Meeting minutes
Repository: w3c/dpv
Meeting minutes: https://
purl for this meeting: https://
2.1 release
<ghurlbot> Issue 235 DPV v2.1-RC hotfixes and feedback (by coolharsh55)
no major issues or fixes identified - group agrees to publish DPV 2.1
AI Training
<ghurlbot> Issue 82 Provide vocabulary to specify purposes and permissions related to AI training (by scottkellum)
harsh: (summarised the discussion and proposed solutions - what we need to decide is whether this is the correct approach to move ahead)
julioHernandez: In the description of this issue, what is meant by permission/prohibition?
harsh: The original issue raised the question of how to express AI training is prohibited over some data or webpage. So the discussion led to consider how do we express AI training, how do we express over what it applies and where it occurs - this is where we have the proposed concepts and why I prefer using dpv:Process
to group them together rather than inventing a new way only for AI training. Then we can use our existing concepts to express rules e.g. training must occur only on device as an obligation - but this doesn't cover it must not occur outside the device (unless we have a concept called OnlyOnDevice
), so for this then we also need concepts like on-device and outside-device so we can express the stated use-case. Then these concepts would also be helpful for efforts like ODRL to use in their structure to have more complex policies and licenses using our vocabulary.
Subjective Locations
<ghurlbot> Issue 209 [Concept]: `AtX` subjective Location concepts (by coolharsh55)
harsh: (summarised the discussion and proposed solutions - what we need to decide is whether this is the correct approach to move ahead)
ACTION: Add proposed taxonomy for subjective locations to LOC for discussion
Inverted Locations
<ghurlbot> Issue 208 [Concept]: Add Non-X (X = specific location) to represent locations that are not X (by coolharsh55)
harsh: (summarised the discussion and proposed solutions - what we need to decide is whether this is the correct approach to move ahead)
ACTION: create HTML output to discuss inverted locations with examples
Uncategorised/Unstructured Data
<ghurlbot> Issue 240 Add `UnstructuredData` and `UncategorisedData` concepts/properties (by coolharsh55)
julianFlake: What are the definitions of these? Does it mean we will also have or need a concept like UncategorisedPersonalData
to distinguish when e.g. GDPR special categories have not been identified within some personal data?
harsh: Yes, that is a possibility, for example to note in a ROPA that we don't know what special categories are involved. Similarly, in theory, there could be categorisations for sensitive data.
julianFlake: Make it explicit that it is explicitly not categorised as personal or non-personal data - if any other categories have to included - make a different concept.
ACTION: Add note to uncategorised data that states this is only regarding personal data
julian: For unstructured data, semi-structured data should also be considered
ACTION: Add proposal to unstructured data for semi-structured data
Professionally Confidential Data
<ghurlbot> Issue 241 [Concept]: Add professional secrecy/confidentiality (by daniwelter)
accepted
Smartphone/Device Data
<ghurlbot> Issue 244 [Concept]: Enhancements for Personal Data Types (by nihadatakishiyev)
requested revision from proposers, no further updates
Datasheets/Model Cards
<ghurlbot> Issue 94 Represent Datasheets and Model Cards with DPV (by coolharsh55)
delaramGolpayegani: How will this be done / implemented?
harsh: I'm taking the questions in the documents and treating them as information fields, then matching them with DPV concepts and seeing how much can be represented using DPV itself, and what is needed additionally. Based on this, will have proposals for adding concepts, and developing technical specifications. At the moment, this is ongoing work, so don't have concrete outputs to present for DPV concepts.
harsh: (to Delaram) are there any standards works that provide datasheets or model cards?
delaramGolpayegani: There is a transparency standard in harmonised standard request. Other than that, no specific standard directly for these, but ISO/IEC 12792 AI transparency standard mentions these in the Annex.
AOB
27560 revision
harsh: With Jan Lindquist, we have made a proposal to ISO SC27/WG5 group which will revise 27560 to enable records for any legal basis. This is heavily based on work in DPVCG and Paul's thesis regarding ROPA for GDPR implementations in EU/EEA
Purpose x Data combinations
iainHenderson: Have a proposal on modelling combinations of purpose, data, and legal bases that are commonly used.
harsh: Let's discuss next week with some examples for the proposal, so we have it on the agenda.
Next Meeting
The next meeting will be on MAR-20 Thursday 13:30WET/14:30CET
Agenda will be continuing discussion on topics started under v2.2 and any other updates that come up.