Skip to main content
SpringerLink
Log in

Compliance Using Metadata

  • Chapter
  • First Online:
Semantic Applications

Abstract

Everybody talks about the data economy. Data is collected stored, processed and re-used. In the EU, the GDPR creates a framework with conditions (e.g. consent) for the processing of personal data. But there are also other legal provisions containing requirements and conditions for the processing of data. Even today, most of those are hard-coded into workflows or database schemes, if at all. Data lakes are polluted with unusable data because nobody knows about usage rights or data quality. The approach presented here makes the data lake intelligent. It remembers usage limitations and promises made to the data subject or the contractual partner. Data can be used as risk can be assessed. Such a system easily reacts on new requirements. If processing is recorded back into the data lake, the recording of this information allows to prove compliance. This can be shown to authorities on demand as an audit trail. The concept is best exemplified by the SPECIAL project https://specialprivacy.eu (Scalable Policy-aware Linked Data Architecture For Privacy , Transparency and Compliance ). SPECIAL has several use cases, but the basic framework is applicable beyond those cases.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 49.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Also known as the Volkswagen emissions scandal, but many vendors are implicated.

  2. 2.

    Except where the certification is meaningless or very imprecise.

  3. 3.

    www.specialprivacy.eu.

  4. 4.

    http://primelife.ercim.eu/.

  5. 5.

    See [7] and [8] were projects trying to implement some part of the idea.

  6. 6.

    Payload data means the actual data record, e.g. the name of a customer.

  7. 7.

    IRI – Internationalized Resource Identifiers, the international version of URI according to RFC.

  8. 8.

    The IRI for the mobile number is a purely theoretical example, the retention time is from the P3P 1.0 Specification.

  9. 9.

    IBM Zürich at the time, now Director of Fraunhofer SIT in Darmstadt.

  10. 10.

    See footnote 4.

  11. 11.

    See Chap. 4.

References

  1. Raymond ES (1999) The cathedral and the bazaar: musings on Linux and open source by an accidental revolutionary. O’Reilly Media, Cambridge. ISBN 1-56592-724-9

    Google Scholar 

  2. A W3C/IAB (2014) Workshop on Strengthening the Internet Against Pervasive Monitoring (STRINT), London, 28 Feb–1 Mar. https://www.w3.org/2014/strint/. Accessed 20 Oct 2017

  3. Lipartito K (2010) The economy of surveillance. MPRA paper, vol 21181, Mar. https://mpra.ub.uni-muenchen.de/21181/1/MPRA_paper_21181.pdf. Accessed 20 Oct 2017

  4. https://en.wikipedia.org/wiki/Libor_scandal. Accessed 20 Oct 2017

  5. Regulation (EU) (2016) 2016/679 of the European Parliament and of the Council of 27 April on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), Official Journal of the European Union 59(L 119), May 2016, 1–88 ELI: http://data.europa.eu/eli/reg/2016/679/oj. Accessed 20 Oct 2017

  6. Clubbing Seals (2014) Exploring the ecosystem of third-party security seals. In: Van Goethem T, Piessens F, Joosen W, Nikiforakis N (eds) Proceedings of the ACM SIGSAC conference on computer and communications security, Scottsdale. https://lirias.kuleuven.be/bitstream/123456789/471360/1/p918-vangoethem.pdf. Accessed 20 Oct 2017

  7. Seneviratne O, Kagal L, Berners-Lee T (2009) Policy-aware content reuse on the web. In: ISWC 2009. http://dig.csail.mit.edu/2009/Papers/ISWC/policy-aware-reuse/paper.pdf. Accessed 20 Oct 2017

  8. The PPL language, Primelife Deliverable D5.3.4 – Report on design and implementation. http://primelife.ercim.eu/images/stories/deliverables/d5.3.4-report_on_design_and_implementation-public.pdf. Accessed 20 Oct 2017

  9. Tools for semantic lifting of multiformat budgetary data. Deliverable D2.1 from Fighting corruption with fiscal transparency. H2020 project number: 645833. http://openbudgets.eu/assets/deliverables/D2.1.pdf. Accessed 20 Oct 2017

  10. RFC3987 Internationalized Resource Identifiers. https://tools.ietf.org/html/rfc3987

  11. The W3C Web Annotation Working Group. https://www.w3.org/annotation/. Accessed 20 Oct 2017

  12. Web Annotation Data Model, W3C Recommendation 23 February (2017) https://www.w3.org/TR/2017/REC-annotation-model-20170223/. Accessed 20 Oct 2017

  13. SPARQL(2013) Query language for RDF, W3C Recommendation 21 March. http://www.w3.org/TR/2013/REC-sparql11-query-20130321/. Accessed 20 Oct 2017

  14. See eXtensible Access Control Markup Language (XACML), currently version 3, with various specifications. https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml. Accessed 20 Oct 2017

  15. Security Assertion Markup Language (SAML) v2.0 (with further info). https://wiki.oasis-open.org/security/FrontPage. Accessed 20 Oct 2017

  16. ODRL Vocabulary & Expression, W3C working draft 23 February (2017) https://www.w3.org/TR/vocab-odrl/. Accessed 20 Oct 2017. See also the linked data profile https://www.w3.org/community/odrl/wiki/ODRL_Linked_Data_Profile. Accessed 20 Oct 2017 and the various notes linked from the WG page https://www.w3.org/2016/poe/wiki/Main_Page. Accessed 20 Oct 2017

  17. An Overview of the PROV Family of Documents, W3C Working Group Note 30 April (2013) http://www.w3.org/TR/2013/NOTE-prov-overview-20130430/. Accessed 20 Oct 2017

  18. XBRL 2.1. https://specifications.xbrl.org/work-product-index-group-base-spec-base-spec.html. Accessed 20 Oct 2017

  19. McDonald AM, Cranor LF (2008) The cost of reading privacy policies, ISJLP 4, HeinOnline, 543. https://kb.osu.edu/dspace/bitstream/handle/1811/72839/ISJLP_V4N3_543.pdf. Accessed 20 Oct 2017

  20. McDonald AM, Reeder RW, Kelley PG, Cranor LF (2009) A comparative study of online privacy policies and formats. In: Privacy enhancing technologies, vol 5672. Springer. http://dblp.uni-trier.de/db/conf/pet/pets2009.html#McDonaldRKC09. Accessed 20 Oct 2017

  21. Villata S, Gandon F (2012) Licenses compatibility and composition in the web of data. In: Proceedings of the third international conference on consuming linked data, vol 905, pp 124–135. https://hal.inria.fr/hal-01171125/document. Accessed 20 Oct 2017

  22. Big Data Europe. https://www.big-data-europe.eu. Accessed 20 Oct 2017

  23. Components supported by the Big Data Europe platform. https://www.big-data-europe.eu/bdi-components/. Accessed 20 Oct 2017

  24. Auer S et al (2017) The BigDataEurope platform – supporting the variety dimension of big data. In: Web engineering: 17th international conference, ICWE 2017, Rome, 5–8 June 2017, Proceedings, pp 41–59

    Google Scholar 

  25. SANSA – Scalable Semantic Analytics Stack, open source algorithms for distributed data processing for large-scale RDF knowledge graphs. http://sansa-stack.net/. Accessed 20 Oct 2017

Download references

Author information

Authors and Affiliations

  1. European Research Consortium for Informatics and Mathematics (GEIE ERCIM), Sophia Antipolis, France

    Rigo Wenning

  2. Vienna University of Economics and Business, Wien, Germany

    Sabrina Kirrane

Authors
  1. Rigo Wenning
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sabrina Kirrane
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rigo Wenning .

Editor information

Editors and Affiliations

  1. Datenlabor Berlin, Berlin, Germany

    Thomas Hoppe

  2. Fachbereich Informatik, Hochschule Darmstadt, Darmstadt, Germany

    Bernhard Humm

  3. Ontoport UG, Sulzbach, Germany

    Anatol Reibold

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer-Verlag GmbH Germany, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Wenning, R., Kirrane, S. (2018). Compliance Using Metadata. In: Hoppe, T., Humm, B., Reibold, A. (eds) Semantic Applications. Springer Vieweg, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-55433-3_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-55433-3_3

  • Published:

  • Publisher Name: Springer Vieweg, Berlin, Heidelberg

  • Print ISBN: 978-3-662-55432-6

  • Online ISBN: 978-3-662-55433-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation