4. What are the main obstacles?
• Compliance with legislation?
• Data acquisition, management and exchange requirements? In
particular w.r.t Data Quality?
• How to facilitate innovation through adaptive data frameworks?
• How to facilitate contractual aspects for data services?
• How to protect data consistently with its value, ownership and
usage? Usage Control? Derived data?
• Limitations of data analytics and machine learning?
• How to anticipate possible uses and knowledge that can be
extracted from the data?
5. Policy-Based Techniques for Data
Management and Compliance
• Policies (rules) can be expressed to define data handling
procedures, legal requirements (under a given interpretation), …
• Over the last 10-15 years significant advances have been made
that enable to:
• Verify data handling traces against policy requirements
• Analyse complex policy sets
• Specify policy at higher levels of abstraction and refine it.
• Learn policies from practice.
6. Policy (Rule) Based Systems
Policy Refinement
Policy Learning
Policy
Specification
Policy Analysis
Policy Deployment
and Enforcement
7. Adaptive Data Frameworks
• Data acquisition and management frameworks are governed by
the first intended use.
• Cost/performance aspects require frameworks that provide
sufficient data quality but not more.
• How can we realise dynamically adaptive data frameworks
where the collection, management and aggregation can be
dynamically re-programmed at low cost?
• Is there an appetite for investing in such frameworks?
8. Data Sharing (Usage) Agreements = SLAs
for Data Services
• The specification, monitoring and (partially) automated
enforcement of Service Level Agreements has played a
significant role in the development of Internet and Web-
Services.
• There is almost no equivalent work for Data Services.
• Applicable legislation
• Access and purpose of use
• Data handling requirements
• Data quality and delivery parameters
• Trust relationships for automated enforcement
11. Data Protection Requirements
• Derived data could be automatically protected based on a)
contract requirements b) knowledge of the transformations
that will be applied.
• Which models are likely to dominate?
• To what extent is data protection an obstacle to the
development of data market places?
• Is data usage control necessary to maximise profit and value?
Contractual
(Legal) Enforcement
Only
Access Control Policy
with Client
Enforcement
Rights
Management
Rights
Management
with TPM and
attestation
12. Anticipating Future Uses
• If only we could anticipate what the data could be used for …
• We could determine its privacy implications.
• We could estimate its value to somebody else.
• We could anticipate the risk of misuse.
• We could identify new avenues of exploitation.
• But we can’t. http://pleaserobme.com/
• (Crowdsourced) Exploration of the data space?
• Hybrid human/machine analysis of data to derive knowledge.
13.
14.
15. From Data to Value and back again
Sensing &
Crowd sensing
Usage control
Privacy
From Data to Knowledge
Data Quality
Data sharing, storage
and use
Data Value, Risk &
Economic Models
16. What are the main obstacles?
• Compliance with legislation?
• Data acquisition, management and exchange requirements? In
particular w.r.t Data Quality?
• How to facilitate innovation through adaptive data frameworks?
• How to facilitate contractual aspects for data services?
• How to protect data consistently with its value, ownership and
usage? Usage Control? Derived data?
• Limitations of data analytics and machine learning?
• How to anticipate possible uses and knowledge that can be
extracted from the data?