Re: ODRL Profile for Data Sovereignty from Joshua Cornejo on 2024-08-16 (public-odrl@w3.org from August 2024)

From: Joshua Cornejo <josh@marketdata.md>
Date: Fri, 16 Aug 2024 10:53:47 +0100
To: Harshvardhan Pandit <me@harshp.com>, "Hosseinzadeh, Arghavan" <arghavan.hosseinzadeh@iese.fraunhofer.de>, "public-odrl@w3.org" <public-odrl@w3.org>
CC: "Chwalek, Jessica" <jessica.chwalek@iese.fraunhofer.de>, "Brandstädter, Robin" <robin.brandstaedter@iese.fraunhofer.de>, "Feth, Denis" <denis.feth@iese.fraunhofer.de>
Message-ID: <B4946E5A-2005-4359-A2F9-8142DFD06F67@marketdata.md>

Pandit,

You could also put the case forward that :emergency is an instance of an action.

odrl:Actions are edges to move the targets'/functions' vertices that represent [some implicit policy] state [machine?], the semantics being defined: https://w3c.github.io/odrl/formal-semantics/.

For example, a separate use case might be: "when :emergency -> an InformedParty must log the event".

And example 3 could change to:

      "action": "use",
      "constraint": [{
        "leftOperand": "odrl:purpose",
        "operator": "eq",
        "rightOperand":  [{ "@value": "emergency" }],
        "ods:hasPIP": [{
           "@type":"ods:PIP",
           "ods:interfaceDescription":{ "@value":"?interfaceURI", "@type":"xsd:anyURI" }, 
           "ods:endpointURI":{ "@value":"?endPointURI", "@type":"xsd:anyURI" } 
       }]

Regards,
___________________________________
Joshua Cornejo
marketdata <https://www.marketdata.md/>
embed open standards 
across your supply chain

On 16/08/2024, 08:13, "Harshvardhan Pandit" <me@harshp.com> wrote:

    Hi.
    Thank you for sharing this work. I find it to be of interest.
    
    I see the work linked to Mydata and IDSA. And on the mydata-control.de 
    page you mention GDPR. Therefore is it accurate to infer that this 
    profile is also intended to be used for use of personal data? If yes, 
    then how does it relate to requirements such as legal basis (e.g. 
    consent), data transfers, etc.? I went through 
    https://profile.mydata-control.de/ods/#allow-data-usage-on-emergency 
    which seems like an use-case subject to the GDPR, but didn't see such 
    details there.
    
    In the examples provided, there are literals used in places such as 
    "emergency" (which is not clearly defined) 
    https://profile.mydata-control.de/ods/#allow-data-usage-on-emergency It 
    would be better to create a concept/class for this so as to express 
    information such as what kind of emergency, its duration, and so on.
    
    I think looking at Data Privacy Vocabulary (DPV) https://www.dpvcg.org/ 
    might be helpful for this kind of work. We aim to create a standardised 
    taxonomy that can be used e.g. with ODRL policies to express purposes 
    and different technical measures.
    
    Regards,
    Harsh
    
    On 15/08/2024 09:27, Hosseinzadeh, Arghavan wrote:
    > Dear ODRL Community Group,
    > 
    > We would like to register our ODRL profile. Here are the needed details 
    > of the profile:
    > 
    >   * Business name of the profile:
    >       o ODRL Profile for Data Sovereignty
    >   * Name and web URL of the party having created and planning to
    >     maintain the profile
    >       o Arghavan Hosseinzadeh, Jessica Chwalek, Robin Brandstädter from
    >         Fraunhofer IESE (https://www.iese.fraunhofer.de/
    >         <https://www.iese.fraunhofer.de/>)
    >   * Identifier of the profile
    >       o ODS
    >   * URL of the human-readable specification document
    >       o https://profile.mydata-control.de/ods/
    >         <https://profile.mydata-control.de/ods/>
    >       o https://github.com/Fraunhofer-IESE/ODS/
    >         <https://github.com/Fraunhofer-IESE/ODS/>
    >   * URL of the OWL Ontology and the name of the used format
    >       o RDF/Turtle:
    >         https://github.com/Fraunhofer-IESE/ODS/blob/main/ods-profile.ttl?raw=true <https://github.com/Fraunhofer-IESE/ODS/blob/main/ods-profile.ttl?raw=true>
    > 
    > Please, let us know if you need any further information.
    > 
    > Thank you and best regards
    > 
    > Arghavan Hosseinzadeh
    > 
    > ---
    > 
    > *Arghavan Hosseinzadeh *
    > 
    > Senior Security Engineer /
    > /Dept. Security Engineering
    > 
    > *Fraunhofer IESE *
    > 
    > Fraunhofer-Platz 1 | 67663 Kaiserslautern
    > 
    > +49 631 6800-2169
    > 
    > _arghavan.hosseinzadeh@iese.fraunhofer.de 
    > <mailto:arghavan.hosseinzadeh@iese.fraunhofer.de>_
    > 
    > _www.iese.fraunhofer.de <https://www.iese.fraunhofer.de/>___
    > 
    > -------------------------------------------------------------------------
    > 
    > ++ Data sovereignty with the help of Data Usage Control ++ 
    > <https://www.iese.fraunhofer.de/en/services/security/cyber-security/usage_control.html>__
    > 
    > -------------------------------------------------------------------------
    > 
    
    -- 
    ---
    Harshvardhan J. Pandit, Ph.D
    Assistant Professor
    ADAPT Centre, Dublin City University
    https://harshp.com/

Received on Friday, 16 August 2024 09:53:53 UTC