Skip to main content

Creating a Vocabulary for Data Privacy

The First-Year Report of Data Privacy Vocabularies and Controls Community Group (DPVCG)

Part of the Lecture Notes in Computer Science book series (LNPSE,volume 11877)

Abstract

Managing privacy and understanding handling of personal data has turned into a fundamental right, at least within the European Union, with the General Data Protection Regulation (GDPR) being enforced since May 25th 2018. This has led to tools and services that promise compliance to GDPR in terms of consent management and keeping track of personal data being processed. The information recorded within such tools, as well as that for compliance itself, needs to be interoperable to provide sufficient transparency in its usage. Additionally, interoperability is also necessary towards addressing the right to data portability under GDPR as well as creation of user-configurable and manageable privacy policies. We argue that such interoperability can be enabled through agreement over vocabularies using linked data principles. The W3C Data Privacy Vocabulary and Controls Community Group (DPVCG) was set up to jointly develop such vocabularies towards interoperability in the context of data privacy. This paper presents the resulting Data Privacy Vocabulary (DPV), along with a discussion on its potential uses, and an invitation for feedback and participation.

Keywords

  • Privacy
  • GDPR
  • Interoperability
  • Semantic web

We thank all members of the W3C DPVCG for their feedback and input to this work: a preliminary outline of the goals of CG has been presented in ISWC2018’s SWSG workshop [5] where we also gathered valuable feedback by the participants; this work is the first complete presentation of the resulting, proposed vocabulary elaborated by the DPVCG since. This work was supported by the European Union’s Horizon 2020 research and innovation programme under grant 731601 (SPECIAL), by the Austrian Research Promotion Agency (FFG) under the projects “EXPEDiTE” and “CitySpin”, by the ADAPT Centre for Digital Excellence funded by SFI Research Centres Programme (Grant 13/RC/2106), and co-funded by European Regional Development Fund.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-33246-4_44
  • Chapter length: 17 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   84.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-33246-4
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   109.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.

Notes

  1. 1.

    https://www.w3.org/2018/vocabws/.

  2. 2.

    https://lists.w3.org/Archives/Public/public-dpvcg/.

  3. 3.

    https://www.w3.org/community/dpvcg/wiki/Main_Page.

  4. 4.

    https://mydata2018.org/.

  5. 5.

    https://www.w3.org/community/dpvcg/wiki/Use-Cases,_Requirements,_Vocabularies.

  6. 6.

    https://www.w3.org/community/dpvcg/wiki/Taxonomy.

  7. 7.

    https://www.google.com/sheets/about/.

  8. 8.

    https://github.com/dpvcg/extract-sheets/.

  9. 9.

    https://github.com/RDFLib/rdflib.

  10. 10.

    In hindsight, a better alternative was mapping languages such as R2RML https://www.w3.org/TR/r2rml/ for creating RDF data from spreadsheets.

  11. 11.

    https://github.com/w3c/respec.

  12. 12.

    https://ec.europa.eu/eurostat/ramon/nomenclatures/index.cfm?TargetUrl=LST_NOM_DTL&StrNom=NACE_REV2.

  13. 13.

    https://www.census.gov/eos/www/naics/.

  14. 14.

    https://unstats.un.org/unsd/classifications.

  15. 15.

    https://en.wikipedia.org/wiki/Global_Industry_Classification_Standard#cite_note-mapbook-1.

  16. 16.

    http://www.specialpricacy.eu.

References

  1. Assembly Bill No. 375 Privacy: personal information: businesses. California State Legislature, June 2018. https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375

  2. Aleksandrova, Z.: Core Vocabularies, November 2016. https://ec.europa.eu/isa2/solutions/core-vocabularies_en

  3. Bartolini, C., Muthuri, R.: Reconciling data protection rights and obligations: an ontology of the forthcoming EU regulation. In: Workshop on Language and Semantic Technology for Legal Domain, p. 8 (2015)

    Google Scholar 

  4. Bonatti, B.A., Dullaert, W., Fernandez, J.D., Kirrane, S., Milosevic, U., Polleres, A.: The SPECIAL policy log vocabulary, November 2018. https://aic.ai.wu.ac.at/qadlod/policyLog/

  5. Bonatti, P., et al.: Data privacy vocabularies and controls: semantic web for transparency and privacy. In: Semantic Web for Social Good Workshop (SWSG) Co-located with ISWC2018. CEUR Workshop Proceedings, vol. 2182, October 2018. CEUR-WS.orghttp://ceur-ws.org/Vol-2182/paper_3.pdf

  6. Bonatti, P.A., Kirrane, S., Petrova, I.M., Sauro, L., Schlehahn, E.: The SPECIAL usage policy language, V0.1. Technical report (2018). https://www.specialprivacy.eu/vocabs

  7. Cavoukian, A., et al.: Privacy by design: the 7 foundational principles. Information and Privacy Commissioner of Ontario, Canada 5 (2009)

    Google Scholar 

  8. Classification of Everyday Living Version 1.0, January 2019. https://docs.oasis-open.org/coel/COEL/v1.0/os/COEL-v1.0-os.pdf

  9. Cronk, R.J.: Categories of personal information, March 2017. Enterprivacy Consulting Group. https://enterprivacy.com/2017/03/01/categories-of-personal-information/

  10. European Parliament and Council: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), May 2016

    Google Scholar 

  11. Fatema, K., Hadziselimovic, E., Pandit, H.J., Debruyne, C., Lewis, D., O’Sullivan, D.: Compliance through informed consent: semantic based consent permission and data management model. In: Proceedings of the 5th Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn2017) (PrivOn) (2017). http://ceur-ws.org/Vol-1951/PrivOn2017_paper_5.pdf

  12. Fielding, R.T., Singer, D.: Tracking Preference Expression (DNT), January 2019. https://www.w3.org/TR/tracking-dnt/

  13. Garijo, D., Gil, Y.: The P-PLAN ontology, March 2014. http://vocab.linkeddata.es/p-plan/

  14. Iannella, R., McKinney, J.: vCard Ontology - for describing People and Organizations, May 2014. https://www.w3.org/TR/vcard-rdf/

  15. Iannella, R., Villata, S.: ODRL Information Model 2.2, February 2018. https://www.w3.org/TR/odrl-model/

  16. Kirrane, S., et al.: SPECIAL deliverable d2.8 - transparency and compliance algorithms v2, November 2018. https://www.specialprivacy.eu/images/documents/SPECIAL_D28_M23_V10.pdf

  17. Lebo, T., et al.: PROV-O: The PROV Ontology (2013)

    Google Scholar 

  18. Lizar, M., Turner, D.: Consent Receipt Specification v1.1.0. Technical report, Kantara Initiative (2017). https://docs.kantarainitiative.org/cis/consent-receipt-specification-v1-1-0.pdf

  19. P3p: The Platform for Privacy Preferences. https://www.w3.org/P3P/

  20. P7012 - Standard for Machine Readable Personal Privacy Terms. https://standards.ieee.org/project/7012.html

  21. Palmirani, M., Martoni, M., Rossi, A., Bartolini, C., Robaldo, L.: PrOnto: privacy ontology for legal reasoning. In: Kő, A., Francesconi, E. (eds.) EGOVIS 2018. LNCS, vol. 11032, pp. 139–152. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98349-3_11

    CrossRef  Google Scholar 

  22. Pandit, H.J., Debruyne, C., O’Sullivan, D., Lewis, D.: GConsent - a consent ontology based on the GDPR. In: Hitzler, P., et al. (eds.) ESWC 2019. LNCS, vol. 11503, pp. 270–282. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-21348-0_18

    CrossRef  Google Scholar 

  23. Pandit, H.J., Fatema, K., O’Sullivan, D., Lewis, D.: GDPRtEXT - GDPR as a linked data resource. In: Gangemi, A., et al. (eds.) ESWC 2018. LNCS, vol. 10843, pp. 481–495. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93417-4_31

    CrossRef  Google Scholar 

  24. Pandit, H.J., Lewis, D.: Modelling provenance for GDPR compliance using linked open data vocabularies. In: Proceedings of the 5th Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn2017) (PrivOn) (2017). http://ceur-ws.org/Vol-1951/PrivOn2017_paper_6.pdf

  25. Sacco, O., Passant, A.: A Privacy Preference Ontology (PPO) for linked data. In: LDOW. Citeseer (2011). http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.357.3591&rep=rep1&type=pdf

  26. Schema.org. https://schema.org/

  27. Snell, J.M., Prodromou, E.: Activity streams 2.0, May 2017. https://www.w3.org/TR/activitystreams-core/

  28. Suárez-Figueroa, M.C., Gómez-Pérez, A., Fernández-López, M.: The NeOn methodology for ontology engineering. In: Suárez-Figueroa, M.C., Gómez-Pérez, A., Motta, E., Gangemi, A. (eds.) Ontology Engineering in a Networked World, pp. 9–34. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-24794-1_2

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Harshvardhan J. Pandit or Axel Polleres .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Pandit, H.J. et al. (2019). Creating a Vocabulary for Data Privacy. In: Panetto, H., Debruyne, C., Hepp, M., Lewis, D., Ardagna, C., Meersman, R. (eds) On the Move to Meaningful Internet Systems: OTM 2019 Conferences. OTM 2019. Lecture Notes in Computer Science(), vol 11877. Springer, Cham. https://doi.org/10.1007/978-3-030-33246-4_44

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-33246-4_44

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-33245-7

  • Online ISBN: 978-3-030-33246-4

  • eBook Packages: Computer ScienceComputer Science (R0)