- From: Eric Jahn <eric@alexandriaconsulting.com>
- Date: Sun, 26 Nov 2023 11:34:41 -0500
- To: Melvin Carvalho <melvincarvalho@gmail.com>
- Cc: public-solid <public-solid@w3.org>
- Message-ID: <CANHzzoOkRgPk+1i+aAGDr=61mrgUZxxa81uP9kjVgSPLu4GtTg@mail.gmail.com>
Melvn, Thank you for the explainer synopsis. This sort of thing really helps to keep us focused on the larger objective bringing us together in this project. I have one suggestion to augment your proposed text. The statement > Solid enables users to store their personal data in online data stores, > known as Pods. These Pods are controlled entirely by the user, who can > grant or revoke access to applications as desired. seems to eliminate the desire for "organizational" Solid pods from the summary. I see organizational pods as sort of a multi-tenant solid pod, where the individual does not control the entire pod, but the individual does have a say in how their own data is allowed to be shared from the organizational pod. This could empower consent-driven public health and human services information exchanges, where some of the data is not entirely accessible or controllable by individuals. Individuals may requests removal of some sharing permissions, but granting that request depends on the organization's policies, and depends on the situation. For example, private sharing between health care entities of an individual's COVID diagnosis or mental health diagnoses may not be something an individual can completely control, since this information may be in the interests of the greater good to selectively share to other agencies. Organizational pods can lead toward complex and rule-driven, computable consent-sharing mechanisms in health and human services, as well as other domains. Is there a way we can include this concept in the Solid Project concept, or does the group think this is too tangential, and should be in a separate project that may or may not interoperate well with the core Solid concept? Either open source arrangement is acceptable to me, but this feedback will help me focus my efforts on the correct pathway for open source participation. Thank you! -- Eric Jahn CTO/Data Architect Alexandria Consulting LLC St. Petersburg, Florida 727.537.9474 alexandriaconsulting.com WebID <https://alexandriaconsulting.com/files/eric_jahn.rdf#me> On Sun, Nov 26, 2023 at 10:57 AM Melvin Carvalho <melvincarvalho@gmail.com> wrote: > > > čt 23. 11. 2023 v 13:04 odesílatel Harshvardhan J. Pandit <me@harshp.com> > napsal: > >> Hi. >> FWIW, I request that the language regarding 'privacy' be broader than >> 'access to data'. See suggestions below. >> >> On 23/11/2023 09:31, Melvin Carvalho wrote: >> > *Data Management with Solid* >> > Solid enables users to store their personal data in online data stores, >> > known as Pods. These Pods are controlled entirely by the user, who can >> > grant or revoke access to applications as desired. This separation of >> > data from applications allows for greater user autonomy over their >> > personal information. >> >> 1) "These Pod are controlled entirely by the user" - What about cases >> where Solid Pods are 'provided' to the user with ability to manage data >> but NOT manage the pod or move it to a different provider etc. Or cases >> where data may not be under the user's control i.e. they can access it >> but cannot manage it or only can approve specific applications and not >> others. Should such cases not be called 'Solid'? >> >> 2) "who can grant or revoke access to applications" - Pods are about >> controlling/managing data and the language should reflect this. E.g. >> "who can control the storing and usage of data by applications". By not >> using the line 'grant or revoke access' I am avoiding reducing autonomy >> to take it or leave it type situations based on solely on >> access/gatekeeping. >> >> > >> > Security and Privacy in Solid >> > >> > *Data Control and Privacy* >> > One of Solid's key features is its emphasis on user-controlled data >> > privacy. Users have the authority to manage who can access their data, >> > enhancing privacy and data security on the web. >> > >> >> Same as above, "users have the authority to manage who can access and >> how it will be used and shared with others..." - the "how it will be >> used and shared with others" is the key part to not just stop at having >> access to data but also managing the who and why aspects of it being used. >> > > Any thoughts on how the text could change? How about: > > "Data Control and Privacy > > A hallmark of Solid is its focus on user-directed data privacy. This goes > beyond simply managing access to data. Users possess the authority not only > to decide who can access their data but also to determine how it is used > and shared with others. This expanded scope of control emphasizes the > importance of understanding both the "who" and the "why" in data usage, > thus enhancing privacy and data security on the web. This approach aligns > with Solid's vision of a more user-centric web experience, where > individuals have a significant say in the lifecycle of their data." > > If you have some suggestions I can change the text. > > >> >> Regards, >> -- >> --- >> Harshvardhan J. Pandit, Ph.D >> Assistant Professor >> ADAPT Centre, Dublin City University >> https://harshp.com/ >> >
Received on Sunday, 26 November 2023 16:35:23 UTC