IRC log of dpvcg on 2021-12-01
Timestamps are in UTC.
- 12:50:22 [RRSAgent]
- RRSAgent has joined #dpvcg
- 12:50:22 [RRSAgent]
- logging to https://www.w3.org/2021/12/01-dpvcg-irc
- 12:50:45 [harsh]
- ScribeNick: harsh
- 12:50:47 [harsh]
- Meeting: DPVCG Meeting Call
- 12:50:50 [harsh]
- Chair: harsh
- 12:50:55 [harsh]
- Date: 01 DEC 2021
- 12:51:00 [harsh]
- Agenda: https://lists.w3.org/Archives/Public/public-dpvcg/2021Nov/0006.html
- 12:51:12 [harsh]
- Present: harsh, fajar
- 13:01:08 [harsh]
- Present+: paul, georg
- 13:01:23 [harsh]
- Present+: julian
- 13:01:44 [harsh]
- Present+: inah
- 13:05:13 [harsh]
- Regrets: beatriz
- 13:09:25 [harsh]
- Topic: Presentation on use of DPV in WellFort Project by Fajar
- 13:10:20 [harsh]
- WellFort is an Austrian project for developing a prototype/early-stage regarding privacy-preserving data analysis with auditability using semantic web
- 13:10:36 [harsh]
- It is a 2 year project involving SBA research and TU Wien
- 13:11:34 [harsh]
- Premise is situations where data is preferred to be stored locally (e.g. on device) to lessen compliance loads/obligations/risks
- 13:12:26 [harsh]
- Stakeholders in system include users who give consent
- 13:13:02 [harsh]
- Requirements are to ensure secure storage for sensitive data, manage consent and contribute to studies while preserving anonymity, and verify how their data is being used and by whom
- 13:13:42 [harsh]
- URL for project info (ERCIM newsletter) https://ercim-news.ercim.eu/en126/special/wellfort-a-platform-for-privacy-preserving-data-analysis
- 13:14:37 [harsh]
- *WellFort Platform*
- 13:17:20 [harsh]
- Users upload the data through the app or service, and give consent. This information is stored in a triplestore.
- 13:18:41 [harsh]
- Analyst can request data categories, based on which the Controller sends queries to retrieve this data based on consent given and by matching the related purposes and personal data handling.
- 13:20:33 [harsh]
- Depending on study, data can be utilised as (fully) anonymised or non-anonymised to be used by the Analyst
- 13:22:24 [harsh]
- inah: 1) Are there any semantics that assist with anonymisation? 2) You mentioned users uploading consent, what does this consent contain/entail e.g. what details? 3) What responsibilities are related from this consent?
- 13:23:14 [harsh]
- fajar: For #1 The platform produces the anonymised data, and we're trying to explore/develop relation between anonymised data and original data with semantics (paraphrased)
- 13:23:30 [harsh]
- fajar: For #2 and #3 we use DPV to represent the consent details
- 13:24:24 [harsh]
- georg: The triplestore also stores consent, which can be queried, and which uses DPV. Is this only based on DPV or are there additions?
- 13:24:45 [harsh]
- fajar: We have extended DPV with DCAT and other attributes for representing relations with the dataset
- 13:27:26 [harsh]
- *Dataset description and Consent metadata*
- 13:27:46 [harsh]
- DCAT is used to represent datasets, and DPV is used to denote what personal data categories are utilised in it.
- 13:28:44 [harsh]
- DPV components used for consent: Personal data categories, Processing, Purpose, Recipient (with extensions like Research Organisation)
- 13:29:08 [harsh]
- For representing expiry, the property expiryTime is additionally created with range xsd:dateTime for specific domains of consent and personal data handling
- 13:30:04 [harsh]
- The existing property hasExpiryTime was not used because it needs use of Time vocabulary whereas this work needed XSD
- 13:32:24 [harsh]
- Consent changes are stored in audit log, and the values changed in-place within the triple store to maintain auditing capabilities with practical considerations
- 13:33:23 [harsh]
- URL for WellFort ontology https://w3id.org/wellfort/ns/dpv
- 13:34:19 [harsh]
- * Consent Checking Mechanisms *
- 13:34:37 [harsh]
- Uses SPECIAL's / Piero's OWL2-PL usage policy checking mechanism
- 13:35:11 [harsh]
- Future work consists of exploring use of PLR reasoning by Piero et al as it is faster
- 13:37:08 [harsh]
- URL for repository with work related to SWJ paper https://gitlab.isis.tuwien.ac.at/wellfort/wellfort-swj
- 13:37:31 [harsh]
- DataSHIELD used for Trusted environment https://datashield.org/
- 13:39:27 [harsh]
- Suggestion/Question to DPV about updates and best-practices available
- 13:40:16 [harsh]
- * Links *
- 13:40:37 [harsh]
- Paper accepted for publication in Semantic Web Journal http://www.semantic-web-journal.net/system/files/swj2883.pdf
- 13:40:49 [harsh]
- * Q&A *
- 13:42:06 [harsh]
- inah: What are the implications of consent? Such as subject rights. And whether these can be represented using the vocabulary.
- 13:42:36 [harsh]
- fajar: This only models the attributes related to matching data categories
- 13:43:33 [harsh]
- inah: Does the user know the purpose the analyst uses or will use?
- 13:44:08 [harsh]
- fajar: User specifies purpose for "research" and when analyst uses a subclass of research, this is permitted
- 13:50:40 [harsh]
- harsh: consent should be modelled as explicit consent ; we're going to remove the boolean property and instead specify classes for which consent would be instantiated
- 13:50:51 [harsh]
- harsh: purpose should not be vague e.g. research, and should contain more context
- 13:51:00 [harsh]
- georg: how does user withdraw consent and how is this represented ?
- 13:51:06 [harsh]
- fajar: we have not modelled this yet
- 13:52:36 [harsh]
- paul: what is the frequency of data uploads / ingestion?
- 13:52:47 [harsh]
- harsh: do users have to give consent for every data being sent?
- 13:53:06 [harsh]
- fajar: this is set by app e.g. daily runs with its own consent or single consent being referenced
- 13:57:01 [harsh]
- paul: how do different organisations work with this ? do they set up their own instances?
- 15:05:46 [harsh]
- fajar: single platform as it allows different companies, especially SMEs to pool data and resources and get better benefits
- 15:05:51 [harsh]
- zakim, bye
- 15:05:51 [Zakim]
- leaving. As of this point the attendees have been harsh, fajar, :, paul, georg, julian, inah
- 15:05:51 [Zakim]
- Zakim has left #dpvcg
- 15:06:00 [harsh]
- rrsagent, publish minutes v2
- 15:06:00 [RRSAgent]
- I have made the request to generate https://www.w3.org/2021/12/01-dpvcg-minutes.html harsh
- 15:06:03 [harsh]
- rrsagent, set logs world-visible
- 15:06:18 [harsh]
- rrsagent, bye
- 15:06:18 [RRSAgent]
- I see no action items