrypting |
| its personal identifiable information (PII). Note that the respondents can pre- |
| compute the cryptographic key pair and the PII in an offline mode. Next, each |
| sends to via the Tor network. |
| Phase 2: Satisfaction Scores Computation |
| The data collector generates QID, decides a threshold and assigns a public |
| key for each . Next, it broadcasts the information to all respondents. Each |
| examines if his record in satisfy QID. For each satisfy case, the increases |
| the constraint score by 1. We denote as the score determines by for . |
| Next, each encrypts by using the public key to produce |
| . Each then anonymously sends to and a |
| shared location. |
| Phase 3: Scores List Verification |
| The data collector computes and publishes an outcome table. Each examines |
| if the published scores list is same as the original list he sent to . If the list has |
| been modified, the respondent will not participate in the next phase. |
| Phase 4: Satisfaction Score Checking |
| Each retrieves and decrypts . Next, it computes |
| as the satisfaction score for . If the satisfaction score is at |
| least with occurences (e.g., ), the sends to . Otherwise, |
| will be sent to . |
| Phase 5: Data Submission |
| The respondents submit his record to with the confidence that their privacy |
| protection is achieved at -anonymity level. |
