Abstract
Managing privacy and understanding handling of personal data has turned into a fundamental right, at least within the European Union, with the General Data Protection Regulation (GDPR) being enforced since May 25th 2018. This has led to tools and services that promise compliance to GDPR in terms of consent management and keeping track of personal data being processed. The information recorded within such tools, as well as that for compliance itself, needs to be interoperable to provide sufficient transparency in its usage. Additionally, interoperability is also necessary towards addressing the right to data portability under GDPR as well as creation of user-configurable and manageable privacy policies. We argue that such interoperability can be enabled through agreement over vocabularies using linked data principles. The W3C Data Privacy Vocabulary and Controls Community Group (DPVCG) was set up to jointly develop such vocabularies towards interoperability in the context of data privacy. This paper presents the resulting Data Privacy Vocabulary (DPV), along with a discussion on its potential uses, and an invitation for feedback and participation.
We thank all members of the W3C DPVCG for their feedback and input to this work: a preliminary outline of the goals of CG has been presented in ISWC2018’s SWSG workshop [5] where we also gathered valuable feedback by the participants; this work is the first complete presentation of the resulting, proposed vocabulary elaborated by the DPVCG since. This work was supported by the European Union’s Horizon 2020 research and innovation programme under grant 731601 (SPECIAL), by the Austrian Research Promotion Agency (FFG) under the projects “EXPEDiTE” and “CitySpin”, by the ADAPT Centre for Digital Excellence funded by SFI Research Centres Programme (Grant 13/RC/2106), and co-funded by European Regional Development Fund.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
In hindsight, a better alternative was mapping languages such as R2RML https://www.w3.org/TR/r2rml/ for creating RDF data from spreadsheets.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
References
Assembly Bill No. 375 Privacy: personal information: businesses. California State Legislature, June 2018. https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375
Aleksandrova, Z.: Core Vocabularies, November 2016. https://ec.europa.eu/isa2/solutions/core-vocabularies_en
Bartolini, C., Muthuri, R.: Reconciling data protection rights and obligations: an ontology of the forthcoming EU regulation. In: Workshop on Language and Semantic Technology for Legal Domain, p. 8 (2015)
Bonatti, B.A., Dullaert, W., Fernandez, J.D., Kirrane, S., Milosevic, U., Polleres, A.: The SPECIAL policy log vocabulary, November 2018. https://aic.ai.wu.ac.at/qadlod/policyLog/
Bonatti, P., et al.: Data privacy vocabularies and controls: semantic web for transparency and privacy. In: Semantic Web for Social Good Workshop (SWSG) Co-located with ISWC2018. CEUR Workshop Proceedings, vol. 2182, October 2018. CEUR-WS.orghttp://ceur-ws.org/Vol-2182/paper_3.pdf
Bonatti, P.A., Kirrane, S., Petrova, I.M., Sauro, L., Schlehahn, E.: The SPECIAL usage policy language, V0.1. Technical report (2018). https://www.specialprivacy.eu/vocabs
Cavoukian, A., et al.: Privacy by design: the 7 foundational principles. Information and Privacy Commissioner of Ontario, Canada 5 (2009)
Classification of Everyday Living Version 1.0, January 2019. https://docs.oasis-open.org/coel/COEL/v1.0/os/COEL-v1.0-os.pdf
Cronk, R.J.: Categories of personal information, March 2017. Enterprivacy Consulting Group. https://enterprivacy.com/2017/03/01/categories-of-personal-information/
European Parliament and Council: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), May 2016
Fatema, K., Hadziselimovic, E., Pandit, H.J., Debruyne, C., Lewis, D., O’Sullivan, D.: Compliance through informed consent: semantic based consent permission and data management model. In: Proceedings of the 5th Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn2017) (PrivOn) (2017). http://ceur-ws.org/Vol-1951/PrivOn2017_paper_5.pdf
Fielding, R.T., Singer, D.: Tracking Preference Expression (DNT), January 2019. https://www.w3.org/TR/tracking-dnt/
Garijo, D., Gil, Y.: The P-PLAN ontology, March 2014. http://vocab.linkeddata.es/p-plan/
Iannella, R., McKinney, J.: vCard Ontology - for describing People and Organizations, May 2014. https://www.w3.org/TR/vcard-rdf/
Iannella, R., Villata, S.: ODRL Information Model 2.2, February 2018. https://www.w3.org/TR/odrl-model/
Kirrane, S., et al.: SPECIAL deliverable d2.8 - transparency and compliance algorithms v2, November 2018. https://www.specialprivacy.eu/images/documents/SPECIAL_D28_M23_V10.pdf
Lebo, T., et al.: PROV-O: The PROV Ontology (2013)
Lizar, M., Turner, D.: Consent Receipt Specification v1.1.0. Technical report, Kantara Initiative (2017). https://docs.kantarainitiative.org/cis/consent-receipt-specification-v1-1-0.pdf
P3p: The Platform for Privacy Preferences. https://www.w3.org/P3P/
P7012 - Standard for Machine Readable Personal Privacy Terms. https://standards.ieee.org/project/7012.html
Palmirani, M., Martoni, M., Rossi, A., Bartolini, C., Robaldo, L.: PrOnto: privacy ontology for legal reasoning. In: Kő, A., Francesconi, E. (eds.) EGOVIS 2018. LNCS, vol. 11032, pp. 139–152. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98349-3_11
Pandit, H.J., Debruyne, C., O’Sullivan, D., Lewis, D.: GConsent - a consent ontology based on the GDPR. In: Hitzler, P., et al. (eds.) ESWC 2019. LNCS, vol. 11503, pp. 270–282. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-21348-0_18
Pandit, H.J., Fatema, K., O’Sullivan, D., Lewis, D.: GDPRtEXT - GDPR as a linked data resource. In: Gangemi, A., et al. (eds.) ESWC 2018. LNCS, vol. 10843, pp. 481–495. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93417-4_31
Pandit, H.J., Lewis, D.: Modelling provenance for GDPR compliance using linked open data vocabularies. In: Proceedings of the 5th Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn2017) (PrivOn) (2017). http://ceur-ws.org/Vol-1951/PrivOn2017_paper_6.pdf
Sacco, O., Passant, A.: A Privacy Preference Ontology (PPO) for linked data. In: LDOW. Citeseer (2011). http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.357.3591&rep=rep1&type=pdf
Schema.org. https://schema.org/
Snell, J.M., Prodromou, E.: Activity streams 2.0, May 2017. https://www.w3.org/TR/activitystreams-core/
Suárez-Figueroa, M.C., Gómez-Pérez, A., Fernández-López, M.: The NeOn methodology for ontology engineering. In: Suárez-Figueroa, M.C., Gómez-Pérez, A., Motta, E., Gangemi, A. (eds.) Ontology Engineering in a Networked World, pp. 9–34. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-24794-1_2
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Pandit, H.J. et al. (2019). Creating a Vocabulary for Data Privacy. In: Panetto, H., Debruyne, C., Hepp, M., Lewis, D., Ardagna, C., Meersman, R. (eds) On the Move to Meaningful Internet Systems: OTM 2019 Conferences. OTM 2019. Lecture Notes in Computer Science(), vol 11877. Springer, Cham. https://doi.org/10.1007/978-3-030-33246-4_44
Download citation
DOI: https://doi.org/10.1007/978-3-030-33246-4_44
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-33245-7
Online ISBN: 978-3-030-33246-4
eBook Packages: Computer ScienceComputer Science (R0)