Changelog for DPV 2.0

Published: 2024-06-26

This document describes the changes in DPV 2.0 release as compared to the previous DPV 1.0 release. This changelog covers the DPV specification as well as all extensions.

Summary

DPV 2.0 has the following major changes for a summary:

  1. Change in Ontology IRI: DPV 2.0 introduces versioned IRIs e.g. https://w3id.org/dpv/2.0 refers to 2.0 and https://w3id.org/dpv/1.0 refers to 1.0. The versionless IRI https://w3id.org/dpv will now always point to the latest version of DPV (which is 2.0 for this release) see more
  2. Change in semantics: The 'default' DPV specification now uses RDFS+SKOS to declare its semantics. DPV using OWL2 semantics is now provided within the same folder with a -owl prefix see more
  3. Change in Scope: The scope of 1.0 concerned processing of personal data and DPV concepts concerned only this scope. In 2.0, the scope has been expanded to include non-personal data and technologies so that concepts such as dpv:Purpose can be used to describe more use-cases see more
  4. Change in repo structure: The folder structure of the repository has been changed to reflect the versioned IRIs. The two folders 1.0 and 2.0 contain the respective versions see more
  5. Change in extension names: Various extensions have been renamed and re-organised for consistency by removing the dpv- prefix e.g. dpv-pd extension in 1.0 has been renamed to pd. New extensions have been added to DPV e.g. AI, LEGAL-US, and EU-AIAct and earlier draft extensions have been further refined e.g. RISK and TECH see more
  6. Do I need to update or change something? Mostly no, except in specific cases. see more
  7. Change in concepts: In total, DPV 2.0 and all its extensions contain 2662 concepts, and compared to 1.0 - 1017 concepts have been added and 805 concepts removed. The count of added and removed concepts include moving concepts between extensions see more
  8. Development process: The development process for DPV has changed to reflect best practices and improvements identified. This includes changes to the way releases are generated by only using the `dev` branch for ongoing developments and not changing the `main` branch except for releases see more
  9. Contributors: list of contributors to version 2.0. see more

Change in IRI

Up to DPV 1.0, the IRIs used were https://www.w3.org/ns/dpv initially, which was then replaced with https://w3id.org/dpv. DPV 2.0 implemented versioned namespaces to enable adopters to choose which version of DPV they want to use - the latest or a specific version such as 1.0 or 2.0.

The existing IRI https://w3id.org/dpv will always point to the latest version - which for this release is 2.0. In addition to this, the IRI https://w3id.org/dpv/1.0 will always point to 1.0 and https://w3id.org/dpv/2.0 will always point to 2.0.

To support this, the IRIs in the 1.0 release have been changed from https://w3id.org/dpv to the versioned form https://w3id.org/dpv/1.0, so that adopters can utilise 1.0 files and resources regardless of other changes to the DPV. In the future, similar versioned namespaces will be created for each release e.g. v2.1, v3.0, and so on.

This change follows Best practices for implementing fair vocabularies and ontologies on the web.

Change in Semantics

DPV 1.0 was provided with three different semantics: a custom extension of SKOS as the 'default' along with RDFS+SKOS and OWL2 variants - each with a distinct namespace. In DPV 2.0, the custom extension has been removed and replaced with RDFS+SKOS as the default with an OWL2 variant - each with a distinct namespace.

Default Semantics: In DPV 1.0 the IRI https://w3id.org/dpv corresponded to the custom SKOS extension, and the IRI https://w3id.org/dpv/dpv-skos corresponded to the RDFS+SKOS variant. In DPV 2.0, https://w3id.org/dpv corresponds to the RDFS+SKOS variant, and the IRI https://w3id.org/dpv/dpv-skos redirects to this resource. This also applies to the extensions, e.g. https://w3id.org/dpv/dpv-skos/dpv-pd is redirected to https://w3id.org/dpv/pd.

OWL2 variant: In DPV 1.0 the IRI https://w3id.org/dpv/dpv-owl corresponded to the OWL2 variant. In DPV 2.0, https://w3id.org/dpv/owl corresponds to the OWL variant, and the IRI https://w3id.org/dpv/dpv-owl redirects to this resource. This also applies to the extensions, e.g. https://w3id.org/dpv/dpv-owl/dpv-pd is redirected to https://w3id.org/dpv/pd/owl. The naming scheme of the OWL2 variant follows the rule where /owl is suffixed to the default IRI to obtain the OWL2 variant. This allows the OWL2 files to be present in the same folder as the other serialisations/formats, which leads to cleaner arrangement and management of resources. The earlier 1.0 naming scheme utilised a parent folder dpv-owl to host all OWL2 files, which caused duplication of structure and resources, and could have been a cause of confusion.

Different in RDFS+SKOS and OWL2 serialisations: please refer to the Semantics of DPV section in Primer to understand the differences and implication of using RDFS+SKOS and OWL2 serialisations and which ones are suited for which use-cases.

Change in Scope

The origin of DPV was based in modelling the EU GDPR regulation requirements under the SPECIAL H2020 project, and hence its concepts such as Purpose and LegalBasis were defined with the scope "processing of personal data". Until DPV 1.0, this scope was used to create concepts and extensions, and influenced how they should be used. After 1.0, the DPVCG community decided to expand the scope based on the following observations:

  1. Regulations such as the EU Data Governance Act (DGA) regulate both personal and non-personal data, and use the same terms (e.g. legal basis, technical measures) to regulate them. The DPVCG community deemed it desirable to enable DPV concepts to be used for modelling both personal and non-personal data using the same concepts, and through this model regulations such as DGA as a DPV extension
  2. Regulations such as the EU Network Information Security Directive (NIS2) and the EU AI Act, and standards such as NIST AI Risk Management Framework concern "technologies" and talk about their purpoes, risks, technical and organisational measures - concepts which are already present in DPV. In addition to these, such technologies can also involve personal data e.g. AI technologies utilising personal data or being involving people - which would necessitate representing them through DPV concepts. The DPVCG community therefore deemed it desirable to enable use of DPV concepts to represent use-cases involving technologies, and to model regulations such as NIS2 and AI Act as DPV extensions.
  3. The expansion in scope does not materially change the interpretation of a concept e.g. Purpose is defined as Purpose of processing personal data is specific to personal data. Expanding it to include any data or technology makes it broader and does not break the inherent interpretation of the term as it was used in previous versions as the concept would be rarely used by itself and would be expected to be used in combination with other concepts such as dpv:hasPersonalData. Thus the benefits from expanding the scope were deemed desirable despite the minor but compatible change in concept meaning.

Based on this, the scope of several concepts such as Purpose, LegalBasis, TechnicalMeasure, Risk, etc. was expanded to cover "any data or technology". The only concepts unaffected by this change are those associated with PersonalData i.e. the subclasses and taxonomy associated with personal data.

Change in Repo Structure

To enable the existence and provision of versioned releases, and following the change in semantics involving serialisations of dpv-skos and dpv-owl which were moved, and the changes in names of extensions, the DPV repo was restructured in the following manner:

  1. versions: root folders 1.0 and 2.0 contain the specific versions they represent. All resources associated with the version will be within these specific folders.
  2. 2.0 structure: the folders present in 2.0 contain dpv which has the DPV specification, specific extensions - pd for personal data, tech for technology, ai for AI technologies, justifications, loc for locations, legal, and risk.
  3. legal extension: The legal folder contains the legal extension, within which there are specific subfolders representing jurisdictions named with the ISO 3166-2 code for that country or region, such as ie for Ireland, gb for UK, de for Germany, and us for USA. In addition to these, eu represents the EU supra-union. Within each folder the specific laws and resources associated with that jurisdiction are provided as subfolders. For example, legal/eu/gdpr provides an extension for the EU GDPR law.
  4. examples, guides, primer: these folders provide examples, guides, and the primer (as their names indicate). They are not included in specific versions, but will be updated as required alongside the newer versions. The examples will be retained in the examples folder, and the guides and primer are published through the W3C process, through which the previous versions will be online and accessible.
  5. code: this folder contains the code for generating documentation. It used to be called documentation-generator previously. This folder is only intended for developers of DPV and extensions, for adopters this folder should not be used.

Change in Extension Naming

The following extensions have been renamed in 2.0 for consistency and clarity. Earlier, in 1.0, the convention was to prefix extensions with dpv- to represent they were extending the DPV. This was based on the assumption that there will be other non-DPV resources within DPVCG. In 2.0, all resources are associated with DPV and it is unlikely that the group will produce work that is not connected to the DPV, and therefore the prefix has been dropped.

Do I need to update or change something?

You should consider updating to the latest version of the DPV as it provides a more comprehensive set of terms, has new extensions with refinements and advances in representing information, and represents more recent and up to date knowledge within the domain.

When updating, the following may be considered as 'breaking changes':

  1. If you rely on using the repo to use DPV, the changed repo structure will result in 404 or 'resource not found' errors as the resources have been moved.
  2. If you relied on using the GitHub URLs (e.g. https://w3c.github.io/dpv/dpv/) instead of the w3id purls (e.g. https://w3id.org/dpv), then the changed repo structure will result in 404 or 'resource not found' errors as the resources have been moved.
  3. If you were using the 1.0 DPV 'default serialisation' based in the custom extension of SKOS - this has been removed in 2.0. The default serialisation in 2.0 is RDFS+SKOS, which is compatible in a sense as it also declares all concepts as skos:Concept.
  4. If you were using the 1.0 DPV OWL2 and were relying on the folder structure i.e. having everything in dpv-owl, then the new repo structure will result in breaking changes. In 2.0, the OWL2 files are alongside the other formats in the same folder.
  5. If you were using the dpv-nace extension, this has been removed in 2.0.
  6. If you were using a specific concept, and it has been removed in 2.0 (see list of changed concepts).

If you were using the dpv using the current or previous purls, e.g. https://w3id.org/dpv or https://w3.org/ns/dpv or https://w3id.org/dpv/dpv-owl or others - these will be preserved and redirected to the latest version. If you want to retain your use of DPV to 1.0 and do not want to use the latest version, you will need to change your use of DPV to use the versioned IRIs, e.g. https://w3id.org/dpv/1.0. Though we strongly suggest always using the latest version of DPV as it provides benefits as outlined above.

Going ahead, we do not forsee major breaking changes similar to that between 1.0 and 2.0.

Detailed Changes to Terms

Click on the line to expand details view containing a description of the change and listing added/removed concepts.

DPV total terms: 911 ; added: 311 ; removed: 56
Concepts Removed

Removed concepts include typos in IRIs, concepts moved to other extensions such as Damage and Harm which have been moved to RISK extension, concepts that have been remodelled entirely - such as those for Human Involvement and Automation, separating organisational measures into legal measures, and removing the custom DPV extension of SKOS e.g. dpv:Concept.

 
1: AntiTerrorismOperations
2: AutomatedProcessingWithHumanInput
3: AutomatedProcessingWithHumanOversight
4: AutomatedProcessingWithHumanReview
5: AutomationOfProcessing
6: BaseConcepts
7: Benefit
8: CompletelyManualProcessing
9: Concept
10: ConsentConcepts
11: Consent_StatusConcepts
12: Consent_TypesConcepts
13: ContextConcepts
14: ContinousFrequency
15: Damage
16: Detriment
17: EntitiesConcepts
18: Entities_AuthorityConcepts
19: Entities_DatasubjectConcepts
20: Entities_LegalroleConcepts
21: Entities_OrganisationConcepts
22: FixedOccurencesDuration
23: FullyAutomatedProcessing
24: Harm
25: JurisdictionConcepts
26: Legal_BasisConcepts
27: LoggingPolicies
28: MaterialDamage
29: MonitoringPolicies
30: NonMaterialDamage
31: Organisational_MeasuresConcepts
32: PartiallyAutomatedProcessing
33: Personal_DataConcepts
34: ProcessingConcepts
35: Processing_ContextConcepts
36: Processing_ScaleConcepts
37: PurposesConcepts
38: RegisterOfProcessingActivities
39: RegularityOfRecertification
40: Relation
41: RightsConcepts
42: RiskConcepts
43: RiskManagementPlan
44: RiskManagementPolicy
45: RiskManagementProcess
46: RulesConcepts
47: StatusConcepts
48: Technical_MeasuresConcepts
49: Technical_Organisational_MeasuresConcepts
50: TrustedExecutionEnvironments
51: TrustedThirdPartyUtilisation
52: hasDomain
53: hasProcessingAutomation
54: hasRange
55: isInstanceOf
56: isSubTypeOf
Concepts Added 
1: AILiteracy
2: ActivelyInvolved
3: ActivityPlanned
4: AgeVerification
5: Aggregate
6: Applicability
7: AssistiveAutomation
8: AuthorityInformed
9: AuthorityUninformed
10: AutomatedScoringOfIndividuals
11: AutomationLevel
12: Autonomous
13: CannotChallengeProcess
14: CannotChallengeProcessInput
15: CannotChallengeProcessOutput
16: CannotCorrectProcess
17: CannotCorrectProcessInput
18: CannotCorrectProcessOutput
19: CannotObjectToProcess
20: CannotOptInToProcess
21: CannotOptOutFromProcess
22: CannotReverseProcessEffects
23: CannotReverseProcessInput
24: CannotReverseProcessOutput
25: CannotWithdrawFromProcess
26: ChallengingProcess
27: ChallengingProcessInput
28: ChallengingProcessOutput
29: CollectedData
30: CombatClimateChange
31: CommercialPurpose
32: CommerciallyConfidentialData
33: ComplianceAssessment
34: ConditionalAutomation
35: ConfidentialData
36: ConfidentialityAgreement
37: ConformanceAssessment
38: ConsentControl
39: ConsentManagement
40: ContextuallyAnonymisedData
41: ContinuousFrequency
42: ControllerInformed
43: ControllerUninformed
44: CorrectingProcess
45: CorrectingProcessInput
46: CorrectingProcessOutput
47: Counterterrorism
48: CrossBorderTransfer
49: DataAltruism
50: DataBreachImpactAssessment
51: DataBreachNotice
52: DataBreachNotification
53: DataBreachRecord
54: DataControllerContract
55: DataControllerDataSource
56: DataDeletionPolicy
57: DataErasurePolicy
58: DataGovernance
59: DataInteroperabilityAssessment
60: DataInteroperabilityImprovement
61: DataInteroperabilityManagement
62: DataInventoryManagement
63: DataJurisdictionPolicy
64: DataLiteracy
65: DataProcessingPolicy
66: DataProcessorContract
67: DataQualityAssessment
68: DataQualityImprovement
69: DataQualityManagement
70: DataRestorationPolicy
71: DataReusePolicy
72: DataSecurityManagement
73: DataStoragePolicy
74: DataSubjectContract
75: DataSubjectDataSource
76: DataSubjectInformed
77: DataSubjectRightsManagement
78: DataSubjectUninformed
79: DataTransferNotice
80: DataTransferRecord
81: Delete
82: DerivedData
83: DigitalLiteracy
84: Display
85: Download
86: EntityActiveInvolvement
87: EntityInformed
88: EntityInformedStatus
89: EntityInvolvement
90: EntityNonInvolvement
91: EntityNonPermissiveInvolvement
92: EntityPassiveInvolvement
93: EntityPermissiveInvolvement
94: EntityUninformed
95: EnvironmentalProtection
96: ExpectationStatus
97: Expected
98: Export
99: FRIA
100: FixedOccurrencesDuration
101: Format
102: FullAutomation
103: GeneratedData
104: Guideline
105: HighAutomation
106: HumanInvolved
107: HumanInvolvementForControl
108: HumanInvolvementForDecision
109: HumanInvolvementForIntervention
110: HumanNotInvolved
111: IPRManagement
112: IdentifyingPersonalData
113: IdentityAuthentication
114: ImproveHealthcare
115: ImprovePublicServices
116: ImproveTransportMobility
117: InferredData
118: InnovativeUseOfExistingTechnology
119: InnovativeUseOfTechnology
120: IntellectualPropertyData
121: Intended
122: IntentionStatus
123: InvolvementStatus
124: LegalComplianceAssessment
125: LegalMeasure
126: Licence
127: LoggingPolicy
128: MetadataManagement
129: MisusePreventionAndDetection
130: MonitoringPolicy
131: NonCommercialPurpose
132: NonPersonalDataProcess
133: NotApplicable
134: NotAutomated
135: NotAvailable
136: NotInvolved
137: Notification
138: NotificationCompleted
139: NotificationFailed
140: NotificationNotNeeded
141: NotificationOngoing
142: NotificationPlanned
143: NotificationStatus
144: ObjectingToProcess
145: ObservedData
146: ObtainConsent
147: OptingInToProcess
148: OptingOutFromProcess
149: ParentLegalEntity
150: PartialAutomation
151: PassivelyInvolved
152: PermissionManagement
153: PersonalDataProcess
154: PhysicalAuthentication
155: PhysicalAuthorisation
156: PhysicalDeviceSecurity
157: PhysicalInterceptionProtection
158: PhysicalInterruptionProtection
159: PhysicalMeasure
160: PhysicalNetworkSecurity
161: PhysicalSecureStorage
162: PhysicalSupplySecurity
163: PhysicalSurveillance
164: Principle
165: Process
166: ProcessingCondition
167: ProcessingDuration
168: ProcessingLocation
169: ProtectionOfIPR
170: ProtectionOfNationalSecurity
171: ProtectionOfPublicSecurity
172: ProvideConsent
173: ProvideOfficialStatistics
174: ProvidedData
175: ProvidedPersonalData
176: PublicBenefit
177: PublicPolicyMaking
178: PublicRegisterOfEntities
179: ROPA
180: ReaffirmConsent
181: RecertificationPolicy
182: RecipientInformed
183: RecipientUninformed
184: Reformat
185: RegulatorySandbox
186: ResidualRisk
187: ReversingProcessEffects
188: ReversingProcessInput
189: ReversingProcessOutput
190: RightNotice
191: RightsFulfillment
192: RightsImpactAssessment
193: RightsManagement
194: RiskAssessment
195: ScientificResearch
196: SecureProcessingEnvironment
197: SecurityIncidentNotice
198: SecurityIncidentNotification
199: SecurityIncidentRecord
200: SensitiveData
201: SensitiveNonPersonalData
202: SensitivityLevel
203: Service
204: ServiceConsumer
205: ServiceProvider
206: StandardsConformance
207: StatisticalConfidentialityAgreement
208: StatisticallyConfidentialData
209: SubsidiaryLegalEntity
210: SupportContractNegotiation
211: SupportEntityDecisionMaking
212: SupportExchangeOfViews
213: SupportInformedConsentDecision
214: TOM-classes
215: TOM-properties
216: ThirdPartyContract
217: ThirdPartyDataSource
218: TrustedExecutionEnvironment
219: Unexpected
220: Unintended
221: UnknownApplicability
222: Verification
223: WithdrawConsent
224: WithdrawingFromProcess
225: consent-controls-classes
226: consent-properties
227: consent-status-classes
228: consent-types-classes
229: context-classes
230: context-properties
231: entities-authority-classes
232: entities-authority-properties
233: entities-classes
234: entities-datasubject-classes
235: entities-datasubject-properties
236: entities-legalrole-classes
237: entities-legalrole-properties
238: entities-organisation-classes
239: entities-properties
240: hasActiveEntity
241: hasApplicability
242: hasAssessment
243: hasAutomationLevel
244: hasConformanceStatus
245: hasConsentControl
246: hasEntityControl
247: hasEntityInvolvement
248: hasExpectation
249: hasImpactAssessment
250: hasImportance
251: hasInformedStatus
252: hasIntention
253: hasInvolvement
254: hasLegalMeasure
255: hasNecessity
256: hasNonInvolvedEntity
257: hasNonPersonalDataProcess
258: hasNotificationStatus
259: hasOrganisationalUnit
260: hasPassiveEntity
261: hasPersonalDataProcess
262: hasPhysicalMeasure
263: hasProcess
264: hasProcessingCondition
265: hasRecordOfActivity
266: hasRequestStatus
267: hasRiskAssessment
268: hasSensitivityLevel
269: hasService
270: hasServiceConsumer
271: hasServiceProvider
272: hasSubsidiary
273: isApplicableFor
274: isDeterminedByEntity
275: isNotApplicableFor
276: isOrganistionalUnitOf
277: isSubsidiaryOf
278: jurisdiction-classes
279: jurisdiction-properties
280: legal-basis-classes
281: legal-basis-properties
282: legal-measures-classes
283: organisational-measures-classes
284: personal-data-classes
285: personal-data-properties
286: physical-measures-classes
287: process-classes
288: process-properties
289: processing-classes
290: processing-context-classes
291: processing-context-properties
292: processing-properties
293: processing-scale-classes
294: processing-scale-properties
295: purposes-classes
296: purposes-properties
297: rights-classes
298: rights-properties
299: risk-classes
300: risk-properties
301: rules-classes
302: rules-properties
303: serialisation-html
304: serialisation-jsonld
305: serialisation-n3
306: serialisation-rdf
307: serialisation-ttl
308: status-classes
309: status-properties
310: supportsComplianceWith
311: technical-measures-classes
PD total terms: 227 ; added: 22 ; removed: 4
Concepts Removed

Removed concepts include typos e.g. Proclivitie -> Proclivity, and concepts that are already in DPV e.g. PersonalData.

 
1: PersonalData
2: PersonalDataConcepts
3: Proclivitie
4: SpecialCategoryPersonalData
Concepts Added 
1: Citizenship
2: City
3: CountryOfBirth
4: Domicile
5: GroupProfile
6: HouseNumber
7: IndividualProfile
8: Locality
9: PlaceOfBirth
10: PostalCode
11: Proclivity
12: Region
13: Residency
14: Street
15: core-classes
16: extended-classes
17: serialisation-html
18: serialisation-jsonld
19: serialisation-n3
20: serialisation-rdf
21: serialisation-ttl
22: specialcategory-classes
EU-GDPR total terms: 163 ; added: 69 ; removed: 33
Concepts Removed

Removed concepts include typos e.g. A6-1a -> A6-1-a, and concepts that are already in DPV e.g. LegalBasis.

 
1: A6-1a
2: AuditStatus
3: ComplianceConcepts
4: ConformanceStatus
5: Contract
6: ContractPerformance
7: DPIA
8: DataSubjectRight
9: DataTransferLegalBasis
10: Data_TransfersConcepts
11: DpiaConcepts
12: EnterIntoContract
13: ExplicitlyExpressedConsent
14: ExpressedConsent
15: GDPRLawulness
16: Lawfulness
17: LegalBasis
18: LegalObligation
19: Legal_BasisConcepts
20: Legal_Basis_Data_TransferConcepts
21: Legal_Basis_SpecialConcepts
22: LegitimateInterest
23: LegitimateInterestOfController
24: LegitimateInterestOfThirdParty
25: OfficialAuthorityOfController
26: PublicInterest
27: RightFulfilmentNotice
28: RightsConcepts
29: TechnicalOrganisationalMeasure
30: VitalInterest
31: VitalInterestOfDataSubject
32: VitalInterestOfNatualPerson
33: VitalInterestOfNaturalPerson
Concepts Added 
1: A6-1-d-natural-person
2: AccountabilityPrinciple
3: AccuracyPrinciple
4: AvailabilityBreach
5: BreachNotificationNotNeeded
6: ConcernedSupervisoryAuthority
7: ConfidentialityBreach
8: ControllerBreachNotice
9: ControllerBreachNotificationNeeded
10: CrossBorderDataBreach
11: DBIAIndicatesHighRisk
12: DBIAIndicatesLowRisk
13: DBIAIndicatesNoRisk
14: DBIARiskStatus
15: DPABreachInitialNotice
16: DPABreachNotice
17: DPABreachNotificationNeeded
18: DPABundledBreachNotice
19: DPAPhasedBreachNotice
20: DPIAOutcomeRisksAcceptable
21: DataBreach
22: DataBreachConcludingReport
23: DataBreachDetectionReport
24: DataBreachNotice
25: DataBreachNoticeRequirement
26: DataBreachOngoingReport
27: DataBreachPreliminaryReport
28: DataBreachRegister
29: DataBreachReport
30: DataMinimisationPrinciple
31: DataSubjectBreachNotice
32: DataSubjectBreachNotificationNeeded
33: Establishment
34: FairnessPrinciple
35: IntegrityBreach
36: IntegrityConfidentialityPrinciple
37: LawfulnessPrinciple
38: LeadSupervisoryAuthority
39: LocalSupervisoryAuthority
40: MainEstablishment
41: ProcessorBreachNotice
42: ProcessorBreachNotificationNeeded
43: PurposeLimitationPrinciple
44: SingleEstablishment
45: StorageLimitationPrinciple
46: TransparencyPrinciple
47: compliance-classes
48: data-breach-classes
49: data-transfers-classes
50: dpia-classes
51: dpia-properties
52: entities-classes
53: entities-properties
54: hasConcernedSA
55: hasEstablishment
56: hasLeadSA
57: hasLocalSA
58: hasMainEstablishment
59: isMainEstablishmentFor
60: legal-basis-classes
61: legal-basis-data-transfer-classes
62: legal-basis-special-classes
63: principles-classes
64: rights-classes
65: serialisation-html
66: serialisation-jsonld
67: serialisation-n3
68: serialisation-rdf
69: serialisation-ttl
LEGAL total terms: 84 ; added: 48 ; removed: 424
Concepts Removed

NOTE: removed includes locations which have been moved to LOC, and how laws, etc. are declared under specific jurisdictional extensions in 2.0

 
1: AD
2: AE
3: AF
4: AG
5: AI
6: AL
7: AM
8: AO
9: AQ
10: AR
11: AS
12: AT
13: AU
14: AW
15: AX
16: AZ
17: AdequacyConcepts
18: Africa
19: Americas
20: Asia
21: AustraliaandNewZealand
22: AuthoritiesConcepts
23: BA
24: BB
25: BD
26: BE
27: BF
28: BG
29: BH
30: BI
31: BJ
32: BL
33: BM
34: BN
35: BO
36: BQ
37: BR
38: BS
39: BT
40: BV
41: BW
42: BY
43: BZ
44: CA
45: CC
46: CD
47: CF
48: CG
49: CH
50: CI
51: CK
52: CL
53: CM
54: CN
55: CO
56: CR
57: CU
58: CV
59: CW
60: CX
61: CY
62: CZ
63: Caribbean
64: CentralAmerica
65: CentralAsia
66: ChannelIslands
67: DE
68: DE-BB
69: DE-BDSG
70: DE-BE
71: DE-BE-BbgDSG
72: DE-BE-BlnDSG
73: DE-BW
74: DE-BW-LDSG
75: DE-BY
76: DE-BY-BayDSG
77: DE-HB
78: DE-HB-BremDSGVOAG
79: DE-HE
80: DE-HE-HDISG
81: DE-HH
82: DE-HH-HmbDSG
83: DE-LSA-DSG
84: DE-MV
85: DE-MV-DSG
86: DE-NI
87: DE-NI-NDSG
88: DE-NW
89: DE-NW-DSG
90: DE-RP
91: DE-RP-LDSG
92: DE-SH
93: DE-SH-LDSG
94: DE-SL
95: DE-SL-SDSG
96: DE-SN
97: DE-SN-SächsDSG
98: DE-ST
99: DE-TH
100: DE-TH-ThürDSG
101: DJ
102: DK
103: DM
104: DO
105: DPA-AT
106: DPA-BE
107: DPA-BG
108: DPA-CZ
109: DPA-DK
110: DPA-EE
111: DPA-ES
112: DPA-FI
113: DPA-FR
114: DPA-GR
115: DPA-HR
116: DPA-HU
117: DPA-IT
118: DPA-LT
119: DPA-LU
120: DPA-LV
121: DPA-MT
122: DPA-NL
123: DPA-PL
124: DPA-PT
125: DPA-RO
126: DPA-SE
127: DPA-SI
128: DPA-SK
129: DPA-US-VC
130: DZ
131: EC
132: EE
133: EEA
134: EEA30
135: EEA31
136: EG
137: EH
138: ER
139: ES
140: ET
141: EU
142: EU-GDPR
143: EU27
144: EU28
145: EUEEAConcepts
146: EasternAfrica
147: EasternAsia
148: EasternEurope
149: Europe
150: FI
151: FJ
152: FK
153: FM
154: FO
155: FR
156: GA
157: GB
158: GB-DPA
159: GB-GDPR
160: GD
161: GE
162: GF
163: GG
164: GH
165: GI
166: GL
167: GM
168: GN
169: GP
170: GQ
171: GR
172: GS
173: GT
174: GU
175: GW
176: GY
177: HK
178: HM
179: HN
180: HR
181: HT
182: HU
183: ID
184: IE
185: IL
186: IM
187: IN
188: IO
189: IQ
190: IR
191: IS
192: IT
193: JE
194: JM
195: JO
196: JP
197: KE
198: KG
199: KH
200: KI
201: KM
202: KN
203: KP
204: KR
205: KW
206: KY
207: KZ
208: LA
209: LB
210: LC
211: LI
212: LK
213: LR
214: LS
215: LT
216: LU
217: LV
218: LY
219: LatinAmericaandtheCaribbean
220: LawConcepts
221: LocationConcepts
222: MA
223: MC
224: MD
225: ME
226: MF
227: MG
228: MH
229: MK
230: ML
231: MM
232: MN
233: MO
234: MP
235: MQ
236: MR
237: MS
238: MT
239: MU
240: MV
241: MW
242: MX
243: MY
244: MZ
245: Melanesia
246: Micronesia
247: MiddleAfrica
248: NA
249: NC
250: NE
251: NF
252: NG
253: NI
254: NL
255: NO
256: NP
257: NR
258: NU
259: NZ
260: NorthernAfrica
261: NorthernAmerica
262: NorthernEurope
263: OM
264: Oceania
265: PA
266: PE
267: PF
268: PG
269: PH
270: PK
271: PL
272: PM
273: PN
274: PR
275: PS
276: PT
277: PW
278: PY
279: Polynesia
280: QA
281: RE
282: RO
283: RS
284: RU
285: RW
286: SA
287: SB
288: SC
289: SD
290: SE
291: SG
292: SH
293: SI
294: SJ
295: SK
296: SL
297: SM
298: SN
299: SO
300: SR
301: SS
302: ST
303: SV
304: SX
305: SY
306: SZ
307: Sark
308: SouthAmerica
309: SoutheasternAsia
310: SouthernAfrica
311: SouthernAsia
312: SouthernEurope
313: SubSaharanAfrica
314: TC
315: TD
316: TF
317: TG
318: TH
319: TJ
320: TK
321: TL
322: TM
323: TN
324: TO
325: TR
326: TT
327: TV
328: TW
329: TZ
330: UA
331: UG
332: UK-DPA-2018
333: UK-GDPR
334: UM
335: US
336: US-AK
337: US-AL
338: US-AR
339: US-AS
340: US-AZ
341: US-CA
342: US-CA-CCPA
343: US-CA-CPRA
344: US-CO
345: US-CO-CPA
346: US-CT
347: US-CT-CTPA
348: US-DC
349: US-DE
350: US-FL
351: US-GA
352: US-GU
353: US-HI
354: US-IA
355: US-ID
356: US-IL
357: US-IN
358: US-KS
359: US-KY
360: US-LA
361: US-MA
362: US-MD
363: US-ME
364: US-MI
365: US-MN
366: US-MO
367: US-MP
368: US-MS
369: US-MT
370: US-NC
371: US-ND
372: US-NE
373: US-NH
374: US-NJ
375: US-NM
376: US-NV
377: US-NV-NPICICA
378: US-NY
379: US-OH
380: US-OK
381: US-OR
382: US-PA
383: US-PR
384: US-RI
385: US-SC
386: US-SD
387: US-TN
388: US-TX
389: US-UM
390: US-UT
391: US-UT-UCPA
392: US-VA
393: US-VA-VCDPA
394: US-VC
395: US-VI
396: US-VT
397: US-WA
398: US-WI
399: US-WV
400: US-WY
401: UY
402: UZ
403: VA
404: VC
405: VE
406: VG
407: VI
408: VN
409: VU
410: WF
411: WS
412: WesternAfrica
413: WesternAsia
414: WesternEurope
415: YE
416: YT
417: ZA
418: ZM
419: ZW
420: altLabel
421: iso_alpha2
422: iso_alpha3
423: iso_numeric
424: un_m49
Concepts Added 
1: DPA-EDPB
2: DPA-EDPS
3: DPA-IN
4: DPA-US-CA
5: DPA-US-VA
6: de-classes
7: eu-classes
8: gb-classes
9: ie-classes
10: in-classes
11: law-AIAct
12: law-BDSG
13: law-BE-BbgDSG
14: law-BE-BlnDSG
15: law-BW-LDSG
16: law-BY-BayDSG
17: law-CA-CCPA
18: law-CA-CPRA
19: law-CO-CPA
20: law-CT-CTPA
21: law-DGA
22: law-DMA
23: law-DPA
24: law-DPDP
25: law-DSA
26: law-DataAct
27: law-GDPR
28: law-HB-BremDSGVOAG
29: law-HE-HDISG
30: law-HH-HmbDSG
31: law-LSA-DSG
32: law-MV-DSG
33: law-NI-NDSG
34: law-NV-NPICICA
35: law-NW-DSG
36: law-RP-LDSG
37: law-SH-LDSG
38: law-SL-SDSG
39: law-SN-SächsDSG
40: law-TH-ThürDSG
41: law-UT-UCPA
42: law-VA-VCDPA
43: serialisation-html
44: serialisation-jsonld
45: serialisation-n3
46: serialisation-rdf
47: serialisation-ttl
48: us-classes
LOC total terms: 340 ; added: 8 ; removed: 128
Concepts Removed

NOTE: removed includes laws, authorities, etc. which have been moved to relevant LEGAL extensions in 2.0

 
1: Adequacy-EU-AD
2: Adequacy-EU-AR
3: Adequacy-EU-CA
4: Adequacy-EU-CH
5: Adequacy-EU-FO
6: Adequacy-EU-GB
7: Adequacy-EU-GG
8: Adequacy-EU-IL
9: Adequacy-EU-IM
10: Adequacy-EU-JE
11: Adequacy-EU-JP
12: Adequacy-EU-NZ
13: Adequacy-EU-UY
14: AdequacyConcepts
15: Africa
16: Americas
17: Asia
18: AustraliaandNewZealand
19: AuthoritiesConcepts
20: Caribbean
21: CentralAmerica
22: CentralAsia
23: ChannelIslands
24: DE-BDSG
25: DE-BE-BbgDSG
26: DE-BE-BlnDSG
27: DE-BW-LDSG
28: DE-BY-BayDSG
29: DE-HB-BremDSGVOAG
30: DE-HE-HDISG
31: DE-HH-HmbDSG
32: DE-LSA-DSG
33: DE-MV-DSG
34: DE-NI-NDSG
35: DE-NW-DSG
36: DE-RP-LDSG
37: DE-SH-LDSG
38: DE-SL-SDSG
39: DE-SN-SächsDSG
40: DE-TH-ThürDSG
41: DPA-AT
42: DPA-BE
43: DPA-BG
44: DPA-CZ
45: DPA-DE
46: DPA-DE-BB
47: DPA-DE-BE
48: DPA-DE-BY-non-public
49: DPA-DE-BY-public
50: DPA-DE-HB
51: DPA-DE-HE
52: DPA-DE-HH
53: DPA-DE-MV
54: DPA-DE-NI
55: DPA-DE-NW
56: DPA-DE-RP
57: DPA-DE-SH
58: DPA-DE-SL
59: DPA-DE-SN
60: DPA-DE-ST
61: DPA-DE-TH
62: DPA-DK
63: DPA-EE
64: DPA-ES
65: DPA-FI
66: DPA-FR
67: DPA-GB
68: DPA-GR
69: DPA-HR
70: DPA-HU
71: DPA-IE
72: DPA-IT
73: DPA-LT
74: DPA-LU
75: DPA-LV
76: DPA-MT
77: DPA-NL
78: DPA-PL
79: DPA-PT
80: DPA-RO
81: DPA-SE
82: DPA-SI
83: DPA-SK
84: DPA-US-CO
85: DPA-US-CT
86: DPA-US-NV
87: DPA-US-UT
88: DPA-US-VC
89: EU-GDPR
90: EUEEAConcepts
91: EasternAfrica
92: EasternAsia
93: EasternEurope
94: Europe
95: GB-DPA
96: GB-GDPR
97: LatinAmericaandtheCaribbean
98: LawConcepts
99: LocationConcepts
100: Melanesia
101: Micronesia
102: MiddleAfrica
103: NorthernAfrica
104: NorthernAmerica
105: NorthernEurope
106: Oceania
107: Polynesia
108: Sark
109: SouthAmerica
110: SoutheasternAsia
111: SouthernAfrica
112: SouthernAsia
113: SouthernEurope
114: SubSaharanAfrica
115: UK-DPA-2018
116: UK-GDPR
117: US-CA-CCPA
118: US-CA-CPRA
119: US-CO-CPA
120: US-CT-CTPA
121: US-NV-NPICICA
122: US-UT-UCPA
123: US-VA-VCDPA
124: US-VC
125: WesternAfrica
126: WesternAsia
127: WesternEurope
128: altLabel
Concepts Added 
1: locations-classes
2: locations-properties
3: memberships-classes
4: serialisation-html
5: serialisation-jsonld
6: serialisation-n3
7: serialisation-rdf
8: serialisation-ttl
TECH total terms: 134 ; added: 105 ; removed: 52
Concepts Removed

All concepts that described categories of technologies in relation to processing activities (e.g. data collection technology) or as technical measures (e.g. security technology) have been removed as they were creating a redundant duplicate taxonomy of concepts already in DPV. Instead the IntendedUse concept has been created to indicate what the technology is intended to be used for, and Function to indicate what functions the technology contains or is capable of.

 
1: ActorsConcepts
2: CommsConcepts
3: CoreConcepts
4: CovertSurveillanceTechnology
5: DataConcepts
6: DataCopyingTechnology
7: DataDisclosureTechnology
8: DataManagementTechnology
9: DataObtainingTechnology
10: DataOrganisingTechnology
11: DataRemovalTechnology
12: DataSecurityTechnology
13: DataStorageTechnology
14: DataTechnology
15: DataTransferTechnology
16: DataTransformationTechnology
17: DataUsageTechnology
18: DetectionSecurityTechnology
19: Entity
20: FileSystem
21: IdentityManagementTechnology
22: IdentityTechnology
23: IdentityWallet
24: Location
25: ManagementTechnology
26: MitigationSecurityTechnology
27: MonitoringSecurityTechnology
28: OperationDevice
29: OperationEnvironment
30: OperationManagement
31: OperationalTechnology
32: OpsConcepts
33: OvertSurveillanceTechnology
34: PET
35: PersonalInformationManagementSystem
36: PreventionSecurityTechnology
37: ProvisionConcepts
38: SecurityConcepts
39: SecurityManagementTechnology
40: SecurityTechnology
41: SurveillanceConcepts
42: SurveillanceTechnology
43: Technology
44: TechnologyActor
45: TechnologyDeveloper
46: TechnologyProvider
47: TechnologyProvisionMethod
48: TechnologySubject
49: TechnologyUsageLocation
50: TechnologyUser
51: ToolsConcepts
52: hasTechnologyActor
Concepts Added 
1: Actor
2: Android
3: AppStore
4: Auditor
5: CaaS
6: Capability
7: CloudService
8: CloudStorage
9: Customer
10: DataStorage
11: Deployer
12: DeploymentLocation
13: Designer
14: DesktopPC
15: Developer
16: DevelopmentPlan
17: Device
18: Distributor
19: Documentation
20: Evaluator
21: Function
22: GNULinux
23: Guide
24: Hardware
25: HybridCloudService
26: IaaS
27: Importer
28: Installer
29: Instructions
30: IntendedUse
31: LaptopPC
32: MBaaS
33: MSWindows
34: Maintainer
35: Manual
36: Manufacturer
37: MarketAvailabilityStatus
38: MarketAvailable
39: MarketUnavailable
40: MobilePhone
41: NotProvided
42: OS
43: Operator
44: Owner
45: PaaS
46: Partner
47: PersonalComputer
48: Plan
49: PrivateCloudService
50: Producer
51: Provided
52: Provider
53: ProvisionMethod
54: ProvisionStatus
55: PublicCloudService
56: Purchaser
57: SaaS
58: ServerlessComputing
59: Smartphone
60: Software
61: Specification
62: Subject
63: Supplier
64: SystemIntegrator
65: TechnologyStatus
66: Telephone
67: TestingPlan
68: User
69: actors-classes
70: actors-properties
71: comms-classes
72: core-classes
73: core-properties
74: docs-classes
75: hasActor
76: hasAuditor
77: hasCapability
78: hasCustomer
79: hasDeployer
80: hasDeploymentLocation
81: hasDesigner
82: hasEvaluator
83: hasFunction
84: hasInstaller
85: hasIntendedUse
86: hasMaintainer
87: hasManufacturer
88: hasMarketAvailabilityStatus
89: hasOwner
90: hasPartner
91: hasProducer
92: hasProvisionStatus
93: hasPurchaser
94: hasSupplier
95: hasSystemIntegrator
96: iOS
97: provision-classes
98: serialisation-html
99: serialisation-jsonld
100: serialisation-n3
101: serialisation-rdf
102: serialisation-ttl
103: status-classes
104: status-properties
105: tools-classes
EU-RIGHTS total terms: 68 ; added: 7 ; removed: 3
Concepts Removed

Removed concepts include typos e.g. Occupration -> Occupation, and concepts that are already in DPV e.g. DataSubjectRight.

 
1: A15-FreedomToChooseOccuprationEngageWork
2: DataSubjectRight
3: EUFundamentalRightsConcepts
Concepts Added 
1: A15-FreedomToChooseOccupationEngageWork
2: fundamental-classes
3: serialisation-html
4: serialisation-jsonld
5: serialisation-n3
6: serialisation-rdf
7: serialisation-ttl
RISK total terms: 369 ; added: 81 ; removed: 105
Concepts Removed

Removed concepts include risk assessment methods, risk management methodologies, and concepts that are already present in DPV e.g. Likelihood.

 
1: ACSC-ISM
2: ALARA
3: ALARP
4: ANSI-ISA-62443-3‑2-2020
5: BSI-200-2
6: BayesianAnalysis
7: BayesianNetworks
8: BowTie
9: Brainstorming
10: BusinessImpactAnalysis
11: CCRACII
12: CORAS
13: CRAMM
14: CVaR
15: CausalMapping
16: CauseConsequenceAnalysis
17: Checklists
18: Cindynic
19: Classifications
20: Consequence
21: ControlConsequence
22: ControlMonitors
23: ControlRiskSource
24: CostBenefitAnalysis
25: CrossImpactAnalysis
26: DPIA
27: DecisionTreeAnalysis
28: DelphiTechnique
29: EBIOS
30: ERM-IF
31: ETSI-TS-102-165-1
32: EU-ITSRM
33: ErrornousSystemUse
34: EventTreeAnalysis
35: FAIR
36: FAIR-Privacy
37: FMEA
38: FMECA
39: FNDiagrams
40: FaultTreeAnalysis
41: Fishbone
42: GCSOS
43: GameTheory
44: HACCP
45: HAZOP
46: HITRUST-CSF
47: HumanReliabilityAnalysis
48: IMO-MSC-FAL1-CIRC3
49: IRAM2
50: IS-BM
51: ISACA-RISK-IT
52: ISAMM
53: ISO-IEC-27005-2018
54: ISRAM
55: IT-Grundschutz
56: Impact
57: ImpacttoRights
58: InfluenceDiagrams
59: Interviews
60: LOPA
61: Likelihood
62: MAGERIT
63: MCA
64: MEHARI
65: MONARC
66: MarkovAnalysis
67: MonteCarloSimulation
68: NIST-SP-800-30
69: NIST-SP-800-37
70: NIST-SP-800-39
71: NIST-SP-800-82
72: NominalGroupTechnique
73: O-RA
74: OCTAVE
75: OCTAVE-ALLEGRO
76: OCTAVE-FORTE
77: OCTAVE-S
78: PIA
79: ParetoCharts
80: QualitativeRiskAssessmentTechnique
81: QuantitativeRiskAssessmentTechnique
82: ReliabilityCentredMaintenance
83: RiskAssessmentTechnique
84: RiskIndices
85: RiskLevel
86: RiskManagementMethodology
87: RiskManagementProcedure
88: RiskMitigationMeasure
89: RiskRegisters
90: Risk_AssessmentConcepts
91: Risk_ConsequencesConcepts
92: Risk_ControlsConcepts
93: Risk_LevelsConcepts
94: Risk_MatrixConcepts
95: Risk_MethodologyConcepts
96: SCurves
97: SFAIRP
98: SWIFT
99: ScenarioAnalysis
100: Severity
101: Surveys
102: Taxonomies
103: Toxicological
104: UnauthorisedReIdentification
105: VaR
Concepts Added 
1: AccidentalIncident
2: AvailabilityIncident
3: Benefit
4: Compensation
5: ConfidentialityIncident
6: ConsequenceControl
7: ContainmentControl
8: CrossBorderIncident
9: DeliberateIncident
10: DetectionControl
11: EnvironmentalIncident
12: ErroneousSystemUse
13: Fee
14: IdentificationControl
15: ImpactControl
16: ImpactToRights
17: Incident
18: IncidentAssessmentReport
19: IncidentConcluded
20: IncidentConcludingReport
21: IncidentDetectionReport
22: IncidentHalted
23: IncidentHandlingReport
24: IncidentIdentifier
25: IncidentImpactAssessment
26: IncidentMitigated
27: IncidentMitigationMeasure
28: IncidentNearMiss
29: IncidentNotice
30: IncidentOngoing
31: IncidentOngoingReport
32: IncidentPreliminaryReport
33: IncidentRegister
34: IncidentReport
35: IncidentStatus
36: IncidentStatusUnknown
37: IncidentSuspected
38: IncidentSuspectedReport
39: IncidentTerminated
40: IntegrityIncident
41: Misuse
42: MonitorControl
43: Payment
44: RecoveryControl
45: ReductionControl
46: RemedyControl
47: Renumeration
48: Reward
49: RiskAssessment
50: RiskControl
51: RiskManagement
52: RiskSource
53: SourceControl
54: Threat
55: ThreatSource
56: UnauthorisedReidentification
57: Vulnerability
58: causedByThreat
59: causedByVulnerability
60: core-classes
61: core-properties
62: exploitsVulnerability
63: hasControl
64: hasIncident
65: hasRiskSource
66: hasThreatSource
67: hasVulnerability
68: incident-classes
69: incident-status-classes
70: isExploitedBy
71: isVulnerabilityOf
72: refersToRisk
73: risk-consequences-classes
74: risk-controls-classes
75: risk-levels-classes
76: risk-matrix-classes
77: serialisation-html
78: serialisation-jsonld
79: serialisation-n3
80: serialisation-rdf
81: serialisation-ttl
AI total terms: 17 ; added: 17 ; removed: 0 (new extension)
Concepts Added 
1: AI
2: AISystem
3: Capability
4: Measure
5: Model
6: Risk
7: Technique
8: capabilities-classes
9: core-classes
10: measures-classes
11: risks-classes
12: serialisation-html
13: serialisation-jsonld
14: serialisation-n3
15: serialisation-rdf
16: serialisation-ttl
17: techniques-classes
Justifications total terms: 71 ; added: 71 ; removed: 0 (new extension)
Concepts Added 
1: CivilLawEnforcementImpaired
2: ComplexityOfProcess
3: ConfidentialityObligationCompromised
4: ConsentProvided
5: ContestAccuracy
6: ContractEstablishmentNecessity
7: ContractPerformanceNecessity
8: CrimeDetectionImpaired
9: CrimeInvestigationImpaired
10: CrimePenaltyExecutionImpaired
11: CrimePreventionImpaired
12: CrimeProsecutionImpaired
13: DataSubjectProtectionImpaired
14: DefenceImpaired
15: DelayJustification
16: DisproportionateEffortRequired
17: EntityAlreadyInformed
18: EthicsBreachDetectionImpaired
19: EthicsBreachInvestigationImpaired
20: EthicsBreachPreventionImpaired
21: EthicsBreachProsecutionImpaired
22: EthicsProcedureImpaired
23: ExerciseJustification
24: FreedomOfExpressionImpaired
25: FulfilmentImpossible
26: HighVolumeOfProcesses
27: IdentityVerificationFailure
28: IdentityVerificationRequired
29: InformationRequired
30: InformationSocietyServicesOffer
31: JudicialProceedingsImpaired
32: LegalClaimDefenceImpaired
33: LegalClaimEstablishmentImpaired
34: LegalClaimExerciseImpaired
35: LegalObligation
36: LegalProcessImpaired
37: LegalityLackingObjection
38: LegallyExempted
39: LegitimateInterestOverride
40: NationalSecurityImpaired
41: NonFulfilmentJustification
42: NonNecessityObjection
43: NotRequiredJustification
44: Objection
45: ObjectivesImpaired
46: OfficialAuthorityExerciseImpaired
47: OfficialStatisticsImpaired
48: ProcessExcessive
49: ProcessFrivolous
50: ProcessMalicious
51: ProcessRejected
52: ProcessSafeguarded
53: ProcessUnfounded
54: PublicHealthCompromised
55: PublicInterestArchivingImpaired
56: PublicInterestCompromised
57: PublicSecurityImpaired
58: RightsFreedomsImpactUnlikely
59: ScientificHistoricalResearchImpaired
60: SecurityImpaired
61: ThirdPartyRightsImpaired
62: UnlawfulActivityObjection
63: justifications-delay-classes
64: justifications-exercise-classes
65: justifications-nonfulfilment-classes
66: justifications-notrequired-classes
67: serialisation-html
68: serialisation-jsonld
69: serialisation-n3
70: serialisation-rdf
71: serialisation-ttl
EU-DGA total terms: 66 ; added: 66 ; removed: 0 (new extension)
Concepts Added 
1: A12-e-Exchange-Approval
2: A2-6-Permission
3: A31-2-Transfer-Agreement
4: A31-3-Third-Country-Judgement
5: A5-11-MCC
6: A5-12-Adequacy-Decision
7: A5-9-Transfer-Permission
8: DAORegister
9: DAORegisterEU
10: DAORegisterNational
11: DISP
12: DISPEUApproval
13: DISPForDataHolder
14: DISPForDataSubject
15: DISPNotice
16: DISPRegister
17: DataAltruismAnnualReport
18: DataAltruismAuthority
19: DataAltruismNotice
20: DataAltruismOrganisation
21: DataAltruismRecord
22: DataAssetList
23: DataCooperative
24: DataCooperativeService
25: DataHolder
26: DataIntermediationAuthority
27: DataIntermediationRecord
28: DataIntermediationService
29: DataIntermediationServiceBetweenHoldersUsers
30: DataIntermediationServiceBetweenSubjectsUsers
31: DataReuseAssistant
32: DataReuseRequest
33: DataUser
34: EUDataAltruismConsentForm
35: EUSIPProvider
36: EuropeanDataInnovationBoard
37: LocalSIPProvider
38: NationalDataAltruismPolicy
39: NationalSIPProvider
40: PersonalDataReuseNotice
41: RegionalSIPProvider
42: RightToDataConversionOptOut
43: RightToImpartialReview
44: RightToLodgeComplaint
45: SIPProvider
46: SectorialSIPProvider
47: SecureProcessingEnvironment
48: SingleInformationPoint
49: ThirdCountryDataRequestNotice
50: entities-classes
51: entities-properties
52: hasDAO
53: hasDISP
54: hasDataHolder
55: hasDataReuseAssistant
56: hasDataUser
57: legal-basis-classes
58: legal-rights-classes
59: registers-classes
60: serialisation-html
61: serialisation-jsonld
62: serialisation-n3
63: serialisation-rdf
64: serialisation-ttl
65: services-classes
66: toms-classes
EU-AIAct total terms: 87 ; added: 87 ; removed: 0 (new extension)
Concepts Added 
1: AIDeployer
2: AIDistributor
3: AIImporter
4: AILiteracy
5: AIOffice
6: AIOperator
7: AIProductManufacturer
8: AIProvider
9: AIRegulatorySandbox
10: AISystem
11: AISystemPerformance
12: AuthorisedRepresentative
13: AvailableOnEUMarket
14: AvailableOnMarket
15: AvailableOnNonEUMarket
16: Biometric
17: BiometricCategorisation
18: BiometricCategorisationSystem
19: BiometricIdentification
20: BiometricIdentityVerification
21: CEMarking
22: CommonSpecification
23: ConformityAssessment
24: ConformityAssessmentBody
25: CriticalInfrastructure
26: DeepFake
27: DownstreamAIProvider
28: EmotionRecognition
29: EmotionRecognitionSystem
30: FRIA
31: GPAIModel
32: GPAISystem
33: HighImpactCapabilityGPAIModel
34: HighRiskAIAssessment
35: InformedConsent
36: InstructionForUse
37: IntendedPurpose
38: LawEnforcement
39: MarketAvailabilityStatus
40: MarketPlacementStatus
41: MarketSurveillanceAuthority
42: NationalCompetentAuthority
43: NotAvailableOnMarket
44: NotPutIntoService
45: NotifiedBody
46: NotifyingAuthority
47: PlacedOnEUMarket
48: PlacedOnMarket
49: PostMarketMonitoringSystem
50: PostRemoteBiometriIdentificationSystem
51: PubliclyAccessibleSpace
52: PutIntoService
53: PutIntoServiceInEU
54: RealWorldTestSubject
55: RealWorldTestingPlan
56: RealtimeRemoteBiometriIdentificationSystem
57: ReasonablyForeseeableMisuse
58: RecalledFromService
59: RemoteBiometricIdentificationSystem
60: Risk
61: RiskManagementSystem
62: SafetyComponent
63: SandboxPlan
64: SeriousIncident
65: ServiceSupplyStatus
66: SubstantialModification
67: SystemicRiskAtEU
68: TechnicalDocumentation
69: TestingData
70: TestingRealWorldConditions
71: TrainingData
72: ValidationData
73: WithdrawnFromService
74: assessment-classes
75: capability-classes
76: data-classes
77: docs-classes
78: misc-classes
79: risk-classes
80: roles-classes
81: serialisation-html
82: serialisation-jsonld
83: serialisation-n3
84: serialisation-rdf
85: serialisation-ttl
86: status-classes
87: system-classes
EU-NIS2 total terms: 14 ; added: 14 ; removed: 0 (new extension)
Concepts Added 
1: EarlyWarningReport
2: FinalReport
3: IncidentAssessmentReport
4: InitialFeedbackOnIncident
5: IntermediateReport
6: ProgressReport
7: RiskMitigationAdvice
8: SignificantIncidentNotice
9: notice-classes
10: serialisation-html
11: serialisation-jsonld
12: serialisation-n3
13: serialisation-rdf
14: serialisation-ttl
LEGAL-IE total terms: 8 ; added: 8 ; removed: 0 (new extension)
Concepts Added 
1: DPA-IE
2: ie-classes
3: law-DPA
4: serialisation-html
5: serialisation-jsonld
6: serialisation-n3
7: serialisation-rdf
8: serialisation-ttl
LEGAL-IN total terms: 8 ; added: 8 ; removed: 0 (new extension)
Concepts Added 
1: DPA-IN
2: in-classes
3: law-DPDP
4: serialisation-html
5: serialisation-jsonld
6: serialisation-n3
7: serialisation-rdf
8: serialisation-ttl
LEGAL-DE total terms: 40 ; added: 40 ; removed: 0 (new extension)
Concepts Added 
1: DPA-DE
2: DPA-DE-BB
3: DPA-DE-BE
4: DPA-DE-BY-non-public
5: DPA-DE-BY-public
6: DPA-DE-HB
7: DPA-DE-HE
8: DPA-DE-HH
9: DPA-DE-MV
10: DPA-DE-NI
11: DPA-DE-NW
12: DPA-DE-RP
13: DPA-DE-SH
14: DPA-DE-SL
15: DPA-DE-SN
16: DPA-DE-ST
17: DPA-DE-TH
18: de-classes
19: law-BDSG
20: law-BE-BbgDSG
21: law-BE-BlnDSG
22: law-BW-LDSG
23: law-BY-BayDSG
24: law-HB-BremDSGVOAG
25: law-HE-HDISG
26: law-HH-HmbDSG
27: law-LSA-DSG
28: law-MV-DSG
29: law-NI-NDSG
30: law-NW-DSG
31: law-RP-LDSG
32: law-SH-LDSG
33: law-SL-SDSG
34: law-SN-SächsDSG
35: law-TH-ThürDSG
36: serialisation-html
37: serialisation-jsonld
38: serialisation-n3
39: serialisation-rdf
40: serialisation-ttl
LEGAL-GB total terms: 9 ; added: 9 ; removed: 0 (new extension)
Concepts Added 
1: DPA-GB
2: gb-classes
3: law-DPA
4: law-GDPR
5: serialisation-html
6: serialisation-jsonld
7: serialisation-n3
8: serialisation-rdf
9: serialisation-ttl
LEGAL-US total terms: 19 ; added: 19 ; removed: 0 (new extension)
Concepts Added 
1: DPA-US-CA
2: DPA-US-CO
3: DPA-US-CT
4: DPA-US-NV
5: DPA-US-UT
6: DPA-US-VA
7: law-CA-CCPA
8: law-CA-CPRA
9: law-CO-CPA
10: law-CT-CTPA
11: law-NV-NPICICA
12: law-UT-UCPA
13: law-VA-VCDPA
14: serialisation-html
15: serialisation-jsonld
16: serialisation-n3
17: serialisation-rdf
18: serialisation-ttl
19: us-classes
LEGAL-EU total terms: 27 ; added: 27 ; removed: 0 (new extension)
Concepts Added 
1: Adequacy-EU-AD
2: Adequacy-EU-AR
3: Adequacy-EU-CA
4: Adequacy-EU-CH
5: Adequacy-EU-FO
6: Adequacy-EU-GB
7: Adequacy-EU-GG
8: Adequacy-EU-IL
9: Adequacy-EU-IM
10: Adequacy-EU-JE
11: Adequacy-EU-JP
12: Adequacy-EU-NZ
13: Adequacy-EU-UY
14: DPA-EDPB
15: DPA-EDPS
16: eu-classes
17: law-AIAct
18: law-DGA
19: law-DMA
20: law-DSA
21: law-DataAct
22: law-GDPR
23: serialisation-html
24: serialisation-jsonld
25: serialisation-n3
26: serialisation-rdf
27: serialisation-ttl

Changes to Development Process

The following will represent the development process going ahead:

  1. Stable main branch: All developments will take place on the dev branch. The main will be updated only for future releases and bugfixes regarding DPV and its extensions, and for posting minutes for the DPVCG meetings. Note: versions are labelled with git tags and are published using GitHub releases.
  2. Announcement for releases: The issue #145 will act as a 'sticky' board and will be used to post announcements regarding releases, fixes, and other relevant news. Adopters can subscribe to this issue to be notified.
  3. Better issue management: The current set of issues will be refactored to streamline the discussions, including a revamp of the tags to reflect which extensions are being discussed in the issue and the nature of discussion (e.g. new concepts, changes to documentation).
  4. More guides and tutorials: The DPVCG has planned to provide more guides and tutorials to support the adoption and use of DPV. A tentative list can be found at the guides page.
  5. Multilingual support: This feature is planned for future releases where the DPV concepts will be provided with labels, definitions, and notes in more languages. Planned languages include Italian, French, German, and Spanish. If you are interested in having another language added, please discuss in issue#89.
  6. Frequent Releases: the time from initiation of DPV to its publication as 1.0 was approximately 4 years, and that between 1.0 and 2.0 is approximately 2 years. Going ahead, we plan to provide more frequent releases, with an aim of 2 per year.

Contributors

Thanks to the following members of the DPVCG:

Also thanks to the following people: