Submitted by: Jason Novak --------------------------------- Bio I am a Privacy Analysis engineer in the User Privacy group at Apple, Inc. where I work to understand the intersection of privacy and technology, including how users understand privacy, ensuring Apple's strict privacy protections are maintained and strengthened across its product range, and assessing external risks for user privacy. As part of this work I work with standards groups like the W3C in PING and TPWG to enhance privacy in standards. I previously managed the company's Privacy Engineering team where I worked with engineering teams to build features with privacy by design. Prior to Apple, I was an Assistant Director of Digital Forensics at Stroz Friedberg, LLC, where he was responsible for: supervising digital forensic examiners; analyzing apps and systems for their privacy impact; and providing expert testimony. Jason --------------------------------- Your goals In conversation with engineers, technologists, product marketing, legal teams, and other stakeholders, it is common for different people to say the same words but mean radically different things when it comes to privacy. A goal that I have in attending this workshop is to help develop a common language of privacy that can be used by industry to better define the privacy problems users face and develop solutions that integrate technology and privacy's many facets including regulatory requirements and legal jurisprudence. --------------------------------- Workshop Goals For the workshop to be productive, I think that it should focus on delivery a definition of private data and how it can be modeled to effectively assess privacy harm and shape both technologies and regulation of that technology effectively. --------------------------------- Your interests Please select the rank-order (1 to 10) for the options you think are acceptable (i.e. you can live with it), where 1 is the most preferred, 2 the next best and so on... * Vocabularies to model privacy policies, regulations, and involved (business) processes: [ Ranked 3 ] * Identity management vocabularies: [ Ranked 7 ] * Modeling personal data usage, processing, sharing, and tracking: [ Ranked 1 ] * Interlinking aspects of privacy and provenance: [ Ranked 9 ] * Modeling consent and making it transportable: [ Ranked 8 ] * New ways to put the user in control benefiting from semantic interoperability of policy information: [ Ranked 4 ] * Modeling permissions, obligations, and their scope: [ Ranked 6 ] * Reasoning about formally declared privacy policies: [ Ranked 5 ] * Exploring links and synergies using Linked Data vocabularies in the context of related efforts: [ Ranked 10 ] * Visualizations of data and policy information to help data self determination: [ Ranked 2 ] --------------------------------- Other Thoughts