Abstract
Everybody talks about the data economy. Data is collected stored, processed and re-used. In the EU, the GDPR creates a framework with conditions (e.g. consent) for the processing of personal data. But there are also other legal provisions containing requirements and conditions for the processing of data. Even today, most of those are hard-coded into workflows or database schemes, if at all. Data lakes are polluted with unusable data because nobody knows about usage rights or data quality. The approach presented here makes the data lake intelligent. It remembers usage limitations and promises made to the data subject or the contractual partner. Data can be used as risk can be assessed. Such a system easily reacts on new requirements. If processing is recorded back into the data lake, the recording of this information allows to prove compliance. This can be shown to authorities on demand as an audit trail. The concept is best exemplified by the SPECIAL project https://specialprivacy.eu (Scalable Policy-aware Linked Data Architecture For Privacy , Transparency and Compliance ). SPECIAL has several use cases, but the basic framework is applicable beyond those cases.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Also known as the Volkswagen emissions scandal, but many vendors are implicated.
- 2.
Except where the certification is meaningless or very imprecise.
- 3.
- 4.
- 5.
- 6.
Payload data means the actual data record, e.g. the name of a customer.
- 7.
IRI – Internationalized Resource Identifiers, the international version of URI according to RFC.
- 8.
The IRI for the mobile number is a purely theoretical example, the retention time is from the P3P 1.0 Specification.
- 9.
IBM Zürich at the time, now Director of Fraunhofer SIT in Darmstadt.
- 10.
See footnote 4.
- 11.
See Chap. 4.
References
Raymond ES (1999) The cathedral and the bazaar: musings on Linux and open source by an accidental revolutionary. O’Reilly Media, Cambridge. ISBN 1-56592-724-9
A W3C/IAB (2014) Workshop on Strengthening the Internet Against Pervasive Monitoring (STRINT), London, 28 Feb–1 Mar. https://www.w3.org/2014/strint/. Accessed 20 Oct 2017
Lipartito K (2010) The economy of surveillance. MPRA paper, vol 21181, Mar. https://mpra.ub.uni-muenchen.de/21181/1/MPRA_paper_21181.pdf. Accessed 20 Oct 2017
https://en.wikipedia.org/wiki/Libor_scandal. Accessed 20 Oct 2017
Regulation (EU) (2016) 2016/679 of the European Parliament and of the Council of 27 April on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), Official Journal of the European Union 59(L 119), May 2016, 1–88 ELI: http://data.europa.eu/eli/reg/2016/679/oj. Accessed 20 Oct 2017
Clubbing Seals (2014) Exploring the ecosystem of third-party security seals. In: Van Goethem T, Piessens F, Joosen W, Nikiforakis N (eds) Proceedings of the ACM SIGSAC conference on computer and communications security, Scottsdale. https://lirias.kuleuven.be/bitstream/123456789/471360/1/p918-vangoethem.pdf. Accessed 20 Oct 2017
Seneviratne O, Kagal L, Berners-Lee T (2009) Policy-aware content reuse on the web. In: ISWC 2009. http://dig.csail.mit.edu/2009/Papers/ISWC/policy-aware-reuse/paper.pdf. Accessed 20 Oct 2017
The PPL language, Primelife Deliverable D5.3.4 – Report on design and implementation. http://primelife.ercim.eu/images/stories/deliverables/d5.3.4-report_on_design_and_implementation-public.pdf. Accessed 20 Oct 2017
Tools for semantic lifting of multiformat budgetary data. Deliverable D2.1 from Fighting corruption with fiscal transparency. H2020 project number: 645833. http://openbudgets.eu/assets/deliverables/D2.1.pdf. Accessed 20 Oct 2017
RFC3987 Internationalized Resource Identifiers. https://tools.ietf.org/html/rfc3987
The W3C Web Annotation Working Group. https://www.w3.org/annotation/. Accessed 20 Oct 2017
Web Annotation Data Model, W3C Recommendation 23 February (2017) https://www.w3.org/TR/2017/REC-annotation-model-20170223/. Accessed 20 Oct 2017
SPARQL(2013) Query language for RDF, W3C Recommendation 21 March. http://www.w3.org/TR/2013/REC-sparql11-query-20130321/. Accessed 20 Oct 2017
See eXtensible Access Control Markup Language (XACML), currently version 3, with various specifications. https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml. Accessed 20 Oct 2017
Security Assertion Markup Language (SAML) v2.0 (with further info). https://wiki.oasis-open.org/security/FrontPage. Accessed 20 Oct 2017
ODRL Vocabulary & Expression, W3C working draft 23 February (2017) https://www.w3.org/TR/vocab-odrl/. Accessed 20 Oct 2017. See also the linked data profile https://www.w3.org/community/odrl/wiki/ODRL_Linked_Data_Profile. Accessed 20 Oct 2017 and the various notes linked from the WG page https://www.w3.org/2016/poe/wiki/Main_Page. Accessed 20 Oct 2017
An Overview of the PROV Family of Documents, W3C Working Group Note 30 April (2013) http://www.w3.org/TR/2013/NOTE-prov-overview-20130430/. Accessed 20 Oct 2017
XBRL 2.1. https://specifications.xbrl.org/work-product-index-group-base-spec-base-spec.html. Accessed 20 Oct 2017
McDonald AM, Cranor LF (2008) The cost of reading privacy policies, ISJLP 4, HeinOnline, 543. https://kb.osu.edu/dspace/bitstream/handle/1811/72839/ISJLP_V4N3_543.pdf. Accessed 20 Oct 2017
McDonald AM, Reeder RW, Kelley PG, Cranor LF (2009) A comparative study of online privacy policies and formats. In: Privacy enhancing technologies, vol 5672. Springer. http://dblp.uni-trier.de/db/conf/pet/pets2009.html#McDonaldRKC09. Accessed 20 Oct 2017
Villata S, Gandon F (2012) Licenses compatibility and composition in the web of data. In: Proceedings of the third international conference on consuming linked data, vol 905, pp 124–135. https://hal.inria.fr/hal-01171125/document. Accessed 20 Oct 2017
Big Data Europe. https://www.big-data-europe.eu. Accessed 20 Oct 2017
Components supported by the Big Data Europe platform. https://www.big-data-europe.eu/bdi-components/. Accessed 20 Oct 2017
Auer S et al (2017) The BigDataEurope platform – supporting the variety dimension of big data. In: Web engineering: 17th international conference, ICWE 2017, Rome, 5–8 June 2017, Proceedings, pp 41–59
SANSA – Scalable Semantic Analytics Stack, open source algorithms for distributed data processing for large-scale RDF knowledge graphs. http://sansa-stack.net/. Accessed 20 Oct 2017
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer-Verlag GmbH Germany, part of Springer Nature
About this chapter
Cite this chapter
Wenning, R., Kirrane, S. (2018). Compliance Using Metadata. In: Hoppe, T., Humm, B., Reibold, A. (eds) Semantic Applications. Springer Vieweg, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-55433-3_3
Download citation
DOI: https://doi.org/10.1007/978-3-662-55433-3_3
Published:
Publisher Name: Springer Vieweg, Berlin, Heidelberg
Print ISBN: 978-3-662-55432-6
Online ISBN: 978-3-662-55433-3
eBook Packages: Computer ScienceComputer Science (R0)