The level of privacy and trust concerns has raised to a point where people start to refuse services. Services on the Web are often very complex orchestrations of cooperations between multiple actors. This will increase if the upcoming Internet of Things is taken into account. If the trust in such services is eroded, the growth of the Web and the growth of the digital economy is endangered. This workshop wants to address the privacy issue from the angle of data governance and transparency. And if transparency and data self determination are at stake, the challenge may also be how to convey the transparency to the user to allow for an informed self determination. This includes especially methods to generate and administer user consent, even in an IoT environment.
While the Workshop is open to a wide range of ideas, it is mainly inspired by the idea that today, we lack the tools for those wanting to be good citizens of the Web. It is related, but not limited to the work on Permissions and on Tracking protection. Because those permissions and tracking signals carry policy data, the systems have to react upon those signals. To react in a complex distributed system, the signals have to be understood by more than one implementer. The challenge is to identify the areas where such signals are needed for privacy or compliance and to make those signals interoperable. This can take the form taxonomies, vocabularies or ontologies. The most important challenge is to make policy and privacy signals interoperable and transportable within various systems, beyond the mere relation in a browsing context. In the era of upcoming privacy regulation with high fines, we need to make the data lake usable again while respecting the human user.
Because of the paradigm of data self determination, the challenge is bidirectional. Once the semantics of privacy or compliance are clear, this information also has to be presented to the user. On the Web, this is a challenge for the terminal equipment, including but not limited to browsers. E.g., the set of preferences offered to the user may vary with the capability of a service to accommodate those preferences. This needs signaling of the possible preferences (semantics) and a way to communicate the selection back. Such exchange can be protocol- or data driven. Where it is data driven, the policy semantics are transported over whatever channel is available, e.g. using linked data.
Want to attend? Have something insightful to share?
The workshop will be held in Vienna (Austria) at the University of Economics and Business (WU Wien). Tentatively, a video link to a location in Boston is planned. We will have a limited number of possible attendees at the workshop. People with ideas on how to implement data self determination on the Web and in Linked Data should attend. Beyond exploring Privacy Enhancing Technologies for the Web, the Workshop will also determine whether there is interest in standardization of necessary vocabularies and semantics that need to be agreed upon and put in place to enable privacy enabled services, transparency and measurable compliance to regulation or set policies.
Please note, expressions of interest and position statements are not presentation proposals. This is a workshop, not a conference, and any presentations will be short, with topics suggested by expressions of interest and decided by the chairs and program committee. Our goal is to actively discuss topics, not to watch presentations.
Attendees are encouraged to read all accepted expressions of interest prior to the workshop, to facilitate informed discussion.
Attendance is free for all invited participants, and open to
the public (space allowed), whether or not W3C members.
Unfortunately, the workshop budget does not allow us to provide travel or lodging expenses to attendees.
Possible topics include, but are not limited to the following:
Privacy and Transparency in Linked Data
Identity management vocabularies
Categories of sensitive and personal data
Modeling personal data usage, processing, sharing, and tracking
Modeling/Interlinking aspects of privacy and provenance
Modeling consent and making it transportable
Vocabularies to model privacy policies, regulations, and involved (business) processes
New ways to put the user in control benefiting from semantic interoperability of policy information
Modeling permissions, obligations, and their scope in dealing with personal data (particularly, profiles and extensions of ODRL)
Reasoning about formally declared privacy policies, in order to detect policy violations, breach and enforce policies
Exploring links and synergies using Linked Data vocabularies in the context of related efforts such as W3C's Social Web WG, Verifiable Claims WG, ODRL/POE WG, Credentials CG, and PROV WG or other (non-W3C) efforts (e.g. OASIS XDI, OASIS COEL, Kantarainitiative’s CISWG).
Visualizations of data and policy information to help data self determination, especially taking up the challenge of useful simplifications and layered approaches
It is important to make the policy transportable and interoperable.
Out of Scope
Solutions for mere access control or permissions on the device and only facing the end user. Permissions or access control typically request access to a capability (like camera or microphone) without telling the user what data will be collected and for what purpose it will be used.
Mere preference stores to manage the user's personal data without transporting policies
Web Security solutions that mainly aim at encrypting or obfuscating data. The mere combination of encryption with another solution does not make it out-of-scope.
An author of a position statement accepted is not required to attend (you can fill out the expression of interest form instead), but it does help set the topic discussions and to establish a particular point of view. If you wish, you can send us a position statement at <firstname.lastname@example.org>, by 28 February 2018. Our program committee will review the expressions of interest, and select the most relevant topics and perspectives.
A good position statement should be a few paragraphs (between 500 and 1000 words) and should include:
Your background in Privacy, Linked Data and Web technologies
Where there is potential for improvement of interoperability, especially concerning semantics on privacy and compliance
Links to related supporting resources, activities and working groups
New approaches to data privacy and data self determination, where applicable.
A focus on technical issues, not process or platform preference. We plan to talk about the what, not the how.
Position statements must be in English, and HTML or plain-text format; images should be included inline in HTML using base64-encoded data URIs. You may include multiple topics, but we ask that each person submit only a single coherent position statement. All suitable submitted expressions of interest will be published and linked to from this workshop page.
Who Should Attend
Attendance is open to all, and our aim is to get a diversity of attendees from a variety of industries and communities, including:
People dealing with Linked Big Data
Data protection authorities
Security and privacy researchers
Developers of Privacy Enhancing Technologies
There are a lot of voices and conflicting opinions in the
privacy communities. Are you skeptical that standardization
should be discussed at all? Are the same technologies that are
critizized for enabling DRM actually useful/usable to protect
and enforce privacy? We also welcome expressions of interest on issues that pose challenges to standardization, helpful to frame workshop topics and serve as a reality check. Please label these submissions “Standards Con” to distinguish them.
Event Archive Policy: Video and Transcripts
For posterity and for those unable to attend this workshop, we may be recording video and/or audio of the event, and will provide live notes (minuted in IRC) of the presentations and group discussion. Participants will be asked to sign a media waiver.
The primary goal of the workshop is to explore interoperability in privacy and compliance expressions using Linked Data. But based on transportable linked data, many privacy concepts can be created. Those are also welcome and give the workshop an additional exploratory aspect.
While we hope to identify opportunities and possible timelines for standardization, we do not anticipate that W3C will form a Working Group as a direct result of this workshop. Instead, if we do identify areas that need Web standardization, our aim would be to incubate and refine these ideas, to make sure that the right steps are taken at the right time for the key stakeholders involved.
What is W3C?
W3C is a voluntary standards consortium that convenes companies and communites to help structure productive discussions around existing and emerging technologies, and offers a Royalty-Free patent framework for Web Recommendations. We focus primarily on client-side (browser) technologies, and also have a mature history of vocabulary (or “ontology”) development. W3C develops work based on the priorities of our members and our community.
The workshop will focus around several topics identified by the expressions of interest. Each topic will be introduced by one or more related lightning talks, and will be explored more in-depth by discussion breakouts, conlcuded with joint summaries of the breakouts. The goal of the discussion is not be to resolve the technical issues of the topic, but to determine its relevance and priority to standardization.
Becoming a Sponsor
For details on the available sponsorship opportunities for this workshop, see our Sponsorship Packages.
Becoming a Sponsor
W3C Workshops, meetups, and other events bring you into direct contact with leading Web technology experts: representatives from industry, research, government, and the developer community.
Whether your interests are focused on a particular topic being discussed by a Working Group, or you wish to reach a diverse international audience setting W3C's strategic direction, sponsorship helps your organization reach W3C's engaged participants.
Sponsorships offset a portion of our meeting costs, so W3C welcomes multiple sponsors for each event. All proposals for sponsorship are subject to W3C approval.
If you're interested in being a sponsor of the W3C Linked
Data and Privacy Workshop, please contact Bernard Gidon, EMEA
Business Development, at <email@example.com>.