W3C home > Mailing lists > Public > public-rww@w3.org > July 2014

Re: personal data policy

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Wed, 09 Jul 2014 07:46:41 -0400
Message-ID: <53BD2BA1.8080207@openlinksw.com>
To: public-rww@w3.org
On 7/9/14 7:24 AM, Tim Holborn wrote:
>
> On 9 Jul 2014, at 9:08 pm, Kingsley Idehen <kidehen@openlinksw.com 
> <mailto:kidehen@openlinksw.com>> wrote:
>
>> On 7/9/14 6:23 AM, Tim Holborn wrote:
>>> Reasonably; with special regard to decentralised opportunities, a 
>>> user in the future may be able to select from an array of 
>>> standardised positions, such as.
>>>
>>> - use my data for the transaction purpose only
>>> - add me to your loyalty program (perhaps permissions therein)
>>> - share my details to your partners, associates and sponsors 
>>> (equally - perhaps for a specified purpose - i.e. for the purpose of 
>>> promoting this online petition…).
>>>
>>> secondly; an aspect relating to the data storage and accessibility 
>>> of data stored by 3rd parties about an individual becomes a 
>>> secondary inclusion.
>>>
>>> - We’ll store your details securely in our database (you don’t have 
>>> access to it).
>>> - We’ll store your details securely and provide you an 
>>> administration interface
>>> - We’ll store your details and you can delete / append / modify / 
>>> change privacy settings
>>> - We’ll store your details and give you a copy (perhaps 5 star 
>>> linked data?)
>>> - You can store the data, we’ll get it from you when we need it, but 
>>> store a back-up
>>> - You store your data, if you loose it you’ll need to create a new 
>>> credential to gain access.
>>>
>>> I’ve found 
>>> http://wiki.creativecommons.org/CC-inspired_projects_for_Terms_of_Service_and_Privacy_policies
>>
>> You can't ask someone to perform these data access tasks on your 
>> behalf, and expect it to happen without privacy (self calibration of 
>> one's vulnerability, in any realm).
>>
> At the moment it seems the ‘native state’ of belief - is that in-order 
> for a system to obtain ‘critical mass’ xx% will not read the policy, 
> x/xx% will read, but will be required to agree (because their friends 
> asked them to join, or whatever) and the rest will be left out till 
> they join the other two groups.
>
> Underlying that - is perhaps a psychological principle?  that if you 
> make it too complicated - people will give-up and agree.  Squeaky 
> wheel gets the grease…
>
> It’s not my suggestion that i can enforce a policy by way of a 
> creative-commons like mechanism - but rather, provide a capability 
> where someone can declare the principal - like sticking the URI in 
> your FOAF file….
>
>> What you can do is publish you data from a personal data space that 
>> provides you with the ability to construct data access controls or 
>> policies. On the Web, such a system is basically what you end up with 
>> when the following are put to proper use:
>>
>> 1. HTTP URIs
>> 2. RDF statements
>> 3. Logic.
>>
> understood ;)
>
>> You can invert the current model (where they take your data for the 
>> illusion of $0.00 services on the Internet & Web), and leverage the 
>> nature of being a human individual en route to achieving all of the 
>> above. Remember, social network service providers can't really stop 
>> you creating encrypted content in the data space they provide i.e., 
>> in the most extreme cases, you can leverage symmetric and asymmetric 
>> data encryption. Email (where most privacy compromises start) has 
>> always had S/MIME (broadly implemented across existing operating 
>> systems -- desktop to mobile) as mechanism for achieving this goal, 
>> at internet scale. Add some RDF and Logic, and it works even better 
>> at Web-Scale, for instance.
>>
> re: “companies work for $0 - yeah - we understand - we’re experts in 
> the field. We’re one of the few, and i’d put beyond that your probably 
> one of the very few within the group that is only a few, et.al…
>
> The nature of commerce always depended upon the concept of 
> ‘agreement’. the creative commons approach is not simply RDF.  Yet, 
> GraphDB’s inherently require a new form of thinking around how to 
> approach this arena of dev.
>
> I was looking for http://www.w3.org/2007/09/map/main.jpg and found 
> http://www.w3.org/2008/Talks/0610-rpi-tbl/
>
>> Government is only useful (re., construction and evolution of 
>> relevant laws) when they properly understand privacy in the digital 
>> realm.
>>
>
> I think the laws exist. it’s about the implicit agreements made, and 
> the ‘catch-up’ needed for an LDP enabled world.  ATM; we’ve got 
> institutional fragmentation of identity related data.  If that’s 
> pulled into data-spaces, I think we need to be more explicit about the 
> use-cases we’re entering into, in relation to that data.
>
> Given the scope, i figured W3C community group might be a good 
> conduit; given the broad scope of engagement and perhaps also - 
> community groups located in local territories that might in-turn 
> assist in supporting local requirements, etc.  Yet, i’m not 
> particularly sure.  I know it’s relationship to RDF (especially) 
> whilst understanding the broader potential implications…
>
> Speaking with GOV. Rep. today - it seems he feels it’s not his role to 
> provide leadership in this area, which was disappointing, but 
> accepted.  Other groups provided enormously positive feedback - so, 
> i’m reflecting that back to the community in seeking to define some 
> next steps...

If we map privacy in the real-world (sorta understood by politicians) to 
its equivalent in the digital realm (sorta understood by technologists) 
we will end up with what we need. Getting there, is the challenge as 
there are too many points of confusion (right now) impeding this 
desperately needed progress.

Note, when I refer to "RDF" is am actually referring to a language 
rather than any specific notation used to inscribe data representation 
to documents. Unfortunately, specific notations orientation of most RDF 
specs is still a source of confusion and conflict :(

We need to get the folks to perceive RDF as a Language for representing 
the nature and manifestation or entity relationships, using a variety of 
notations. Once that's out of the way, folks will start thinking more 
about the implications of entity relations semantics (which underlie 
everything) first, instead of thinking (as is often the case) first 
about who or how they are going to write a parser for a specific 
specific RDF notation (or which there are many: Plain Old Semantic HTML 
[POSH], "Link:" in HTTP, and the other usual suspects i.e., N-Triples, 
Turtle, RDFa, JSON-LD, Microdata etc..) .


-- 
Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog 1: http://kidehen.blogspot.com
Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this


Received on Wednesday, 9 July 2014 11:47:05 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:10:47 UTC