Privacy, Provenance, Property and Personhood - ISWC November 2005 - Daniel Weitzner

Click anywhere or press the space bar to continue.

Montreal night scene - credits: Fotograferen.net

Semantic Web Public Policy Challenges: Privacy, Provenance, Property and Personhood

Daniel J. Weitzner
Decentralized Information Group
MIT Computer Science and Artificial Intelligence Laboratory

These slides: http://www.w3.org/2005/Talks/1110-p4-semweb-iswc/

Overview

Practical philosophy on the relationship between law and society

Some observations on the evolution of services on the Web

Design patterns we may infer from what we know of the law and the Web.

Facing the Challenge of the Web and Policy (public and otherwise):

General view (amongst those who 'get' the Web): law has to catch up with new technology.

General question: how will laws catch up?

My question: how will the Web catch up with the time-tested relationship between the Law and Society?

Privacy Property Personhood

Quiz

How many believe you are subject to law (any law)?
How many of you follow (most) laws? [exclude speed limits]
How many of you read all the laws to which you believe you are subject?
How many have been to a court of law?

Setting expectations for social layer of the semantic web

How will the Web finally catch up with the 'real world'?: in everyday life, the vast major of 'policy' problems get worked out without recourse to legal system.

Design goal: instrument the Web to provide seamless social interactions which allow us to avoid legal system the way we do in the rest of life

Punch line: In the shift from centralized to decentralized information systems we see a general trend:

ex ante policy enforcement barriers -> policy description with late binding of rules for accountability

Privacy -- The challenge of web-scale profiling


	“Authorities in the Washington region spotted the same faded blue 1990 Chevrolet Caprice and recorded its New Jersey tags on at least 10 different occasions this month…. Each time, however, they let the driver go after finding no record that it had been stolen or that its occupants were wanted for any crimes.
’We were looking for a white van with white people, and we ended up with a blue car with black people,’ said D.C. Police Chief Charles H. Ramsey” Washington Post 26 October 2002, p.A01

Privacy shifts -- from collection limts to use limits

Most intrusive practices are from inferences drawn, not individual quanta of information collected:

Credit card transactions -> profiling
Web logs -> Web search patterns
Instantaneous location -> travel patterns

collection barriers -> usage description with accountability (after the fact) to rules:

Departure from information hiding as a privacy protection mechanism -> transparency and accountability

Provenance

editorial (or algorithmic) barriers -> individual description with trust inferencing;

Departure from centralized editorial control -> ad hoc, customized reasoning over large volume of description

Property

Departure from Hollywood content (centralied production) -> Blogs, Flickr and Livejournal (decentralized content we all make)

Property

Move from up-front enforcement barriers (DRM) -> open description of licensing terms (CC) with after-the-fact enforcement as needed

2 Models of Personhood (aka 'identity management')

Trusted Third Parties	De-referenceable 2nd Partes
Liberty Alliance & Microsoft InfoCard	FOAF & Open ID
multiple ID info bundles held by trusted 3rd parties accessible through common WS* stack named by End Point References	individually-published personal info web of Knows: links URI-based accessible through Web and Semweb stack

How to Represent Personhood?

first class object -- yes
trusted 3rd parties (banks, governments, etc.) -- vital in the world now and in the future
super first-class status -- ?

Conclusion - Privacy, Provenance, Property and Personhood


	old barriers...	replaced by policy description...
Privacy	collection limits	transparent usage rules with accountability
Provenance	centralized editors as opaque barriers	transparent description with trust-based reasoning
Property	DRM for centrally-produced content	transparent license rules (seeking, but not demanding compliance) with enforcement after-the-fact
Personhood	??	??

Semantic Web design goal: provide lots of description and just enough reasoning in order to:

make policy compliance commonplace without more than tacit notice by users, and
support enforcement with human/legal system intervention when necessary.

The Semantic Web offers many of the tools do achieve these goals, but we've got to use them.

Benchmark: In any well-instrumented social system policy compliance is an emergent property.

Links and Acknowledgements

For more information see:

MIT Decentralized Information Group: http://dig.csail.mit.edu/
Transparent, Accountable Datamining Initiative (TAMI): http://groups.csail.mit.edu/dig/TAMI
Policy Aware Web project (PAW): http://www.policyawareweb.org/

Work described here is supported by the US National Science Foundation Cybertrust Program (05-518) and ITR Program (04-012).