- From: Harshvardhan J. Pandit <me@harshp.com>
- Date: Sun, 9 Dec 2018 21:39:17 +0100
- To: public-dpvcg <public-dpvcg@w3.org>
Hello all, A few notes about Data Processing categories or types. First, GDPR provides several example of processing in its text. Personally, I find them confusing to distinguish from one another and to understand when a particular term is applicable. Since it is mentioned in the official text (GDPR), we would need to also adopt into our taxonomy. I would request the legal experts to suggest a way to interpret these if any, rather than trying to model them as an engineer. At a high level, we can distinguish these as * Data Collection * Data Sharing * Data Storage * Data Processing i.e. using the data (need a better term) * Data Transformations and its derivatives can be clumped together? Further attributes can be defined as: * is it automated (boolean?) * is it carried out by controller or third-party (processor) Looking up Data Collection, I came across an interesting paper: D. J. Solove, ‘A Taxonomy of Privacy’, Social Science Research Network, Rochester, NY, SSRN Scholarly Paper ID 667622, Feb. 2005 https://papers.ssrn.com/sol3/papers.cfm?abstract_id=667622 visual summary https://enterprivacy.com/wp-content/uploads/2018/09/A-Taxonomy-of-Privacy.pdf Which categorises collection as being via surveillance (observed) or interrogation (asked or obtained). I think these are good examples (except the terms used) to define the source categorisation for data collection. Regards, -- --- Harshvardhan J. Pandit PhD Researcher ADAPT Centre, Trinity College Dublin https://harshp.com/
Received on Sunday, 9 December 2018 20:39:41 UTC