PrOnto: Privacy Ontology for Legal Reasoning
PrOnto: Privacy Ontology for Legal Reasoning
Provides modeling of the privacy agents, data types, types of processing operations, rights and obligations. Uses FRBR, LKIF Core, ALLOT, and PWO ontologies.
- domain: Legal Reasoning
- creators/authors/publishers:
- Monica Palmirani (University of Bologna, CIRSFID, Bologna,Italy)
- Michele Martoni (University of Bologna, CIRSFID, Bologna,Italy)
- Arianna Rossi (University of Bologna, CIRSFID, Bologna,Italy)
- Cesare Bartolini (SnT - Interdisciplinary Centre for Security, Reliability and Trust, Université du Luxembourg, Luxembourg City, Luxembourg)
- Livio Robaldo (SnT - Interdisciplinary Centre for Security, Reliability and Trust, Université du Luxembourg, Luxembourg City, Luxembourg)
- url link: not available
- documentation if available online: not available
- publication(s): Palmirani M., Martoni M., Rossi A., Bartolini C., Robaldo L. (2018) PrOnto: Privacy Ontology for Legal Reasoning. In: Kő A., Francesconi E. (eds) Electronic Government and the Information Systems Perspective. EGOVIS 2018. Lecture Notes in Computer Science, vol 11032. Springer, Cham https://link.springer.com/chapter/10.1007/978-3-319-98349-3_11
Relevance
- Origin: Not specified
- Developed since: Not specified
- Latest version: Not specified
Covered Requirements
- Taxonomy of regulatory privacy terms (including all GDPR terms): YES. Contains references to terms from GDPR, including rights and obligations, as was as compliance.
- Taxonomy for personal data: YES. It contains concepts such as Sensitive data (health, ethic, genetic, ...), Anonymous Data, Judicial Data
- Taxonomy of purposes: YES
- Taxonomy of disclosure: NO
- Metadata related to the details of anonymisation: YES (unclear about coverage)
- Log vocabularies for immutably and securely recording: NO
- disclosure of consent
- revocation of consent
- policy changes
- transparency
- Taxonomy of linkage operations: NO
- Taxonomies of human behavior: NO
Uptake and Covered Use-cases
Evaluation of the ontology/approach was carried out inside/using Cloud4EU European project PCP3 http://www.agid.gov.it/cloudforeurope that intends to provide legal compliance checking systems for eGovernment services that are delivered across the cloud. Another example for compliance checking, as quoted from the publication: "We suppose that a software manages documentation, registry of processing, DPIA information, etc. (e.g., software provided by the French CNIL – Commission Nationale de l’Informatique et des Libertés6). If such a software is connected with PrOnto ontology, we can check for GDPR compliance throughout all the lifecycle of the personal data, using advanced legal reasoning tools or SPARQL end-points."
List and cross-reference the use cases in the Use cases section:
- SPECIAL/Proximus use case - personalized touristic recommendations: Pending more info on the use-case
- SPECIAL/DT use case - mobile network quality measurements: Pending more info on the use-case
- SPECIAL/TR use case - ‘Know Your Customer’ (finance, anti-money-laundering): Pending more info on the use-case
- DECODE/DEC01 use case - Online voting system with privacy: Pending more info on the use-case
- DECODE/DEC02 use case - Rental Register: Pending more info on the use-case
- DECODE/DEC03 use case - Sharing sensor data: Pending more info on the use-case
Terms and Concepts
The work presents a lot of relevant terms/concepts and methods which needs further introspection. In terms of an overview, PrOnto contains five modules: (i) documents and data, (ii) actors and roles, (iii) processing and workflow, (iv) legal rules and deontic formula, (v) purposes and legal bases; each of which presents a model (term/concept and relations) using OWL.