IRC log of dpvcg on 2021-12-01

Timestamps are in UTC.

12:50:22 [RRSAgent]
RRSAgent has joined #dpvcg
12:50:22 [RRSAgent]
logging to https://www.w3.org/2021/12/01-dpvcg-irc
12:50:45 [harsh]
ScribeNick: harsh
12:50:47 [harsh]
Meeting: DPVCG Meeting Call
12:50:50 [harsh]
Chair: harsh
12:50:55 [harsh]
Date: 01 DEC 2021
12:51:00 [harsh]
Agenda: https://lists.w3.org/Archives/Public/public-dpvcg/2021Nov/0006.html
12:51:12 [harsh]
Present: harsh, fajar
13:01:08 [harsh]
Present+: paul, georg
13:01:23 [harsh]
Present+: julian
13:01:44 [harsh]
Present+: inah
13:05:13 [harsh]
Regrets: beatriz
13:09:25 [harsh]
Topic: Presentation on use of DPV in WellFort Project by Fajar
13:10:20 [harsh]
WellFort is an Austrian project for developing a prototype/early-stage regarding privacy-preserving data analysis with auditability using semantic web
13:10:36 [harsh]
It is a 2 year project involving SBA research and TU Wien
13:11:34 [harsh]
Premise is situations where data is preferred to be stored locally (e.g. on device) to lessen compliance loads/obligations/risks
13:12:26 [harsh]
Stakeholders in system include users who give consent
13:13:02 [harsh]
Requirements are to ensure secure storage for sensitive data, manage consent and contribute to studies while preserving anonymity, and verify how their data is being used and by whom
13:13:42 [harsh]
URL for project info (ERCIM newsletter) https://ercim-news.ercim.eu/en126/special/wellfort-a-platform-for-privacy-preserving-data-analysis
13:14:37 [harsh]
*WellFort Platform*
13:17:20 [harsh]
Users upload the data through the app or service, and give consent. This information is stored in a triplestore.
13:18:41 [harsh]
Analyst can request data categories, based on which the Controller sends queries to retrieve this data based on consent given and by matching the related purposes and personal data handling.
13:20:33 [harsh]
Depending on study, data can be utilised as (fully) anonymised or non-anonymised to be used by the Analyst
13:22:24 [harsh]
inah: 1) Are there any semantics that assist with anonymisation? 2) You mentioned users uploading consent, what does this consent contain/entail e.g. what details? 3) What responsibilities are related from this consent?
13:23:14 [harsh]
fajar: For #1 The platform produces the anonymised data, and we're trying to explore/develop relation between anonymised data and original data with semantics (paraphrased)
13:23:30 [harsh]
fajar: For #2 and #3 we use DPV to represent the consent details
13:24:24 [harsh]
georg: The triplestore also stores consent, which can be queried, and which uses DPV. Is this only based on DPV or are there additions?
13:24:45 [harsh]
fajar: We have extended DPV with DCAT and other attributes for representing relations with the dataset
13:27:26 [harsh]
*Dataset description and Consent metadata*
13:27:46 [harsh]
DCAT is used to represent datasets, and DPV is used to denote what personal data categories are utilised in it.
13:28:44 [harsh]
DPV components used for consent: Personal data categories, Processing, Purpose, Recipient (with extensions like Research Organisation)
13:29:08 [harsh]
For representing expiry, the property expiryTime is additionally created with range xsd:dateTime for specific domains of consent and personal data handling
13:30:04 [harsh]
The existing property hasExpiryTime was not used because it needs use of Time vocabulary whereas this work needed XSD
13:32:24 [harsh]
Consent changes are stored in audit log, and the values changed in-place within the triple store to maintain auditing capabilities with practical considerations
13:33:23 [harsh]
URL for WellFort ontology https://w3id.org/wellfort/ns/dpv
13:34:19 [harsh]
* Consent Checking Mechanisms *
13:34:37 [harsh]
Uses SPECIAL's / Piero's OWL2-PL usage policy checking mechanism
13:35:11 [harsh]
Future work consists of exploring use of PLR reasoning by Piero et al as it is faster
13:37:08 [harsh]
URL for repository with work related to SWJ paper https://gitlab.isis.tuwien.ac.at/wellfort/wellfort-swj
13:37:31 [harsh]
DataSHIELD used for Trusted environment https://datashield.org/
13:39:27 [harsh]
Suggestion/Question to DPV about updates and best-practices available
13:40:16 [harsh]
* Links *
13:40:37 [harsh]
Paper accepted for publication in Semantic Web Journal http://www.semantic-web-journal.net/system/files/swj2883.pdf
13:40:49 [harsh]
* Q&A *
13:42:06 [harsh]
inah: What are the implications of consent? Such as subject rights. And whether these can be represented using the vocabulary.
13:42:36 [harsh]
fajar: This only models the attributes related to matching data categories
13:43:33 [harsh]
inah: Does the user know the purpose the analyst uses or will use?
13:44:08 [harsh]
fajar: User specifies purpose for "research" and when analyst uses a subclass of research, this is permitted
13:50:40 [harsh]
harsh: consent should be modelled as explicit consent ; we're going to remove the boolean property and instead specify classes for which consent would be instantiated
13:50:51 [harsh]
harsh: purpose should not be vague e.g. research, and should contain more context
13:51:00 [harsh]
georg: how does user withdraw consent and how is this represented ?
13:51:06 [harsh]
fajar: we have not modelled this yet
13:52:36 [harsh]
paul: what is the frequency of data uploads / ingestion?
13:52:47 [harsh]
harsh: do users have to give consent for every data being sent?
13:53:06 [harsh]
fajar: this is set by app e.g. daily runs with its own consent or single consent being referenced
13:57:01 [harsh]
paul: how do different organisations work with this ? do they set up their own instances?
15:05:46 [harsh]
fajar: single platform as it allows different companies, especially SMEs to pool data and resources and get better benefits
15:05:51 [harsh]
zakim, bye
15:05:51 [Zakim]
leaving. As of this point the attendees have been harsh, fajar, :, paul, georg, julian, inah
15:05:51 [Zakim]
Zakim has left #dpvcg
15:06:00 [harsh]
rrsagent, publish minutes v2
15:06:00 [RRSAgent]
I have made the request to generate https://www.w3.org/2021/12/01-dpvcg-minutes.html harsh
15:06:03 [harsh]
rrsagent, set logs world-visible
15:06:18 [harsh]
rrsagent, bye
15:06:18 [RRSAgent]
I see no action items