personal data policy from Tim Holborn on 2014-07-09 (public-rww@w3.org from July 2014)

From: Tim Holborn <timothy.holborn@gmail.com>
Date: Wed, 9 Jul 2014 20:23:43 +1000
To: public-rww <public-rww@w3.org>
Message-Id: <D43796DA-8BA3-4623-BA95-B72C4B54E652@gmail.com>

Hi All,

I’ve been looking at a perceived privacy issue that is very broad in nature but especially effects LD applications.

Personal data, in its many forms, is often not considered ‘Content’ but rather ‘data’.

Types of Personal Data might include sensor data from GPS, telephony or health or other devices, information required by merchants for shipping, billing, transactions as well as weblogs, FOAF File data, etc.

Perhaps also http://pando.com/2013/10/26/i-challenged-hackers-to-investigate-me-and-what-they-found-out-is-chilling/ article outlined quite well the challenges put by web-scale, in relation to personal data.

SO; i figured, perhaps a system similar to creative commons could be created to provide a method to assert a privacy principle surrounding data provided - or select a privacy / data principle in relation to a service.

Reasonably; with special regard to decentralised opportunities, a user in the future may be able to select from an array of standardised positions, such as.

- use my data for the transaction purpose only
- add me to your loyalty program (perhaps permissions therein)
- share my details to your partners, associates and sponsors (equally - perhaps for a specified purpose - i.e. for the purpose of promoting this online petition…).

secondly; an aspect relating to the data storage and accessibility of data stored by 3rd parties about an individual becomes a secondary inclusion.

- We’ll store your details securely in our database (you don’t have access to it).
- We’ll store your details securely and provide you an administration interface
- We’ll store your details and you can delete / append / modify / change privacy settings
- We’ll store your details and give you a copy (perhaps 5 star linked data?)
- You can store the data, we’ll get it from you when we need it, but store a back-up
- You store your data, if you loose it you’ll need to create a new credential to gain access.

I’ve found http://wiki.creativecommons.org/CC-inspired_projects_for_Terms_of_Service_and_Privacy_policies

I’m aware of PAW, HTTPA, WAC and an array of other related projects looking more specifically at ACL related functions. The concept herein; is not to enforce a policy, but rather to notate it. I’m thinking perhaps a means might be to consider how to create a W3 Community Group surrounding the development of a solution in this area, however am not sure about the scope such an initiative should take-on (i.e. it could include other privacy / personal data policy related technologies) and am overall wondering what views exist out in the community around this perceived problem, and how best to attend to it.

I also note; commercially - i imagine a vendor may provide a discount if a purchaser participates in a loyalty program, and that as a technology vendor - these types of technologies would assist in expanding the opportunities for smaller businesses (vendor customers in some instances i’d assume) to use more advanced features, lowering compliance costs with Privacy laws in different states whilst enhancing a users opportunity to consider ‘trust’ when asked whether they want to facilitate some transaction with a relatively unknown brand / entity.

beyond that; we’ve got foaf profiles. What ‘license’ have we asserted to the use of the information in the FOAF file?

Cheers.

Tim.H.

Received on Wednesday, 9 July 2014 10:26:54 UTC