POSITION STATEMENT FROM OASIS CLASSIFICATION OF EVERYDAY LIVING (COEL)
TC
For presentation at Data Privacy Controls and Vocabularies, a W3C Workshop on Privacy and Linked Data
April 17-18 2018, Vienna, Austria.
The COEL-TC (https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=coel) manages
the development of an OASIS Open Standard that implements a privacy-by-design
framework for the collection and processing of behavioural data. The standard provides
a means to improve interoperability for organisations that seek to create working
privacy-by-design systems. Applications built using COEL deliver data privacy
and data self determination for individual citizens
and consumers, in a way that is fully auditable and easy to check legal compliance.
There are four key technical insights
that have been used to build COEL as the basis for the transparent use of
dynamic data for personalised digital services, IoT
applications where devices are collecting information about identifiable
individuals and the coding of behavioural data in identity solutions:
[1] For privacy-by-design
applications, we have found that a minimum requirement is to pseudonymise personal data at source and then maintain a strict and auditable separation
of different data types with aligned roles & responsibilities for all
actors involved.
[2] We have defined new data types
based on the expertise of COEL-TC members in digital capture of human behaviourial data. The well defined
data types in COEL standard are one of the core means to deliver
interoperability for users of the standard. All behavioural data are defined as
event-based packets. Every packet is connected
directly to an individual and can contain a summary of the consent they
provided for the processing of the data. This provides a means to store and
process context specific consent using e.g. Kantara
CISWG-TC protocols (https://kantarainitiative.org/groups/ciswg/) or
other consents standards.
[3] The Classification of Everyday Living
is a holistic, hierarchical taxonomy that sits at the heart of the COEL
Standard. For applications that require granular data on everyday human
behaviour, we believe the COEL taxonomy provides a unique and extensible knowledge
base that can deliver semantic harmonisation for personalised services.
The first version of this asset already delivers a high level of harmonised knowledge,
and the COEL-TC framework provides a structured means for this to develop in
years to come to a broader and richer ontology derived from use cases. An
interactive visualisation of the current COEL JSON artefact has been created by
Coelition
(https://coelition.org/) to showcase this asset base (https://coelition.org/business/resources/visualising-life/). We
believe that the combination of the COEL taxonomy of human behaviours, and the
event-based data type and data handing protocols, provide a universal template
for data portability. We have consciously kept the knowledge that is encoded in
the COEL taxonomy independent of the technical infrastructure used for the COEL
standard.
[4] Privacy-by-design applications
cannot be achieved with a pure technical solution. In parallel with the well-defined
data types and taxonomy, the COEL approach also defines roles &
responsibilities for actors who want to use the COEL standard in
privacy-by-design implementations. The COEL Standard describes simple
interface specifications that help enforce the separation of roles and provide
system-level interoperability.