Meeting minutes
Presentation on use of DPV in WellFort Project by Fajar
WellFort is an Austrian project for developing a prototype/early-stage regarding privacy-preserving data analysis with auditability using semantic web
It is a 2 year project involving SBA research and TU Wien
Premise is situations where data is preferred to be stored locally (e.g. on device) to lessen compliance loads/obligations/risks
Stakeholders in system include users who give consent
Requirements are to ensure secure storage for sensitive data, manage consent and contribute to studies while preserving anonymity, and verify how their data is being used and by whom
URL for project info (ERCIM newsletter) https://
*WellFort Platform*
Users upload the data through the app or service, and give consent. This information is stored in a triplestore.
Analyst can request data categories, based on which the Controller sends queries to retrieve this data based on consent given and by matching the related purposes and personal data handling.
Depending on study, data can be utilised as (fully) anonymised or non-anonymised to be used by the Analyst
inah: 1) Are there any semantics that assist with anonymisation? 2) You mentioned users uploading consent, what does this consent contain/entail e.g. what details? 3) What responsibilities are related from this consent?
fajar: For #1 The platform produces the anonymised data, and we're trying to explore/develop relation between anonymised data and original data with semantics (paraphrased)
fajar: For #2 and #3 we use DPV to represent the consent details
georg: The triplestore also stores consent, which can be queried, and which uses DPV. Is this only based on DPV or are there additions?
fajar: We have extended DPV with DCAT and other attributes for representing relations with the dataset
*Dataset description and Consent metadata*
DCAT is used to represent datasets, and DPV is used to denote what personal data categories are utilised in it.
DPV components used for consent: Personal data categories, Processing, Purpose, Recipient (with extensions like Research Organisation)
For representing expiry, the property expiryTime is additionally created with range xsd:dateTime for specific domains of consent and personal data handling
The existing property hasExpiryTime was not used because it needs use of Time vocabulary whereas this work needed XSD
Consent changes are stored in audit log, and the values changed in-place within the triple store to maintain auditing capabilities with practical considerations
URL for WellFort ontology https://
* Consent Checking Mechanisms *
Uses SPECIAL's / Piero's OWL2-PL usage policy checking mechanism
Future work consists of exploring use of PLR reasoning by Piero et al as it is faster
URL for repository with work related to SWJ paper https://
DataSHIELD used for Trusted environment https://
Suggestion/Question to DPV about updates and best-practices available
* Links *
Paper accepted for publication in Semantic Web Journal http://
* Q&A *
inah: What are the implications of consent? Such as subject rights. And whether these can be represented using the vocabulary.
fajar: This only models the attributes related to matching data categories
inah: Does the user know the purpose the analyst uses or will use?
fajar: User specifies purpose for "research" and when analyst uses a subclass of research, this is permitted
harsh: consent should be modelled as explicit consent ; we're going to remove the boolean property and instead specify classes for which consent would be instantiated
harsh: purpose should not be vague e.g. research, and should contain more context
georg: how does user withdraw consent and how is this represented ?
fajar: we have not modelled this yet
paul: what is the frequency of data uploads / ingestion?
harsh: do users have to give consent for every data being sent?
fajar: this is set by app e.g. daily runs with its own consent or single consent being referenced
paul: how do different organisations work with this ? do they set up their own instances?
fajar: single platform as it allows different companies, especially SMEs to pool data and resources and get better benefits