Discussion on Next steps

Discussion Followup

  1. Policy interoperability/mapping (need for data abstractions and policy abstractions (ontologies) to allow binding policies across various application type)
    • task: standard language for evidence (backup for authentication assertions) IDEMIX
    • mechanisms for discovery of ontologies
    • interested in Policy Frameworks Interest Group (PFIG): Patrica, Anne, Piero, Giles, Renato, Hannes, Marco, Pierangela, Jean-Christophe, Marit, Sören, Xavier, Danny
  2. Is there a common framework for access control, data handling and usage control (how to use access rights developed in DRM).
  3. User preferences: pre-defined sets? standard expression thereof (conditions, actions, obligations)
    • use case: privacy preferences attached to disability status,

caveat: product/implementation focus and deployment time horizon

What needs more research?

  1. economic aspects of privacy (business cases, Privacy SLAs)
    • W3C co-sponsored Symposium on economic aspects of privacy?
  2. what is user-centric ?
  3. balance between transparency tools and opacity tools/fair information practices and confidentially
  4. what is beyond the US & EU data protection directives ?
  5. privacy agreements in closed and open groups
  6. Negotiation (we didn't hear much about it). Seek links with agent community.
  7. Achieving user convenience in data conveyance with privacy protection, e.g. in authentication protocols.

Other contexts

  1. privacy not addressed in IPTV
  2. how to meet the requirements of ambient intellegience