- From: Harshvardhan J. Pandit <me@harshp.com>
- Date: Sun, 17 Feb 2019 00:57:11 +0530
- To: public-dpvcg <public-dpvcg@w3.org>
- Message-ID: <2f425846-2980-8d46-2dfa-e3db71f083c1@harshp.com>
Hi Fajar, Everyone. See the email below, where the creator of the EnterPrivacy data categories has shared (attached) the spreadsheet containing the terms and definitions. I've updated the terms and definitions in the ontology on Github, where each term has a label and attribution (rdfs:isDefinedBy) and definition where possible. The spreadsheet has also been put in the Github repo. Moving forward, I want to do a few things, and would like to know what you think about them. 1) singular vs plural: I was confused if we should keep the terms in their plural form or singular form - I prefer the singular from a purely philosophical point of view e.g. an ontology about animals will have a class called Cat and not Cats. The source (PDF) contains terms in the plural because I think this is how we refer to them in daily life. 2) clean up terms: some of the terms can be confusing on their own without an achor to the context e.g. Account by itself is vague, but if we see the hierarchy, it is under Finance. So I renamed it to FinanceAccount. I think we need to go through each terms and clean them similarly. 3) Relationships between terms: this is tricky, and there are several different types of relationships here. One type is part-of, such as Account and Account Number, another is source, such as IPAddress and Location. We need to identify such relationships, and also find a way to represent them in the ontology. We can create a separate ontology for these, and keep the current one only as a taxonomy or a thesauri. Best, Harsh P.S. Thanks to Mark for the connection and speeding this up, and thanks to Jason for providing the data in a spreadsheet. -------- Forwarded Message -------- Subject: Re: [subject] Categories of Date: Fri, 15 Feb 2019 10:32:11 -0500 From: R. Jason Cronk <rjc@privacymaverick.com> To: Mark Lizar <mark@openconsent.com> CC: Harshvardhan J. Pandit <harshvardhan.pandit@adaptcentre.ie> Mark and Harsh, Please see attached. Hopefully this meets your needs. It looks like I'm a member of the group now. I'll have to read through available documentation to see what else the group is working on. I do want say I have several other categories/taxonomies I use that may be beneficial, including Dan Soloves' Taxonomy of Privacy Jaap-Henk Hoepman's Control Strategies and Tactics FAIR based Privacy Risk Analysis and a few others of my own design Jason .*.*.*.*................................................................. R. Jason Cronk | Juris Doctor Privacy and Trust Consultant | IAPP FIP, CIPT, CIPM, CIPP/US, PbD Ambassador *Enterprivacy Consulting Group <http://www.enterprivacy.com/>* | Author ofStrategic Privacy by Design <https://iapp.org/store/books/a191a00000345yDAAQ/> /Privacy notices made simple: https://simpleprivacynotice.com <https://simpleprivacynotice.com/> /.................................................................... *Upcoming Training** *Privacy by Design Professional:Cyprus (April <https://enterprivacy.com/cyprus-training/>), Belarus - English/Russian (July) Online (coming soon):https://privacybydesign.training <https://privacybydesign.training/> ----- Original Message ----- From: "Mark Lizar" <mark@openconsent.com> To: "R. Jason Cronk" <rjc@privacymaverick.com> Cc: "Harshvardhan J. Pandit" <harshvardhan.pandit@adaptcentre.ie> Sent: Tue, 12 Feb 2019 17:02:19 +0000 Subject: Re: [subject] Categories of Thanks Jason, This is great ! I am cc’ing Harsh as he is managing the details. If you could provide an attribution license to the W3C DPVC CG, then this would enable them to use this as a starting point. If you could also provide the latest spreadsheet along with the license, then we could use this as the starting point. These materials would then end up on the W3C wiki and we can iterate and discuss it from there. As for the application to join the group, it was a bit tricky for me, I think its pretty automated now. If you have any issues joining let me or better yet Harsh know and we can help. - Mark On 12 Feb 2019, at 16:43, R. Jason Cronk <rjc@privacymaverick.com <mailto:rjc@privacymaverick.com>> wrote: Mark, Thanks for reaching back out to me. Unfortunately, given that I'm not in academia, there is no paper around this only my infographics. You can find the latest version at https://iapp.org/resources/article/categories-of-personal-data/ Happy to offer an attribution only license. Jason P.S. I submitted a request to join though don't know how actively I can participate. .*.*.*.*................................................................. R. Jason Cronk | Juris Doctor Privacy and Trust Consultant | IAPP FIP, CIPT, CIPM, CIPP/US, PbD Ambassador *Enterprivacy Consulting Group <http://www.enterprivacy.com/>* | Author ofStrategic Privacy by Design <https://iapp.org/store/books/a191a00000345yDAAQ/> /Privacy notices made simple: https://simpleprivacynotice.com <https://simpleprivacynotice.com/> /.................................................................... *Upcoming Training** *Privacy by Design Professional:Cyprus (April <https://enterprivacy.com/cyprus-training/>), Belarus - English/Russian (July) Online (coming soon):https://privacybydesign.training <https://privacybydesign.training/> ----- Original Message ----- From: "Mark Lizar" <mark@openconsent.com <mailto:mark@openconsent.com>> To: "R. Jason Cronk" <rjc@privacymaverick.com <mailto:rjc@privacymaverick.com>> Cc: "Harshvardhan J. Pandit" <harshvardhan.pandit@adaptcentre.ie <mailto:harshvardhan.pandit@adaptcentre.ie>> Sent: Tue, 12 Feb 2019 14:07:10 +0000 Subject: Re: [subject] Categories of Greeting Jason, Its been a little while since I was in touch. I hope you are doing well. I wanted to let you know that I have submitted these categories to the W3C group -Data Privacy Vocabulary and Controls WG, as the Kantara Initiative was not standardising semantics. This W3C Group has asked me to reach out to you and invite you to participate and to see if there is a) a paper that supports these categories b) if there has been any progression in this work. Here is a link to the CG https://www.w3.org/community/dpvcg/, for more information you can ask me or Harsh (cc’d). Best Regards, Mark On 15 Aug 2017, at 20:10, R. Jason Cronk <rjc@privacymaverick.com <mailto:rjc@privacymaverick.com>> wrote: Mark, Attached is the spreadsheet with the Categories of Personal Information as I distributed on my infographic, along with definitions and examples. Thank you for the invite to participate. I will look into joining the group, though my time is stretched thin at the moment, so I'm not sure how much I can contribute. Jason -- R. Jason Cronk, JD IAPP Fellow of Information Privacy CIPM, CIPT, CIPP/US, PbD Ambassador *Privacy and Trust Consultant* Enterprivacy Consulting Group <http://www.enterprivacy.com/> [Upcoming Advanced Privacy by Design Workshops in October:Atlanta <https://www.eventbrite.com/e/advanced-privacy-by-design-workshop-atlanta-ga-oct-2017-tickets-35888070184>] On 2017-08-15 13:30, Mark Lizar wrote: Hi Jason, (I am ccing this to the CISWG mailing list). Apologies for the delayed response, specification work can move quite slowly. I very much appreciate the re-use of the PI Categories and the offer to provide these in different formats, a spreadsheet would be most helpful for Consent Receipt specification work. We are discussing the use of these PI categories for reference in the work we are working on now. Our intent is to use these for PI Categories as defined in ISO 29100 and not PII. The proposed use of these PI Categories are currently being discussed for use in purpose specification for the creation of consent receipts and PII. In this regard, I can confirm we will not represent these categories as PII categories. Lastly, we would like to invite you to the Kantara CISWG workgroup so you can see how we put this great work to use :-) More information about jointing can be found at https://kantarainitiative.org/confluence/display/infosharing/Home [3 <https://kantarainitiative.org/confluence/display/infosharing/Home>] where there is a link to join both the WG and the mailing list. Kind Regards, Mark On 30 May 2017, at 11:25, R. Jason Cronk <rjc@privacymaverick.com <mailto:rjc@privacymaverick.com>> wrote: Hi Mark, Feel free to use this PDF in it's original form in any forum. As for additional uses, please let me know if you'd like a file with the text of the categories and description so you can use it in different formats. My only ask is that you use the term "Personal Information" rather than PII in reference to this categorization. I find the term PII has contextual limitations because much of personal information, which may be personal to me, is not identifying, i.e. my favorite color. Thus, in discussions, using "PII" immediately constrains the audience to a limited set of personal information. Also, I'm not sure what you mean by complete reference is your request below. Please clarify. -- R. Jason Cronk, JD IAPP Fellow of Information Privacy CIPM, CIPT, CIPP/US, PbD Ambassador PRIVACY AND TRUST CONSULTANT Enterprivacy Consulting Group [2 <http://www.enterprivacy.com/>] On 2017-05-29 05:22, WordPress wrote: From: Mark <mark@openconsent.com <mailto:mark@openconsent.com>> Message Body: Like your categories of personal information.. We would like to use and reference it for developing our PII categories for an effort Called the Consent Receipt at the Kantara Initiative. Could you please provide us with a complete reference for this and perhaps even some formal permission to use it ? Kind Regards, Mark -- This e-mail was sent from a contact form on Enterprivacy Consulting Group (http://enterprivacy.com <http://enterprivacy.com/>[1 <http://enterprivacy.com/>]) Links: ------ [1]http://enterprivacy.com/ [2]http://www.enterprivacy.com/ [3]https://kantarainitiative.org/confluence/display/infosharing/Home <information categories.ods> <Untitled.png>
Attachments
- application/vnd.oasis.opendocument.spreadsheet attachment: Categories_of_Personal_Information_V201902.ods
Received on Saturday, 16 February 2019 19:27:40 UTC