2. Companies whose business models rely on personal data and
for which the GDPR is both a challenge and an opportunity
Data subjects who would like to declare, monitor and optionally
revoke their (often not explicit) preferences on data sharing
Regulators who can leverage technical means to check
compliance with the GDPR
2013 2014 2015 2016 2017 2018
Draft of the regulation
7/22/2012
Revisions in the draft
3/12/2013
Discussions in the EU Council
5/19/2014
EU Council finalises the chapters
8/6/2015
Trilogue starts
6/24/2015
Trilogue agrees
12/17/2015
Comes into effect
5/25/2018
Scalable Policy-awarE Linked Data arChitecture
for prIvacy, trAnsparency and compLiance (SPECIAL)
2
2019
SPECIAL
Kickoff
Jan 2017
SPECIAL
Ends
Dec2019
3. http://themerkle.com/slur-io/
Data Market
Data Lake
The Big Data Ecosystem
Data Spaces
https://www.internationaldataspaces.org/wp-
content/uploads/dlm_uploads/2019/07/20190625-1500-Common-European-
Industrial-IoT-by-Arian-Zwegers.pdf
https://solutionsreview.com/data-integration/the-emergence-of-data-lake-pros-and-cons/
How will the
GDPR effect my
fishing?
4. Big Data & Anonymisation
Primary challenges:
It is hard to give guarantees
with respect to anonymity
There is a tradeoff between
anonymity and utility
8. Data & Data Driven Services
The World Wide Web
1989 The original proposal for the Web
https://www.w3.org/History/1989/proposal.html
9. Data & Data Driven Services
How can we ensure Interoperability?
• Globally Unique identifiers
• A common protocol
• Links between Documents
URIs
HTTP
href
10. Data & Data Driven Services
The Semantic Web & Intelligent Agents
2001 The Semantic Web
https://www.scientificamerican.com
Image by Radar Networks; Nova Spivak
http://memebox.com/futureblogger/show/824
14. www.sabrinakirrane.com#me
foaf: workplaceHomepage
https://www.wu.ac.at/en/Infobiz/
www.axelpolleres.com#me
• Globally Unique identifiers
• A common protocol
• Links between Documents
• Globally Unique identifiers
• A common protocol
• Typed Links between Entities
URIs
HTTP
href
HTTP
RDF
URIs
Data & Data Driven Services
How can we ensure Interoperability?
• Common data model for encoding data (triples)
• Common ways of serialising data (syntaxes)
• Well-defined languages for saying what terms mean (semantics)
• Common ways to query data (query languages)
15. Data & Data Driven Services
Distributed Data Sources
https://www.europeandataportal.eu/en/homepage
When it comes to
datasets this is just
the tip of the
iceberg….
16. Data & Data Driven Services
Privacy Preferences
Data & Data
Driven
Services
Regulators
Companies/
Service
Providers
Customers/
Service Users
Privacy
Preferences
Legal
Policies
Contracts/
Terms of use
17. • Available for download via the SPECIAL website:
https://www.specialprivacy.eu/publications/pu
blic-deliverables
• An unofficial draft specification has been
published online
https://www.specialprivacy.eu/platform/ontolo
gies-and-vocabularies
Privacy Preferences
How can we ensure Interoperability?
19. Data & Data Driven Services
Terms of Use
Data & Data
Driven
Services
Regulators
Companies/
Service
Providers
Customers/
Service Users
Privacy
Preferences
Legal
Policies
Contracts/
Terms of use
20. • Modeling licenses using the Open
Digital Rights Language
• Dependency modeling
• Conflict detection & Resolution
Automated Rights Clearance Using Semantic Web Technologies: The DALICC Framework, Tassilo Pellegrini, Victor Mireles, Simon Steyskal, Oleksandra Panasiuk, Anna Fensel, and
Sabrina Kirrane, Semantic Applications: Methodology, Technology, Corporate Use, Springer Semantic Applications, Methodology, Technology, Corporate Use, 2018
W3C
Recommendation
Contracts & Terms of Use
How can we ensure Interoperability?
22. Data & Data Driven Services
Legal Policies
Data & Data
Driven
Services
Regulators
Companies/
Service
Providers
Customers/
Service Users
Privacy
Preferences
Legal
Policies
Contracts/
Terms of use
23. • Modeling regulatory obligations
using an adaption of the Open
Digital Rights Language
• Automated compliance checking for
business policies
ODRL policy modelling and compliance checking, Marina De Vos, Sabrina Kirrane, Julian Padget and Ken Satoh, Proceedings of the 3rd International Joint Conference on Rules
and Reasoning (RuleML+RR 2019)
Draft
Specification
Legal Policies
How can we ensure Interoperability?
24. • Extracting temporal and event data
from legal text
• Modeling metadata relating to
legislation and cases in a legal
knowledge graph
Interlinking Legal Data, Erwin Filtz, Sabrina Kirrane and Axel Polleres, Proceedings of the Posters and Demos Track of the 14th International Conference on Semantic Systems
(SEMANTiCS 2018)
Multilingual Cross
Jurisdiction
Compliance Tools
Legal Policies
Challenge: Cross Jurisdiction
25. Data & Data Driven Services
Challenges & Opportunities
26. • Standardisation of vocabularies (e.g., privacy, legal, licensing) is
difficult
• Privacy is only the tip of the iceberg, from a usage control perspective
we also need to consider other regulations, licenses, social norms,
cultural differences
• There are cognitive limitations in terms of understanding how data is
/will be used
• Ensuring such systems are comply with usage constraints is a crucial
to success (i.e., all usage policies are adhered to and the system as a
whole works as expected)
• We need to embrace distributed and decentralised systems, which
complicates things further
Data Value Chains
Challenges & Opportunities
27. Thank you / contact details
Technical/Scientific contact
Sabrina Kirrane
Vienna University of Economics and Business
sabrina.kirrane@wu.ac.at
Administrative contact
Jessica Michel Assoumou
ERCIM W3C
jessica.michel@ercim.eu
The project SPECIAL (Scalable Policy-awarE linked data arChitecture for prIvacy, trAnsparency
and compLiance) has received funding from the European Union’s Horizon 2020 research and
innovation programme under grant agreement No 731601 as part of the ICT-18-2016 topic
Big data PPP: privacy-preserving big data technologies.
Editor's Notes
Firstly what is SPECIAL
SPECIAL stands for Scalable Policy Linked Data Architecture for Privacy, Transparency & Compliance
In SPECIAL we are:- enabling data subjects to have more control over how their personal data is handled- enabling regulators to verify that companies are complying with the GDPR
- enabling companies to continue to innovate in light of the GDPR
....
First I want to set the scene….
When SPECIAL started in 2017 there was a lot of talk about Data Lakes….. And companies were particularly interested using data analytics and data science in order to uncover new insights from data and develop innovative projects and services....
There has also been work on how to better leverage our data assets, for instance via data markets and data spaces
Making it easier for product and service providers to get access to good quality data
Pushing research and innovation forward by builing domain specific data spaces
There are many people that believe that anonymisation and data synthesis is the way forward…..
Of course this is very attractive, especially considerng that according to the GDPR – The principles of data protection do not apply to anonymous data
However there are two primary challenges here:
Primary challenges:
It is hard to give guarantees with respect to anonymity especially when data is aggregated
There is a tradeoff between anonymity and utility
So what is the alternative…...
Essentially in SPECIAL we believe that metadata in the form of constraints is the answer…..
In this figure we see the three different stakeholder groups:
Data Subjects – Custoers & Service Users – who want to specify their privacy preferences
Regulators – legal policies e.g. GDPR Requirements
Companies - Service Providers – who need to specify contracts and terms of use
Although SPECIAL is not an AI project, in keeping with the AI and Interoperability theme of this session
in this talk I plan to give an indication as to how the technical foundations of SPECIAL could underpin internet of things, cyber physical social system, autonomous cars…. In this talk we will focus on intelligent agents,
The figure on the left is the original proposal for the Web by Tim Berners Lee
One option would be to leverage Semantic Web Technology
The Resource Description Framework (RDF), which underpins the Semantic Web, is used to represent and link information, in a manner which can be interpreted by both humans and machines.
The Semantic Web is woven into the fabric of the Web
Explain URIs, HTTP, & HREF
The figure on the left is the original proposal for the Web by Tim Berners Lee
The Resource Description Framework (RDF), which underpins the Linked Data Web (LDW), is used to represent and link information, in a manner which can be interpreted by both humans and machines.
Essentially it is a tuple composed of three attributes: Subject, Predicate and Object
When combined the attributes form a graph
The usage of RDF and URIs shall enable the deployment of a linked network of distributed ledgers instead of a single, monolithic (central or P2P ledger). Here it would be interesting to look into efforts for modularising and linking between distributed ledgers such as the recent interledger protocol [8] proposal.
When combined the attributes form a graph
The usage of RDF and URIs shall enable the deployment of a linked network of distributed ledgers instead of a single, monolithic (central or P2P ledger). Here it would be interesting to look into efforts for modularising and linking between distributed ledgers such as the recent interledger protocol [8] proposal.