Semantic Based Consent Permission and Data Management Model Kaniz Fatema Ensar Hadziselimovic Harshvardhan Pandit Christophe Debruyne Dave Lewis Declan OSullivan ID: 1002106
Download Presentation The PPT/PDF document "Compliance through Informed Consent:" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
1. Compliance through Informed Consent: Semantic Based Consent Permission and Data Management Model Kaniz Fatema, Ensar Hadziselimovic, Harshvardhan Pandit, Christophe Debruyne, Dave Lewis, Declan O’Sullivan ADAPT Centre, Trinity College DublinThe ADAPT Centre is funded under the SFI Research Centres Programme (Grant 13/RC/2106) and is co-funded under the European Regional Development Fund.
2. EU’s General Data Protection RegulationData Protection Directive 95/46/EC needed reform to be fit for technological developments like social networks and cloud computing globalisation.EU has replaces DPD with General Data Protection Regulation (GDPR)GDPR will have immediate effect on all 28 EU Member States on 25 May 2018. Data Protection Directive 95/46/EC
3. Key GDPR Provisions
4. Data Subject RIghts
5. Data ControllerGDPR Roles and ProcessesComplianceSharingProcessingMonitor & ControldatasetworkflowworkflowworkflowThird Party Data ControllerdatarightsData SubjectrightsdataSupervisory Authoritycomplaints
6. Data ControllerGDPR Roles and Open DataComplianceSharingProcessingMonitor & ControldatasetworkflowworkflowworkflowThird Party Data ControllerdatarightsData SubjectrightsdataSupervisory AuthoritycomplaintsMajor New Open Data Business Cases
7. Requirements for Consent To be considered as a valid one the consent should be: Freely givenSpecificInformed UnambiguousParental permissionIf purpose or recipients change new consent must be soughtSilence ≠ Consent
8. Phase 1 CollectionPhase 2 Storage ProcessPhase 3Phase 4ModificationPhase 5RevocationPhase 6ArchivePhase 7DestructionConsent Lifecycle Phase 1 GenerationPhase 2Phase 3Phase 4Phase 5Phase 6ArchivePhase 7Data Lifecycle TransferUseShareStorageDestructionData vs. Consent Lifecycle
9. YCheck Consent Permission YNUser Interac-tionArchive consent and processing proveance metadataArchiveShareDeleteStoreUseNeed to contact user?NConsent ManagerCollect Consent Validity Consent PermissionConsent/data expiredContext ManagementData Management Consent Obligation Need to contact user?Contact user Provenance ManagerProcess provider initiated change of contextEnvironmental change of contextRight enforcement initiated change of contextAll Subject Data Destroyed?NY
10. Consent Ontologyhttps://openscience.adaptcentre.ie/projects/CDMM/
11. Annotation of consent with elements of ontology in RDFaI agree that my data will be used for scientific purposes
12. RDF representation of the annotated XHTML
13. XACML Permission Rule generated using XPARQL
14. Conclusions and Further WorkGDPR implies a full lifecycle management of consent that encloses the lifecycle management of personal dataOpen Data Formats give us the tools to handle Consent as a first class object in Data Protection ManagementExplored the generation of XACML permissions from human readable consent via RDF instanceFuture Work:Assessing generation of access control rules against consent forms and privacy policiesIntegration with PROV for compliance trackingIntegration with ODRL for third party compliance agreements
15. Work with the ADAPT Centre!2 Year MSCA Postdoc Fellowships Incoming to IrelandFor info: edge@tcd.ie