Semantic Modelling of Contextual Integrity for the General Data Protection Regulation
Dave Lewis, SCSS/TCD
12-1pm 25th Nov 2016
The General Data Protection Regulation (GDPR) passed into EU Law in 2016 and companies handling personal data of EU citizens must now prepare for its enforcement from 2018. While similar in some respects to the existing Data Protection Directive, the GDPR places more emphasis on companies to show they have informed consent from users on the purposes to which personal data is put and it greatly increases the financial penalties of failing to comply with the regulation. It is challenging however to development models for the compliance of data analysis and management systems when key legal concepts such as 'personal' data and 'purpose' are frequently impacted by the rapid technological and business change impacting those systems. Such frequent change can raise the cost and reduce the effectiveness of regulatory compliance. We examine how existing open semantic data vocabularies can be used to increase the responsiveness and transparency of the information flow modelling that is key to data protection compliance work. In particular, we explore ways to detect changes in the context in which permission for personal data usage was granted, and the challenges involved in making this sufficiently comprehensive to assist in ongoing GDPR compliance analysis.
David Lewis is a director of the ADAPT Centre, leading its research on digital content and data management as well as its programme of industry co-funded research projects. His research addresses Engineering of Management Knowledge to deliver new semantic models that can accelerate decision-making in the Telecoms Management, Building Management and, most recently, Digital Content Management domains. His work uses open vocabularies to model the semantics of resource meta-data and operational policy rules to reduce the barriers to exchanging this knowledge between organisations and to improve automation in management tools. He collaborates with companies on these problems and on interoperability solutions to integrate language technologies into multilingual digital content process chains. He represented TCD at the World Wide Web Consortium and co-chaired the working group that developed the ITS2.0 standard for multilingual content meta-data. His current interests include modelling contextual integrity for personal data management, and the analysis and management of data ethics.
Large Conference Room, O'Reilly Institute