Skip to main content

A Privacy-Friendly Method to Reward Participants of Online-Surveys

Part of the Communications in Computer and Information Science book series (CCIS,volume 570)


Whoever conducts a survey usually wants a large number of participants in order to attain meaningful results. A method to increase the motivation of potential participants is offering a prize that is awarded to one of them. For that purpose the pollster usually collects the E-mail addresses or other personal data of the participants, enabling him to notify the winner. Collecting the participant’s personal data may, however, conflict with the potential participant’s privacy interests as well as the pollster’s concern about dishonest answers participants may give to gain favor. Therefore, this paper presents solutions that enable the pollster to carry out a survey in an anonymous way while only collecting the winner’s personal data. If the prize is a virtual good, then even the winner’s identity is concealed.


  • Data protection
  • Data reduction
  • Online survey
  • Privacy
  • Blind signatures
  • Scope-exclusive pseudonyms
  • Zero-knowledge proofs

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-27164-4_3
  • Chapter length: 15 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-27164-4
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   79.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.


  1. 1.

    Whether the anonymity is withdrawn or can be withdrawn depends on the form of data collection.

  2. 2.

    These Directives address the member states of the European Union and must be transposed into internal law. The following examples are based on the provisions of the Federal Data Protection Act, which transposes the regulations of the Directive 95/46/EC to German law. Since the transposition into internal law is fairly similar within Europe, one example of transposition is considered sufficiant for this paper. Please note, that it is planned to replace the mentioned Directive with a European General Data Protection Regulation. In contrast to European Directives, European Regulations do not need to be transposed into internal law. The draft can be found at

  3. 3.

    Compare Sect. 3 I, VI, VIa of the Federal Data Protection Act.

  4. 4.

    Compare Sect. 4 of the Federal Data Protection Act.

  5. 5.

    Compare Sect. 3a of the Federal Data Protection Act.

  6. 6.

    Compare Sect. 9 of the Federal Data Protection Act.

  7. 7.

    Compare Sects. 19–21 and 33–35 of the Federal Data Protection Act.

  8. 8.

    Cf. Common Criteria Protection Profile BSI-PP-0037, “Basic set of security requirements for Online Voting Products”,

  9. 9.

    Tor is an example of a network software that anonymizes communication data based on onion routing, see:

  10. 10.

    A generalization of this solution for an open user group is given in the next section.

  11. 11.

    Of course this would also include a possibility to check the integrity of the downloaded software by using digital fingerprints etc.

  12. 12.

    In other cases there might be better options like browser-based solutions (e.g. browser applets or java-script based functionality), since users could not be willing to install a software for participating in a single survey.

  13. 13.

    See Sect. 4.2 for a more technical description.

  14. 14.

    This risk can be avoided by the terms and conditions of the survey, e.g. “Only the first submitter of the winning raffle ticket wins the prize.” Generally, setting terms and conditions for a raffle is highly recommended in order to inform possible participants about their eligibility, the time frame of the raffle, and a description of the prize.

  15. 15.

  16. 16.

    As stated in Sect. 1 we do not introduce new cryptographic primitives in this paper, we simply use the ones defined.

  17. 17.

    This risk usually decreases with more participants.

  18. 18.

    In this case, it must be ensured that only the winner will be able to download the file and the digital prize will be passed on in accordance with the Terms of Use of the seller.

  19. 19.

    Due to attendee registration, we were able to contact each potential participant by mail.

  20. 20.

    The images are selected from a database of the pollster.

  21. 21.


  1. Adida, B.: Helios: web-based open-audit voting. In: Proceedings of the 17th Conference on Security Symposium, pp. 335–348 (2008)

    Google Scholar 

  2. Bär, M., Henrich, C., Müller-Quade, J., Röhrich, S., Stüber, C.: Real world experiences with bingo voting and a comparison of usability. In: WOTE 2008 (2008)

    Google Scholar 

  3. Bender, J., Dagdelen, Ö., Fischlin, M., Kügler, D.: Domain-specific pseudonymous signatures for the german identity card. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 104–119. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  4. Bichsel, P., Camenisch, J., Dubovitskaya, M., Enderlein, R.R., Krenn, S., Krontiris, I., Lehmann, A., Neven, G., Nielsen, J.D., Paquin, C., Preiss, F.S., Rannenberg, K., Sabouri, A., Stausholm, M.: Architecture for attribute-based credential technologies - final version (2014)

    Google Scholar 

  5. Bohli, J.-M., Müller-Quade, J., Röhrich, S.: Bingo voting: secure and coercion-free voting using a trusted random number generator. In: Alkassar, A., Volkamer, M. (eds.) VOTE-ID 2007. LNCS, vol. 4896, pp. 111–124. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  6. Bräunlich, K., Grimm, R.: Sozialwahlen via Internet mit Polyas. DuD 38(2), 82–85 (2014)

    CrossRef  Google Scholar 

  7. Bräunlich, K., Grimm, R., Kahlert, A., Richter, P., Roßnagel, A.: Bewertung von Internetwahlsystemen für Sozialwahlen. DuD 38(2), 75–81 (2014)

    CrossRef  Google Scholar 

  8. Camenisch, J., Groß, T.: Efficient attributes for anonymous credentials. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS 2008, pp. 345–356 (2008)

    Google Scholar 

  9. Camenisch, J., Hohenberger, S., Kohlweiss, M.: How to win the clone wars: efficient periodic n-times anonymous authentication. In: Proceeding of the 13-th ACM Conference on Computer and Communications Security, CCS 2006, pp. 201–210 (2006)

    Google Scholar 

  10. Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  11. Chaum, D.: Blind signatures for untraceable payments. In: Advandes in Cryptology - CRYPTO 1982, pp. 199–203 (1983)

    Google Scholar 

  12. Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28, 1030–1044 (1985)

    CrossRef  Google Scholar 

  13. Chaum, D., Fiat, A., Naor, M.: Untraceable electronic cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, Heidelberg (1990)

    CrossRef  Google Scholar 

  14. Chen, L.: Access with pseudonyms. In: Dawson, E.P., Golić, J.D. (eds.) Cryptography: Policy and Algorithms 1995. LNCS, vol. 1029, pp. 232–243. Springer, Heidelberg (1996)

    CrossRef  Google Scholar 

  15. Peointcheval, D., Stern, J.: Provable secure blind signature schemes. In: Kim, K., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 252–265. Springer, Heidelberg (1996)

    CrossRef  Google Scholar 

  16. Gjøsteen, K.: The norwegian internet voting protocol. In: Kiayias, A., Lipmaa, H. (eds.) VoteID 2011. LNCS, vol. 7187, pp. 1–18. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  17. Müller-Quade, J., Henrich, C.: Bingo voting. DuD 33(2), 102–106 (2009)

    CrossRef  Google Scholar 

  18. Papagiannopoulos, K., Alpar, G., Lueks, W.: Designated attribute proofs with the Camenisch-Lysyanskaya signature (2013)

    Google Scholar 

  19. Pashalidis, A.: Interdomain user authentication and privacy. Royal Holloway University of London, Technical report (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Annika Selzer .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Herfert, M., Lange, B., Selzer, A., Waldmann, U. (2015). A Privacy-Friendly Method to Reward Participants of Online-Surveys. In: Katsikas, S., Sideridis, A. (eds) E-Democracy – Citizen Rights in the World of the New Computing Paradigms. e-Democracy 2015. Communications in Computer and Information Science, vol 570. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27163-7

  • Online ISBN: 978-3-319-27164-4

  • eBook Packages: Computer ScienceComputer Science (R0)