Re: PROV-AQ security (privacy) considerations

That sounds reasonable, if not obvious, to me also (but worth saying, to avoid lawsuits later :)

--James

On Nov 6, 2012, at 9:50 AM, Timothy Lebo wrote:

> I think it is a great description and would be happy to see it included.
> 
> Regards,
> Tim
> 
> 
> On Nov 6, 2012, at 9:35 AM, Graham Klyne <GK@ninebynine.org> wrote:
> 
>> I'm working through some outstanding TODO issues in PROV-AQ.
>> 
>> There are some notes for discussion of potential privacy concerns. Based on these notes, I've drafted the following, which might be controversial:
>> 
>> [[
>>       Provenance information may provide a route for leakage of privacy-related information, combining as it does a diversity of information types with possible personally-identifying information; e.g. editing timestamps may provide clues to the working patterns of document editors, or derivation traces might indicate access to sensitive materials.  In particular, note that the fact that a resource is openly accessible does not mean that its provenance information should also be.  When publishing provenance, its sensitivity should be considered and appropriate access controls applied where necessary.  When a provenance-aware publishing service accepts some resource for publication, the contributors should have some opportunity to review and correct or conceal any provenance information that they don't wish to be exposed.
>> ]]
>> 
>> Are there any objections to this?
>> 
>> #g
>> 
>> 
> 
> 
> 


-- 
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.

Received on Tuesday, 6 November 2012 20:26:39 UTC