- From: Harshvardhan J. Pandit <me@harshp.com>
- Date: Thu, 5 Mar 2020 20:01:09 +0000
- To: public-dpvcg@w3.org
- Message-ID: <50845e7e-840a-f9ea-ece7-33c552ff8e54@harshp.com>
Dear All, I agree with Georg's (of Signatu) comments in an earlier email [1] regarding potential use towards global privacy laws. In terms of actions, I propose: 1) Make DPV generic in its definition of concepts a. Identify which concepts are defined based on GDPR in the current iteration - such as in the definition b. Decouple them from the GDPR i.e. move the GDPR specific items to comments/description and have a generic definition 2) Identify relevant global privacy laws and standards as requirements a. I propose including CCPA (California Consumer Protection Act) [2] for legal basis and concepts; and ISO privacy standards (27000-series) as notation of technical and organisational measures b. Identify concept overlap/reuse - and what needs to be added i.e. for compatibility Personally, I am enthusiastic about the potential of DPV, and how it can be used for challenges we are facing regarding transparency in use of AI - and as any future regulation about AI would rely on existing data protection and privacy laws, the DPV could provide the basis of representing data protection/privacy practices. Regards, Harsh [1] Public mailing list https://lists.w3.org/Archives/Public/public-dpvcg/2020Mar/0002.html [2] Assembly Bill No. 35 https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375 On 02/03/2020 13:53, Georg Philip Krog wrote: > *2. A suggestion to make a dpv that is global/universal* > > Currently, the dpv is specific for the EU/GDPR. > > A universal dpv should have a structure that allows for meta mapping > of the same concepts that are named differently in different > jurisdictions/law regimes. > -- --- Harshvardhan Pandit PhD Researcher ADAPT Centre Trinity College Dublin
Received on Thursday, 5 March 2020 20:01:26 UTC