[WG-InfoSharing] W3C Data Privacy Vocabulary - Consent Receipt Inputs

Andrew Hughes andrewhughes3000 at gmail.com
Thu Jun 20 00:37:07 UTC 2019


Thanks for the history lesson Mark.

What I'm actually interested in is how ontologies generally are consumed
and used. When I read this one, some items read as definitions, some as
description, and some as pure pointers to other documents.

I would like to understand why this is and what the implications are for
implementers.


On Wed, Jun 19, 2019 at 4:17 PM Mark @ OC <mark at openconsent.com> wrote:

> Hi Andrew,
>
> (I will see if Harsh can make a meeting - offline)
>
> And for this:  A bit of  CISWG background;
>
> There is a long standing v1 action from v0.07 for the Purpose Categories,
> the Data Categories and the purpose specification.  Originally,  Richard
> Beaumont, from Governor Tech, a company purchased by One Trust for their
> pioneering of cookie banners, contributed a set of purpose categories, and
> we made a first set of data categories before stumbling upon Jason’s
> amazing work in this space. These are required to make a legally (for the
> Regulators) useful demo of consent receipts.
>
> Later in v0.09, this was moved to the Kantara wiki with a long standing
> Action item to produce these required components for legally usable
> receipts.
>
> Yes - Understanding a semantic system generating a receipt rather than a
> record system generating a receipt is  - new -   in many use cases it was
> assumed the input was from a record - but - its the output (the receipt)
> that is the record for both parties with the DPV.  It removes a couple of
> technical steps which makes the use of semantics much more efficient, the
> technology much more flexible.  (But lots to learn still)
>
> But, of course, this is something Jim from Common Accord has discussed to
>  the CISWG, on a couple of occasions, also provided an example ( e.g. a
> consent based on the Global Alliance for Genomics and Health’s “model
> form”
> <http://www.commonaccord.org/index.php?action=source&file=Wx/org/genomicsandhealth/REWG/Demo/Geraldine_Graber_DE>
> )
>
> So there are a lot more pieces here now.  And Semantics brings a new set
> of considerations.
>
> Mark
>
>
>
> On 19 Jun 2019, at 22:57, Andrew Hughes <andrewhughes3000 at gmail.com>
> wrote:
>
> The DPV is very interesting!
>
> I'm not very fluent in working with ontologies - I'm browsing the dpv.ttl
> in Protege, trying to get a feel for what's here.
>
> Any chance we could invite Bud, Harsh or Jason to walk the WG through the
> work?
>
> I know that the DPV is useful in context of the receipt specification -
> just need some help to understand how to use it
>
> andrew.
>
> *Andrew Hughes *CISM CISSP
> *In Turn Information Management Consulting*
>
> o  +1 650.209.7542
> m +1 250.888.9474
> 5043 Del Monte Ave.,
> <https://www.google.com/maps/search/5043+Del+Monte+Ave.,+Victoria,+BC+V8Y+1W9?entry=gmail&source=g>
>  Victoria, BC V8Y 1W9
> <https://www.google.com/maps/search/5043+Del+Monte+Ave.,+Victoria,+BC+V8Y+1W9?entry=gmail&source=g>
> AndrewHughes3000 at gmail.com
> *https://www.linkedin.com/in/andrew-hughes-682058a
> <https://www.linkedin.com/in/andrew-hughes-682058a>*
> *Digital Identity | International Standards | Information Security *
>
>
> On Wed, Jun 19, 2019 at 12:43 PM Mark @ OC <mark at openconsent.com> wrote:
>
>> Hello Everyone,
>>
>> The W3C  DPV v.1 was approved yesterday - and Harsh who has administered
>> the DPV works, has been kind enough to provide an input for us in terms of
>> what was taken from the CR and how it was used for the GDPR.
>>
>> On behalf of CISWG, I would like thank both Harsh and Bud for the effort
>> of including and vetting the CR for use with the DPV vocabulary.  And
>> special thanks for Harsh for feeding back the results, which will enable
>> the semantic generation of consent receipts.
>>
>> The DPV,  provides the CISWG with authoritative ontologies, including
>> personal data categories, (base set provided a few years ago by Jason at
>>  Enterprivacy - Thank You Jason) as well as very much needed position on
>> Data Controller Categories, and the initial set/approach to purposes.  All
>> of which are key to enabling a consent receipt to be used for compliance
>> and evidence for Me2B and B2C.
>>
>> Here is the link to the CR input workshee
>> <https://docs.google.com/spreadsheets/d/1OPIuYdaTLqIQforseLS4YY0RDxy4gYoYF55sVbTp2PQ/edit?usp=sharing>t
>> (Andrew/Kate, let me know if you need more information.)  This worksheet
>> provides the differences from the CR v1.1 to the GDPR DPV compliance
>> vocabulary and can now be used to provide an authoritative explicit consent
>> receipt specification.
>>
>> Best Regards,
>>
>> Mark
>>
>> On 18 Jun 2019, at 18:11, Harshvardhan J. Pandit <me at harshp.com> wrote:
>>
>> Dear All,
>>
>> As agreed in today's call, we now have repositories for:
>>
>> dpv vocabulary: https://github.com/dpvcg/dpv
>>
>> dpv-gdpr vocabulary: https://github.com/dpvcg/dpv-gdpr
>>
>> dpv-nace vocabulary: https://github.com/dpvcg/dpv-nace
>>
>> Regards,
>>
>> Harsh
>>
>> _______________________________________________
>> WG-InfoSharing mailing list
>> WG-InfoSharing at kantarainitiative.org
>> https://kantarainitiative.org/mailman/listinfo/wg-infosharing
>>
> _______________________________________________
> WG-InfoSharing mailing list
> WG-InfoSharing at kantarainitiative.org
> https://kantarainitiative.org/mailman/listinfo/wg-infosharing
>
>
> --
Andrew Hughes CISM CISSP
In Turn Information Management Consulting
o  +1 650.209.7542 m +1 250.888.9474
1249 Palmer Road, Victoria, BC V8P 2H8
AndrewHughes3000 at gmail.com
https://www.linkedin.com/in/andrew-hughes-682058a
Digital Identity | International Standards | Information Security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/wg-infosharing/attachments/20190619/b13917a2/attachment.html>


More information about the WG-InfoSharing mailing list