Re: personal data policy

On 9 Jul 2014, at 9:08 pm, Kingsley Idehen <kidehen@openlinksw.com> wrote:

> On 7/9/14 6:23 AM, Tim Holborn wrote:
>> Reasonably; with special regard to decentralised opportunities, a user in the future may be able to select from an array of standardised positions, such as.
>> 
>> - use my data for the transaction purpose only
>> - add me to your loyalty program (perhaps permissions therein)
>> - share my details to your partners, associates and sponsors (equally - perhaps for a specified purpose - i.e. for the purpose of promoting this online petition…).
>> 
>> secondly; an aspect relating to the data storage and accessibility of data stored by 3rd parties about an individual becomes a secondary inclusion.
>> 
>> - We’ll store your details securely in our database (you don’t have access to it).
>> - We’ll store your details securely and provide you an administration interface
>> - We’ll store your details and you can delete / append / modify / change privacy settings
>> - We’ll store your details and give you a copy (perhaps 5 star linked data?)
>> - You can store the data, we’ll get it from you when we need it, but store a back-up
>> - You store your data, if you loose it you’ll need to create a new credential to gain access.
>> 
>> I’ve found http://wiki.creativecommons.org/CC-inspired_projects_for_Terms_of_Service_and_Privacy_policies
> 
> You can't ask someone to perform these data access tasks on your behalf, and expect it to happen without privacy (self calibration of one's vulnerability, in any realm).
> 
At the moment it seems the ‘native state’ of belief - is that in-order for a system to obtain ‘critical mass’ xx% will not read the policy, x/xx% will read, but will be required to agree (because their friends asked them to join, or whatever) and the rest will be left out till they join the other two groups. 

Underlying that - is perhaps a psychological principle?  that if you make it too complicated - people will give-up and agree.  Squeaky wheel gets the grease…  

It’s not my suggestion that i can enforce a policy by way of a creative-commons like mechanism - but rather, provide a capability where someone can declare the principal - like sticking the URI in your FOAF file…. 

> What you can do is publish you data from a personal data space that provides you with the ability to construct data access controls or policies. On the Web, such a system is basically what you end up with when the following are put to proper use:
> 
> 1. HTTP URIs
> 2. RDF statements
> 3. Logic.
> 
understood ;)

> You can invert the current model (where they take your data for the illusion of $0.00 services on the Internet & Web), and leverage the nature of being a human individual en route to achieving all of the above. Remember, social network service providers can't really stop you creating encrypted content in the data space they provide i.e., in the most extreme cases, you can leverage symmetric and asymmetric data encryption. Email (where most privacy compromises start) has always had S/MIME (broadly implemented across existing operating systems -- desktop to mobile) as mechanism for achieving this goal, at internet scale. Add some RDF and Logic, and it works even better at Web-Scale, for instance.
> 
re: “companies work for $0 - yeah - we understand - we’re experts in the field. We’re one of the few, and i’d put beyond that your probably one of the very few within the group that is only a few, et.al… 

The nature of commerce always depended upon the concept of ‘agreement’. the creative commons approach is not simply RDF.  Yet, GraphDB’s inherently require a new form of thinking around how to approach this arena of dev. 

I was looking for http://www.w3.org/2007/09/map/main.jpg and found http://www.w3.org/2008/Talks/0610-rpi-tbl/

> Government is only useful (re., construction and evolution of relevant laws) when they properly understand privacy in the digital realm.
> 

I think the laws exist. it’s about the implicit agreements made, and the ‘catch-up’ needed for an LDP enabled world.  ATM; we’ve got institutional fragmentation of identity related data.  If that’s pulled into data-spaces, I think we need to be more explicit about the use-cases we’re entering into, in relation to that data.  

Given the scope, i figured W3C community group might be a good conduit; given the broad scope of engagement and perhaps also - community groups located in local territories that might in-turn assist in supporting local requirements, etc.  Yet, i’m not particularly sure.  I know it’s relationship to RDF (especially) whilst understanding the broader potential implications…  

Speaking with GOV. Rep. today - it seems he feels it’s not his role to provide leadership in this area, which was disappointing, but accepted.  Other groups provided enormously positive feedback - so, i’m reflecting that back to the community in seeking to define some next steps...

> -- 
> Regards,
> 
> Kingsley Idehen	
> Founder & CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog 1: http://kidehen.blogspot.com
> Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen
> Twitter Profile: https://twitter.com/kidehen
> Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
> Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this
> 
>