Advertisement

Creating a Vocabulary for Data Privacy

The First-Year Report of Data Privacy Vocabularies and Controls Community Group (DPVCG)
  • Harshvardhan J. PanditEmail author
  • Axel PolleresEmail author
  • Bert Bos
  • Rob Brennan
  • Bud Bruegger
  • Fajar J. Ekaputra
  • Javier D. Fernández
  • Roghaiyeh Gachpaz Hamed
  • Elmar Kiesling
  • Mark Lizar
  • Eva Schlehahn
  • Simon Steyskal
  • Rigo Wenning
Conference paper
  • 766 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11877)

Abstract

Managing privacy and understanding handling of personal data has turned into a fundamental right, at least within the European Union, with the General Data Protection Regulation (GDPR) being enforced since May 25th 2018. This has led to tools and services that promise compliance to GDPR in terms of consent management and keeping track of personal data being processed. The information recorded within such tools, as well as that for compliance itself, needs to be interoperable to provide sufficient transparency in its usage. Additionally, interoperability is also necessary towards addressing the right to data portability under GDPR as well as creation of user-configurable and manageable privacy policies. We argue that such interoperability can be enabled through agreement over vocabularies using linked data principles. The W3C Data Privacy Vocabulary and Controls Community Group (DPVCG) was set up to jointly develop such vocabularies towards interoperability in the context of data privacy. This paper presents the resulting Data Privacy Vocabulary (DPV), along with a discussion on its potential uses, and an invitation for feedback and participation.

Keywords

Privacy GDPR Interoperability Semantic web 

References

  1. 1.
    Assembly Bill No. 375 Privacy: personal information: businesses. California State Legislature, June 2018. https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375
  2. 2.
    Aleksandrova, Z.: Core Vocabularies, November 2016. https://ec.europa.eu/isa2/solutions/core-vocabularies_en
  3. 3.
    Bartolini, C., Muthuri, R.: Reconciling data protection rights and obligations: an ontology of the forthcoming EU regulation. In: Workshop on Language and Semantic Technology for Legal Domain, p. 8 (2015)Google Scholar
  4. 4.
    Bonatti, B.A., Dullaert, W., Fernandez, J.D., Kirrane, S., Milosevic, U., Polleres, A.: The SPECIAL policy log vocabulary, November 2018. https://aic.ai.wu.ac.at/qadlod/policyLog/
  5. 5.
    Bonatti, P., et al.: Data privacy vocabularies and controls: semantic web for transparency and privacy. In: Semantic Web for Social Good Workshop (SWSG) Co-located with ISWC2018. CEUR Workshop Proceedings, vol. 2182, October 2018. CEUR-WS.orghttp://ceur-ws.org/Vol-2182/paper_3.pdf
  6. 6.
    Bonatti, P.A., Kirrane, S., Petrova, I.M., Sauro, L., Schlehahn, E.: The SPECIAL usage policy language, V0.1. Technical report (2018). https://www.specialprivacy.eu/vocabs
  7. 7.
    Cavoukian, A., et al.: Privacy by design: the 7 foundational principles. Information and Privacy Commissioner of Ontario, Canada 5 (2009)Google Scholar
  8. 8.
    Classification of Everyday Living Version 1.0, January 2019. https://docs.oasis-open.org/coel/COEL/v1.0/os/COEL-v1.0-os.pdf
  9. 9.
    Cronk, R.J.: Categories of personal information, March 2017. Enterprivacy Consulting Group. https://enterprivacy.com/2017/03/01/categories-of-personal-information/
  10. 10.
    European Parliament and Council: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), May 2016Google Scholar
  11. 11.
    Fatema, K., Hadziselimovic, E., Pandit, H.J., Debruyne, C., Lewis, D., O’Sullivan, D.: Compliance through informed consent: semantic based consent permission and data management model. In: Proceedings of the 5th Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn2017) (PrivOn) (2017). http://ceur-ws.org/Vol-1951/PrivOn2017_paper_5.pdf
  12. 12.
    Fielding, R.T., Singer, D.: Tracking Preference Expression (DNT), January 2019. https://www.w3.org/TR/tracking-dnt/
  13. 13.
    Garijo, D., Gil, Y.: The P-PLAN ontology, March 2014. http://vocab.linkeddata.es/p-plan/
  14. 14.
    Iannella, R., McKinney, J.: vCard Ontology - for describing People and Organizations, May 2014. https://www.w3.org/TR/vcard-rdf/
  15. 15.
    Iannella, R., Villata, S.: ODRL Information Model 2.2, February 2018. https://www.w3.org/TR/odrl-model/
  16. 16.
    Kirrane, S., et al.: SPECIAL deliverable d2.8 - transparency and compliance algorithms v2, November 2018. https://www.specialprivacy.eu/images/documents/SPECIAL_D28_M23_V10.pdf
  17. 17.
    Lebo, T., et al.: PROV-O: The PROV Ontology (2013)Google Scholar
  18. 18.
    Lizar, M., Turner, D.: Consent Receipt Specification v1.1.0. Technical report, Kantara Initiative (2017). https://docs.kantarainitiative.org/cis/consent-receipt-specification-v1-1-0.pdf
  19. 19.
    P3p: The Platform for Privacy Preferences. https://www.w3.org/P3P/
  20. 20.
    P7012 - Standard for Machine Readable Personal Privacy Terms. https://standards.ieee.org/project/7012.html
  21. 21.
    Palmirani, M., Martoni, M., Rossi, A., Bartolini, C., Robaldo, L.: PrOnto: privacy ontology for legal reasoning. In: Kő, A., Francesconi, E. (eds.) EGOVIS 2018. LNCS, vol. 11032, pp. 139–152. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-98349-3_11CrossRefGoogle Scholar
  22. 22.
    Pandit, H.J., Debruyne, C., O’Sullivan, D., Lewis, D.: GConsent - a consent ontology based on the GDPR. In: Hitzler, P., et al. (eds.) ESWC 2019. LNCS, vol. 11503, pp. 270–282. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-21348-0_18CrossRefGoogle Scholar
  23. 23.
    Pandit, H.J., Fatema, K., O’Sullivan, D., Lewis, D.: GDPRtEXT - GDPR as a linked data resource. In: Gangemi, A., et al. (eds.) ESWC 2018. LNCS, vol. 10843, pp. 481–495. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-93417-4_31CrossRefGoogle Scholar
  24. 24.
    Pandit, H.J., Lewis, D.: Modelling provenance for GDPR compliance using linked open data vocabularies. In: Proceedings of the 5th Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn2017) (PrivOn) (2017). http://ceur-ws.org/Vol-1951/PrivOn2017_paper_6.pdf
  25. 25.
    Sacco, O., Passant, A.: A Privacy Preference Ontology (PPO) for linked data. In: LDOW. Citeseer (2011). http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.357.3591&rep=rep1&type=pdf
  26. 26.
  27. 27.
    Snell, J.M., Prodromou, E.: Activity streams 2.0, May 2017. https://www.w3.org/TR/activitystreams-core/
  28. 28.
    Suárez-Figueroa, M.C., Gómez-Pérez, A., Fernández-López, M.: The NeOn methodology for ontology engineering. In: Suárez-Figueroa, M.C., Gómez-Pérez, A., Motta, E., Gangemi, A. (eds.) Ontology Engineering in a Networked World, pp. 9–34. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-24794-1_2CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Harshvardhan J. Pandit
    • 1
    Email author
  • Axel Polleres
    • 2
    Email author
  • Bert Bos
    • 3
  • Rob Brennan
    • 4
  • Bud Bruegger
    • 5
  • Fajar J. Ekaputra
    • 6
  • Javier D. Fernández
    • 2
  • Roghaiyeh Gachpaz Hamed
    • 1
  • Elmar Kiesling
    • 6
  • Mark Lizar
    • 7
  • Eva Schlehahn
    • 5
  • Simon Steyskal
    • 8
  • Rigo Wenning
    • 3
  1. 1.Trinity College DublinDublinIreland
  2. 2.Vienna University of Economics and BusinessViennaAustria
  3. 3.W3C/ERCIMSophia AntipolisFrance
  4. 4.Dublin City UniversityDublinIreland
  5. 5.Unabhängiges Landeszentrum für Datenschutz Schleswig-HolsteinKielGermany
  6. 6.Vienna University of TechnologyViennaAustria
  7. 7.OpenConsent/Kantara InitiativeLondonUK
  8. 8.Siemens AGViennaAustria

Personalised recommendations