Meeting minutes
Repository: w3c/dpv
Meeting minutes: https://
purl for this meeting: https://
EHDS
<ghurlbot> Issue 238 Update EHDS extension with practical concepts (by coolharsh55)
beatrizEsteves: We should extend the EHDS extension - this is needed for the PACSOI project
harsh: what is the specific focus or where would DPV be used in the project?
beatrizEsteves: Need concepts representing what's in the EHDS - particular for consent for seconday use of health data.
harsh: Okay, so this means we expand upon what we have. I think we also don't have the concept of primary and secondary uses. We should prioritise this. Let's put it on the agenda for 20th to discuss this.
No updates
AI Training
<ghurlbot> Issue 82 Provide vocabulary to specify purposes and permissions related to AI training (by scottkellum)
no updates, see previous minutes
Subjective Locations
<ghurlbot> Issue 209 [Concept]: `AtX` subjective Location concepts (by coolharsh55)
no updates, see previous minutes
Inverted Locations
<ghurlbot> Issue 208 [Concept]: Add Non-X (X = specific location) to represent locations that are not X (by coolharsh55)
no updates, see previous minutes
Uncategorised/Unstructured Data
<ghurlbot> Issue 240 Add `UnstructuredData` and `UncategorisedData` concepts/properties (by coolharsh55)
paulRyan: +1
beatrizEsteves: +1
accepted
Professionally Confidential Data
<ghurlbot> Issue 241 [Concept]: Add professional secrecy/confidentiality (by daniwelter)
harsh: proposal based on Luxembourgish DGA implementation (bill) which mentions categorisation of confidential data based on professional secrecy e.g. doctor-patient.
beatrizEsteves: Will this be in the Luxembourgish extension?
harsh: For the general concept, no - in main DPV as the concept isn't defined in law but is dependant on common use. For the specific concepts defined in the law they will go in the extension.
beatrizEsteves: Do we add this to the DGA extension then?
harsh: also no, because DGA doesn't define this concept - just mentions it as if it was externally defined / known. This mean we put it in to DPV.
accepted
Smartphone/Device Data
<ghurlbot> Issue 244 [Concept]: Enhancements for Personal Data Types (by nihadatakishiyev)
harsh: proposal to add data concepts based on research into smartphone/device identifiers etc.
julianFlake: IMEI or IMEI address? MEID - similar identifier but no suffix address? Ask the proposers to describe terms precisely
harsh: assuming we get the naming etc. correct - should we add these?
beatrizEsteves: DeviceInfo - not sure what it is adding
julianFlake: ask the proposers to give sources - why this term and why not others
harsh: browser cookie ? problem is cookie is storage … what is we create a concept for data in cookie e.g. CookieData?
julianFlake: makes sense, cookie is a technology and it may contain some personal data like identifier, etc. So cookie is only used as a technology, and then the data in it is expressed separately
harsh: AuthenticationProvider? We have SSO, and tech:hasProvider - do we need a specific concept or the combination is enough?
julianFlake: do we have identity provider?
harsh: defer this for when we discuss identity - relevant for laws like eID etc.
julianFlake: again we should ask for a source /definition so we can see if this is a generic term or a specific one
proposer to provide information and refine the concepts
Datasheets/Model Cards
<ghurlbot> Issue 94 Represent Datasheets and Model Cards with DPV (by coolharsh55)
harsh: I'm teaching Datasheets and Model Cards as part of my Data Governance course this year. We had discussed this previously, and agreed it is in scope of DPV, and should be added. Now I'm working on specific proposals. The question for the group is whether we should just mirror what is in the Datasheets / Model Cards (information) or we should also discuss and expand on it by providing more things like alignment with GDPR or specific additional things we have in DPV like entity involvements and controls.
delaramGolpayegani: We add these, and we can show how information can be generated using SPARQL queries, etc. - so to show these documentations can be generated from existing data. This will also help with AI Act's technical documentation for example.
harsh: The idea/question is more similar to how in the consent guide we have comparison with ISO standard and GDPR - similarly here we can do something like this for GDPR and AI Act to show how DPV also helps with legal compliance and not just documentation.
harsh will share work to continue the discussion
Next Meeting
The next meeting will be on MAR-13 Thursday 13:30WET/14:30CET
Agenda will be reviewing and finalising release of v2.1, and continuing discussion on topics started under v2.2