- From: <besteves@delicias.dia.fi.upm.es>
- Date: Thu, 30 Apr 2020 15:41:13 +0000
- To: "Harshvardhan J. Pandit" <me@harshp.com>
- Cc: public-dpvcg@w3.org
Great, didn't know, but if we already have it on the wiki we should definitly use it. Thanks, I'll have a look. Best, Beatriz Harshvardhan J. Pandit – Thu, 30. April 2020 16:36 > Hi Beatriz, > IMHO We should have this on the Wiki in its current state given that it > is accessible to everyone and is editable for members. > We already have a Wiki page detailing some existing terms - > www.w3.org/community/dpvcg/wiki/Rights > > If you think there is a lot of (structured) data to record, we can move > over the spreadsheets. > > Best, > Harsh > > On 30/04/2020 16:26, besteves@delicias.dia.fi.upm.es wrote: > > Thank you for your comments! > > > > To start, I'll create a Google Sheets with the rights and we can go from > there. > > I'll try to have it for the next call. > > Then latyer we can add it to the wiki once it is more mature. > > > > Thanks, > > Beatriz > > > > > > Info @ OC – Thu, 30. April 2020 15:59 > >> Quick Inline Comments , > >> > >> > >>> On 30 Apr 2020, at 09:52, Harshvardhan J. Pandit <me@harshp.com> wrote: > >>> > >>> Rights are definitely of interest and within scope of the work we are > >> looking (IMHO). > >> > >> +1 > >>> > >>> On 30/04/2020 13:19, besteves@delicias.dia.fi.upm.es wrote: > >>>> For starters, should we discuss which is the best way to do it? > >>>> Two options could be: > >>>> 1) add a new module (such as the purpose, processing, ... modules) to the > >> vocabulary > >>> My intuitive reaction was to have "Rights" as a top-level concept and > >> associated with a Personal Data Handling instance. > >>> However, this would not be the right way to go forward as 'rights' are not > >> necessarily associated with personal data handling/processing. For example, > >> Right to withdraw consent (GDPR) is associated with legal basis of consent. > >>> > >>> So I would propose that as the first exercise we use the Wiki to list down > >> the rights and the relevant concepts currently in DPV regarding those > (where > >> possible). > >>> Hopefully after this we would have some indication of where to model them > as > >> a concept. > >> > >> +2 - Rights are relative to the legal authority to process and in this way > are > >> applied to the context. The operational use of rights, (in my opinion is > >> achieved with Notice) Notice requirements are quite clear in the GDPR. > >> > >> For example a data subject has the right to object, a right to restrict > >> processing, a right to revoke consent, and right to Notice and privacy > >> information. - these vary according to legal justification, which is > (suppose > >> to be) required to be apart of a Notice . > >>> > >>> Conversely, another interpretation of 'rights' is as a policy - which > means > >> it would go beyond the scope of DPV (currently). > >>> In this case, we should aim to provide the terms required to express this > >> policy - which *is* the goal of DPVCG. > >> > >> I would suggest that - it would be first rights - then policy, (in terms of > >> order of governance operations.) > >> > >>> > >>>> 2) create a separate vocabulary (such as the one created for the legal > >> basis) > >>> Rights are tied to jurisdictional laws/legislations - much in the same way > >> as legal basis. > >>> So this makes sense. But instead of a separate vocabulary - we can add > them > >> to DPV-GDPR. > >>> > >>> However, do we create a separate module/extension for every jurisdiction? > >> (IMO yes) > >>> > >>> P.S. Minutes of meeting for yesterday are at > >> www.w3.org/2020/04/29-dpvcg-minutes.html > >> > >> Thank You ! > >>> I had trouble remembering how to use Zakim, RRSAgent. > >>> > >>> Regards, > >>> > >>> -- > >>> --- > >>> Harshvardhan Pandit > >>> PhD Researcher > >>> ADAPT Centre > >>> Trinity College Dublin > >>> > >>> > > -- > --- > Harshvardhan Pandit > PhD Researcher > ADAPT Centre > Trinity College Dublin
Received on Thursday, 30 April 2020 15:41:28 UTC