The Justification extension provides a taxonomy extending the Data Privacy Vocabulary (DPV) Specification concept Justification to enable representing specific justifications associated with non-fulfilment, non-requirement, delays, and exercising reasons involved in processes. The namespace for terms in justifications is https://www.w3id.org/dpv/justifications#, the suggested prefix is justifications, and the justifications vocabulary and its documentation is available on GitHub.
Contributing: The DPVCG welcomes participation to improve the DPV and associated resources, including expansion or refinement of concepts, requesting information and applications, and addressing open issues. See contributing guide for further information.
GitHub Issues are preferred for
discussion of this specification.
1. DPV and Related Resources
Data Privacy Vocabulary (DPV) Specification: is the base/core specification for the 'Data Privacy Vocabulary', which is extended for Personal Data [PD], Locations [LOC], Risk Management [RISK], Technology [TECH], and [AI]. Specific [LEGAL] extensions are also provided which model jurisdiction specific regulations and concepts . To support understanding and applications of [DPV], various guides and resources [GUIDES] are provided, including a [PRIMER]. A Search Index of all concepts from DPV and extensions is available.
[DPV] and related resources are published on GitHub. For a general overview of the Data Protection Vocabularies and Controls Community Group [DPVCG], its history, deliverables, and activities - refer to DPVCG Website. For meetings, see the DPVCG calendar.
The peer-reviewed article “Creating A Vocabulary for Data Privacy” presents a historical overview of the DPVCG, and describes the methodology and structure of the DPV along with describing its creation. An open-access version can be accessed here, here, and here. The article Data Privacy Vocabulary (DPV) - Version 2, accepted for presentation at the 23rd International Semantic Web Conference (ISWC 2024), describes the changes made in DPV v2.
2. Introduction
DPV provides the concept Justification and relation hasJustification to provide reasons or explanations in specific contexts. For example, where a right could not be fulfilled due to the identity of the individual not being established or where a request was deemed as being too excessive and burdensome to undertake. Justifications also represent reasons why a process must be undertaken, for example why a particular objection is being made or why a specific activity is asked to be undertaken. To support the expression of such specific justifications, this extension provides concepts extending dpv:Justification.
Justifications can be found in regulations as exceptions to obligations - for example in GDPR Article 12-5 the justification "requests ... are manifestly unfounded or excessive" is mentioned. Justifications can also be identified through practical applications and use-cases, such as where organisations and data subjects commonly need to state reasons or explanations. As such, the DPVCG strives to provide a rich and comprehensive taxonomy of justifications and welcomes contributions for the same.
Note: Associating justifications with regulations, e.g., GDPR
3. Justification Types
Justifications are broadly categorised as:
NotRequiredJustification: Justification to reject or not complete a process as it is not required or is not applicable
NonFulfilmentJustification: Justification for not fulfilling a process or requirement or obligation
DelayJustification: Justification to delay a process
ExerciseJustification: Justification for why the process should be carried out
This categorisation is not exact and mutually exclusive, but is provided as a convenience to organise the concepts in a comprehensible hierarchy. For example, a justification concept declared as DelayJustification can still be used as a NonFulfilmentJustification within a use-case.
3.1 Not-Required
Situations where a particular process is not-required or applicable have justifications of type NotRequiredJustification.
justifications:NotRequiredJustification: Justification to reject or not complete a process as it is not required or isn't applicable
go to full definition
justifications:ProcessSafeguarded: Justification that the process is not required as it is safeguarded by appropriate technical and organisational measures
go to full definition
justifications:RightsFreedomsImpactUnlikely: Justification that the process is not required as it is considered to be an unlikely impact on rights and freedoms
go to full definition
3.2 Non-Fulfilment
Where a particular process cannot be fulfilled, the relevant justification or reason is expressed using the concept NonFulfilmentJustification.
justifications:NonFulfilmentJustification: Justification for not fulfilling a process or requirement or obligation
go to full definition
justifications:ConsentProvided: Justification that the process could not be fulfilled or was not successful because it is based on (a previously given) consent
go to full definition
justifications:DisproportionateEffortRequired: Justification that the process could not be fulfilled or was not successful because it requires a disproportionate effort
go to full definition
justifications:EntityAlreadyInformed: Justification that the process could not be fulfilled or was not successful because the entity already has the information
go to full definition
justifications:EthicsProcedureImpaired: Justification that the process could not be fulfilled or was not successful because it would compromise ethics or ethics procedures
go to full definition
justifications:EthicsBreachDetectionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the detection of breaches of ethics for regulated professions
go to full definition
justifications:EthicsBreachInvestigationImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the investigation of breaches of ethics for regulated professions
go to full definition
justifications:EthicsBreachPreventionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the prevention of breaches of ethics for regulated professions
go to full definition
justifications:EthicsBreachProsecutionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the prosecution of breaches of ethics for regulated professions
go to full definition
justifications:FulfilmentImpossible: Justification that the process could not be fulfilled or was not successful because it is impossible to fulfil
go to full definition
justifications:LegalProcessImpaired: Justification that the process could not be fulfilled as it impairs or interferes with a legal or official process or procedure
go to full definition
justifications:CivilLawEnforcementImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the enforcement of civil laws, including civil claims
go to full definition
justifications:ConfidentialityObligationCompromised: Justification that the process could not be fulfilled or was not successful because it would compromise a confidentiality obligation
go to full definition
justifications:ContractEstablishmentNecessity: Justification that the process could not be fulfilled or was not successful because it is necessary for entering into a contract
go to full definition
justifications:ContractPerformanceNecessity: Justification that the process could not be fulfilled or was not successful because it is necessary for the performance of a contract
go to full definition
justifications:CrimeDetectionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the detection of criminal offences
go to full definition
justifications:CrimeInvestigationImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the investigation of criminal offences
go to full definition
justifications:CrimePenaltyExecutionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the execution of criminal penalties
go to full definition
justifications:CrimePreventionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the prevention of criminal offences
go to full definition
justifications:CrimeProsecutionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the prosecution of criminal offences
go to full definition
justifications:DataSubjectProtectionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the protection of the data subject
go to full definition
justifications:DefenceImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks to safeguard defence
go to full definition
justifications:FreedomOfExpressionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the right of freedom of expression and information of others
go to full definition
justifications:IdentityVerificationFailure: Justification that the process could not be fulfilled or was not successful because identity verification failed
go to full definition
justifications:JudicialProceedingsImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the protection of judicial independence and proceedings
go to full definition
justifications:LegalClaimDefenceImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the defence of legal claims
go to full definition
justifications:LegalClaimEstablishmentImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the establishment of legal claims
go to full definition
justifications:LegalClaimExerciseImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the exercise of legal claims
go to full definition
justifications:LegallyExempted: Justification that the process could not be fulfilled or was not successful because it falls under legal exemption i.e. a law allows the non-fulfilment
go to full definition
justifications:NationalSecurityImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks to safeguard national security
go to full definition
justifications:OfficialAuthorityExerciseImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the exercise of official authorities
go to full definition
justifications:OfficialStatisticsImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with official statistics
go to full definition
justifications:PublicHealthCompromised: Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks carried out for public health reasons
go to full definition
justifications:PublicInterestArchivingImpaired: Justification that the process could not be fulfilled or was not successful because it impairs archiving for public interest
go to full definition
justifications:PublicInterestCompromised: Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks carried out for public interest
go to full definition
justifications:PublicSecurityImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks to safeguard public security
go to full definition
justifications:ThirdPartyRightsImpaired: Justification that the process could not be fulfilled or was not successful because it would affect the rights and freedoms of others
go to full definition
justifications:LegitimateInterestOverride: Justification that the process could not be fulfilled or was not successful because the legitimate interest of the controller overrides the interests or rights of the data subject
go to full definition
justifications:ObjectivesImpaired: Justification that the process could not be fulfilled or was not successful because it impairs the objectives of associated context
go to full definition
justifications:ProcessRejected: Justification that the process could not be fulfilled because of one of more reasons associated with the process itself e.g. it was excessive, malicious, etc.
go to full definition
justifications:ProcessExcessive: Justification that the process could not be fulfilled or was not successful because it was found to be excessive in nature
go to full definition
justifications:ProcessFrivolous: Justification that the process could not be fulfilled or was not successful because it was found to be based on frivolous reasons
go to full definition
justifications:ProcessMalicious: Justification that the process could not be fulfilled or was not successful because it was found to be malicious e.g. with intent to cause disruption or harassment
go to full definition
justifications:ProcessUnfounded: Justification that the process could not be fulfilled or was not successful because it was found to be based on manifestly unfounded reasons
go to full definition
justifications:ScientificHistoricalResearchImpaired: Justification that the process could not be fulfilled or was not successful because it impairs scientific or historical research
go to full definition
justifications:SecurityImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with tasks required for maintaining security
go to full definition
justifications:CrimeDetectionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the detection of criminal offences
go to full definition
justifications:CrimeInvestigationImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the investigation of criminal offences
go to full definition
justifications:CrimePenaltyExecutionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the execution of criminal penalties
go to full definition
justifications:CrimePreventionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the prevention of criminal offences
go to full definition
justifications:CrimeProsecutionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the prosecution of criminal offences
go to full definition
justifications:DataSubjectProtectionImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with the protection of the data subject
go to full definition
justifications:DefenceImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks to safeguard defence
go to full definition
justifications:IdentityVerificationFailure: Justification that the process could not be fulfilled or was not successful because identity verification failed
go to full definition
justifications:NationalSecurityImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks to safeguard national security
go to full definition
justifications:PublicSecurityImpaired: Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks to safeguard public security
go to full definition
3.3 Delay
Where a particular process is delayed, the justifications are represented through the concept DelayJustification.
justifications:DelayJustification: Justification to delay a process
go to full definition
justifications:ComplexityOfProcess: Justification that the process is delayed due to complexity in fulfilling it
go to full definition
justifications:HighVolumeOfProcesses: Justification that the process is delayed due to high volume of similar processes required to be fulfilled
go to full definition
justifications:IdentityVerificationRequired: Justification that the process could not be fulfilled or was not successful because identity verification is required
go to full definition
justifications:InformationRequired: Justification that the process is delayed due to additional information being required
go to full definition
3.4 Exercise
To indicate why a particular process must be undertaken or is being requested, the justifications are represented using the concept ExerciseJustification.
justifications:ExerciseJustification: Justification for why the process should be carried out
go to full definition
justifications:InformationSocietyServicesOffer: Justification that the process should be carried out due to it being related to the offer of information society services
go to full definition
justifications:LegalObligation: Justification that the process should be carried out due to it being a legal obligation
go to full definition
justifications:Objection: Justification that the process should be carried out due to specified objection(s)
go to full definition
justifications:ContestAccuracy: Justification that the process should be carried out due it being an objection to the accuracy e.g. of system, outputs, data
go to full definition
justifications:LegalityLackingObjection: Justification that the process should be carried out due to it being an objection to the lack of further legality or legal basis of specified context
go to full definition
justifications:NonNecessityObjection: Justification that the process should be carried out due to it being an objection to the non-necessity of specified context
go to full definition
justifications:UnlawfulActivityObjection: Justification that the process should be carried out due to it being an objection of unlawful activity
go to full definition
Justification that the process could not be fulfilled or was not successful because it would interfere with the enforcement of civil laws, including civil claims
Justification that the process could not be fulfilled or was not successful because it would interfere with the detection of breaches of ethics for regulated professions
Justification that the process could not be fulfilled or was not successful because it would interfere with the investigation of breaches of ethics for regulated professions
Justification that the process could not be fulfilled or was not successful because it would interfere with the prevention of breaches of ethics for regulated professions
Justification that the process could not be fulfilled or was not successful because it would interfere with the prosecution of breaches of ethics for regulated professions
Justification that the process could not be fulfilled or was not successful because it would interfere with the right of freedom of expression and information of others
Justification that the process could not be fulfilled or was not successful because it would interfere with the protection of judicial independence and proceedings
Justification that the process could not be fulfilled or was not successful because it falls under legal exemption i.e. a law allows the non-fulfilment
Justification that the process could not be fulfilled or was not successful because the legitimate interest of the controller overrides the interests or rights of the data subject
Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks to safeguard national security
Justification that the process could not be fulfilled or was not successful because it was found to be malicious e.g. with intent to cause disruption or harassment
Justification that the process could not be fulfilled because of one of more reasons associated with the process itself e.g. it was excessive, malicious, etc.
Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks carried out for public health reasons
Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks carried out for public interest
Justification that the process could not be fulfilled or was not successful because it would interfere with necessary tasks to safeguard public security
DPV uses the following terms from [RDF] and [RDFS] with their defined meanings:
rdf:type to denote a concept is an instance of another concept
rdfs:Class to denote a concept is a Class or a category
rdfs:subClassOf to specify the concept is a subclass (subtype, sub-category, subset) of another concept
rdf:Property to denote a concept is a property or a relation
The following external concepts are re-used within DPV:
5. Contributors
The following people have contributed to this vocabulary. The names are ordered alphabetically. The affiliations are informative do not represent formal endorsements. Affiliations may be outdated. The list is generated automatically from the contributors listed for defined concepts.
Beatriz Esteves (IDLab, IMEC, Ghent University)
Harshvardhan J. Pandit (ADAPT Centre, Dublin City University)
Funding Acknowledgements
Funding Sponsors
The DPVCG was established as part of the SPECIAL H2020 Project, which received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 731601 from 2017 to 2019.
Harshvardhan J. Pandit was funded to work on DPV from 2020 to 2022 by the Irish Research Council's Government of Ireland Postdoctoral Fellowship Grant#GOIPD/2020/790.
The ADAPT SFI Centre for Digital Media Technology is funded by Science Foundation Ireland through the SFI Research Centres Programme and is co-funded under the European Regional Development Fund (ERDF) through Grant#13/RC/2106 (2018 to 2020) and Grant#13/RC/2106_P2 (2021 onwards).
Funding Acknowledgements for Contributors
The contributions of Beatriz Esteves have received funding through the PROTECT ITN Project from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 813497.
The contributions of Harshvardhan J. Pandit have been made with the financial support of Science Foundation Ireland under Grant Agreement No. 13/RC/2106_P2 at the ADAPT SFI Research Centre.