IRC log of dpvcg on 2022-05-25
Timestamps are in UTC.
- 21:59:15 [RRSAgent]
- RRSAgent has joined #dpvcg
- 21:59:15 [RRSAgent]
- logging to https://www.w3.org/2022/05/25-dpvcg-irc
- 21:59:26 [Zakim]
- Zakim has joined #dpvcg
- 21:59:30 [harsh]
- ScribeNick: harsh
- 21:59:32 [harsh]
- Meeting: DPVCG Meeting Call
- 21:59:35 [harsh]
- Chair: harsh
- 21:59:44 [harsh]
- Present: harsh, georg, paul, julian, beatriz
- 21:59:51 [harsh]
- Date: 25 MAY 2022
- 22:00:04 [harsh]
- Agenda: https://lists.w3.org/Archives/Public/public-dpvcg/2022May/0002.html
- 22:00:54 [harsh]
- Note -> Today is GDPR's 6th anniversary since publication, and 4th since enforcement. Happy GDPR Day!
- 22:01:06 [harsh]
- Topic: Technology Concepts
- 22:03:20 [harsh]
- In the previous meeting, we stopped the discussion where technology concepts were to be re-ordered to better align with the Processing taxonomy. In this meeting, we continue that discussion.
- 22:03:45 [harsh]
- georg: Why separate technology? It would be better to have this written down as explanation / motivation.
- 22:05:10 [harsh]
- Note to write technology extension text specifying: 1) Why we need separation of concepts 2) Relation with Tech/Org Measures 3) Modelling capability vs concept of technology 4) Benefits regarding providing expandable concepts in terms of taxonomy as well as ontological model separate from DPV and 5) Better aligning with sources such as ENISA and ISO
- 22:05:32 [harsh]
- Harsh presents a different structure for the taxonomy
- 22:06:19 [harsh]
- Top concepts `DataTechnology` and `ProcessingTechnology` that represent technologies acting on data and technologies performing or enabling processing
- 22:07:02 [harsh]
- These are further expanded as: Data - (same as processing) DataUseTechnology, DataStorageTechnology, etc. Processing - Application, Device, VM, Server, etc. - anything on which processing happens or takes place.
- 22:07:34 [harsh]
- These two can be combined to specify things such as Server (processing) for Storage (data) as `DataStorageServer`
- 22:08:28 [harsh]
- Service and Product etc. as _market defined terms_ are removed from scope. Instead, the focus is on modelling how these represent a model of utilising technology, i.e. standalone app or software or a subscription that is continous or sporadically used
- 22:09:49 [harsh]
- Terms for actors regarding technology - `TechnologyProvider` for who provides it, `TechnologyDeveloper` for who develops it, `TechnologyUser` for who uses it, `TechnologySubject` for upon whom it is used. These terms are directly related to those defined within the AI Act i.e. AIProvider etc.
- 22:10:52 [harsh]
- The location where a technology is applied or used is separated as the concept `TechnologyLocation` to specify things such as on device, on a server, some specific geographical location
- 22:11:36 [harsh]
- Technologies which provide only an algorithm are specified as `AlgorithmicTechnology` and those that only provide management are `ManagementTechnology`.
- 22:12:32 [harsh]
- A `TechnologicalSystem` is a technology provided as a system e.g. software or app - it is sufficiently complete on its own, `TechnologicalComponent` is a technology provided as a component - e.g. plugin or script or library.
- 22:13:13 [harsh]
- The communication performed by technologies is represented by `CommunicationMechanism` which specifies how technologies communicate e.g. internet connectivity, wifi, bluetooth, etc.
- 22:14:07 [harsh]
- To associate technologies with specific concepts in DPV, e.g. processor or TOMS or actors, the property `relatedTo` is provided as a hint or guidance for where that technology can be useful
- 22:14:26 [harsh]
- georg: In all these, Data Security should be a priority for modelling based on practical needs
- 22:14:41 [harsh]
- julian: PETs (Privacy Enhancing Technologies) should also be modelled
- 22:14:49 [harsh]
- There was a discussion on Data Security vs Data Safety
- 22:15:24 [harsh]
- We discussed technologies based on how security, safety, and risk management is performed.
- 22:15:41 [harsh]
- Current proposal is to have SecurityTechnology with subconcepts for SecurityTech - Detection, Prevention, Mitigation, Monitoring
- 22:16:15 [harsh]
- Where detection refers to identifying vulnerabilities, prevention is preventing those from being exploited, mitigation is reducing impact, and monitoring is identifying if those have taken place
- 22:16:28 [harsh]
- Topic: Next Meeting
- 22:16:44 [harsh]
- We will meet again in one week, JUN-01 WED 14:00 CEST
- 22:17:09 [harsh]
- We will continue the discussion on technologies. This proposal will be cleaned up, organised, and shared by Harsh on the mailing list.
- 22:17:11 [harsh]
- zakim, bye
- 22:17:11 [Zakim]
- leaving. As of this point the attendees have been harsh, georg, paul, julian, beatriz
- 22:17:11 [Zakim]
- Zakim has left #dpvcg
- 22:17:17 [harsh]
- rrsagent, publish minutes v2
- 22:17:17 [RRSAgent]
- I have made the request to generate https://www.w3.org/2022/05/25-dpvcg-minutes.html harsh
- 22:17:19 [harsh]
- rrsagent, set logs world-visible
- 22:18:10 [harsh]
- rrsagent, bye
- 22:18:10 [RRSAgent]
- I see no action items