index.html
14.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
<!--?xml version="1.0" encoding="UTF-8"?-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head>
<meta content="text/html; charset=UTF-8" http-equiv="content-type" />
<title>Privacy and data usage control - W3C Workshop</title>
<link media="all" type="text/css" href="http://www.w3.org/2007/08/video/style.css" rel="stylesheet" />
<link media="print" type="text/css" href="http://www.w3.org/2007/08/video/print.css" rel="stylesheet" />
<link type="image/png" href="http://www.w3.org/2005/11/MWI-Icons/MWI-favicon" rel="icon" />
<style media="screen" type="text/css">
/*<![CDATA[*/
dl.items {margin: 1em 2em;}
dl.items dt {margin: 1.5em 0 0 1em;}
dl.items dt a {font-weight: bold;}
dl.items dd {margin: 0.5em 0 0 1em;}
acronym { border-bottom: black dashed 1px }
div#navigation li.current { color: white;
font-weight: bold;
}
div#page { background-image:none;}
div.submit {
text-align: center;
padding: 15px;
margin-left: 30%;
margin-right: 30%;
border: 1px solid black;
font-size: small;
}
div.submit a.button {
font-size: large;
}
#main {text-align: left;}
/*]]>*/
</style>
</head>
<body>
<div id="page">
<h1>W3C Workshop on Privacy and data usage control <span class="baseline">04/05
October 2010, Cambridge (MA)</span></h1>
</div>
<div id="navigation">
<ul>
<li><a href="http://www.w3.org/Consortium/">About W3C</a></li>
<li class="current">Call for Participation</li>
<li><a href="venue.html">Venue</a></li>
<!-- <li><a href="papers/">Papers</a></li>
<li><a href="report">Report</a></li>
<li><a href="agenda.html">Agenda</a></li> -->
<li><a href="papers.html">Papers</a></li>
<li><a href="report.html">Report</a></li>
<li><a href="agenda.html">Agenda</a></li>
</ul>
</div>
<div id="main">
<p class="logo"><a href="/"><img width="85" height="43" style="border-left: 0; border-right: 0; border-top: 1px solid black; border-bottom: 1px solid black; padding: 6px; margin: 2px; vertical-align:top" src="../../Mobile/W3C" alt="W3C" /></a> <br />
<a href="http://www.primelife.eu"><img width="145" style="border:0; vertical-align: top; margin-top: 3px; margin-bottom: 3px;" src="http://www.primelife.eu/templates/primelife/images/primelife-logo.jpg" alt="sponsored by PrimeLife" /></a> <br />
04-05 October 2010<br />
Hosted by <br />
<a href="http://dig.csail.mit.edu/"><img width="125" style="border:0; vertical-align: top; margin-top: 3px; margin-bottom: 3px;" src="http://dig.csail.mit.edu/2010/dig-logo.jpg" alt="hosted by DIG" /></a><br />
MIT, Cambridge (MA) </p>
<!-- content beg -->
<h2 id="call_for_participation">Results</h2>
<ul>
<li><a href="report.html">Workshop report</a></li>
<li><a href="minutes.html">Workshop minutes</a><br />
</li>
</ul>
<br />
<h2 id="call_for_participation">Call For Participation</h2>
<h3 id="cfp_background">Background</h3>
<p>Users trust enormous amounts of personal information to a large variety of
online services including social network sites, search engines, photo and video
sharing services, and hosted email solutions. As all those services become ever
more tightly integrated, it becomes increasingly difficult to control the
dispersion of information throughout the Web. It also becomes ever more
difficult for services to respect users' privacy while participating in
interweaved service networks that the benefit the users. There is a necessity
to share data with other services to create better offers, but this does not
mean we cannot have privacy as well. What is needed to ensure services respect
their users' privacy? There are initiatives to provide users with information
on what data is being collected about them and ways to customize what data can
be collected. Other techniques focus on enabling services to better control and
audit data usage, namely who accessed data and what processing was done.
However, this addresses only part of the problem. What happens when personal
data that was released for a certain purpose is misused ? What does ensuring
privacy on the Web really mean when sensitive information can be easily
inferred from publically available sources [ <a href="http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/2611/2302">Gaydar</a>,
<a href="http://www.pcworld.com/article/167975/researchers_expose_security_flaw_in_social_security_numbers.html">Researchers
Expose Security Flaw in Social Security Numbers</a>, <a href="http://data.semanticweb.org/conference/www/2009/paper/153">Inferring
Private Information Using Social Network Data</a>] ? </p>
<p>There have been earlier Workshops on issues related to privacy, however, we
see a continuous need for improvement. The 2006 <a href="../../2006/07/privacy-ws/Overview.html">Workshop on Languages for Privacy
Policy Negotiation and Semantics-Driven Enforcement</a> (<a href="../../2006/07/privacy-ws/report.html">Report</a>) addressed aspects and
resulted in the creation of the Policy Languages Interest Group (<a href="http://www.w3.org/Policy/pling/">PLING</a>). Coordination continued with
the <a href="../../2009/policy-ws/Overview.html">Workshop on Access Control
Application Scenarios</a> (<a href="../../2009/policy-ws/report.html">report</a>) where Access Control
scenarios were evaluated and XACML extensions and complements for Privacy
suggested. Most of these workshops consider technical approaches to solving the
problem of privacy using access control. However, we are interested in broader
aspects of privacy including those of usage and handling of personal
information especially related to social networking. </p>
<p>Privacy in Social Networking is a big challenge at the moment. Social
networking sites currently have their own home-grown privacy features and
settings. Those are not interoperable and regularly, news report of privacy
breaching incidents caused by a combination of services with social networking.
This could be improved if social networks would be enabled to transport the
privacy restrictions set by the user to the interlinked services.</p>
<h3 id="cfp_goalsAndScope">Goals and Scope</h3>
<p>This workshop will explore solutions to privacy based on controlling data
usage and on data handling. We also solicit contributions on techniques for
``sticky policies'' that ensure that policies constantly move along with the
related data. While data usage control in a single enterprise can live with
ad-hoc defined semantics, dataflows across enterprise borders need agreed upon
semantics to avoid very costly and time consuming transformation. Semantic
interoperability by an agreed common privacy vocabulary may be a remedy, but
this may not be the only one. Digital Right Management (DRM) research might
provide some interesting insights on how data usage control could be supported
in distributed environments. Regulatory approaches are also of importance as
they influence the way technology is used to comply with regulation. We invite
position papers on all these aspects of privacy protection on the Web,
especially:</p>
<ul>
<li>What role have the semantic technologies in tackling the issue of privacy
oriented data usage control? Are there other, better technologies?</li>
<li>What is the role for commonly agreed privacy semantics? Which rights
and/or obligations can be expressed in the policy, and are there any
relations among them? Do ontologies help?</li>
<li>What are the limitations of standardising privacy semantics for the use
in the relation user/service and service-to-service? </li>
<li>How to do data mining while respecting users' privacy?</li>
<li>How can users can identify errors and request corrections to their
personal information?</li>
<li>What is the role of the rules community for privacy? Can this new
technology be leveraged?</li>
<li>What are the limitations of those semantic technologies. Where are they
seen not to work.</li>
<li>Who sets the policy Does the user impose her privacy policy on the
third-party service, does the service propose a policy that the user can
choose to take or leave? Can negotiation work, or is it still too
complex?</li>
<li>What are obligations on the service towards the user and how to fulfill
them?</li>
</ul>
<ul>
<li>Integration of privacy enhancements into existing data handling tools</li>
<li>implementation and deployment experience with data management tools from
a public policy and privacy perspective;</li>
<li>policy considerations for the future development of the Web platform in
general, and advanced data management on the Web in particular;</li>
<li>user experience and service design issues and approaches related to
security and privacy technologies for the Web;</li>
<li>Social or regulatory issues relating to privacy as they potentially
impact any of the above.</li>
</ul>
<p>The workshop is expected to attract a broad set of stakeholders, including
researchers, database manufacturers, CRM-system manufacturers, Social
Networking Providers. This workshop will determine whether there is interest in
further work on policy languages and data handling/data usage work within
W3C.</p>
<h3 id="cfp_participationRequirements">Participation Requirements</h3>
<p>All participants are required to <a href="#paper">submit a position
paper</a> by <strong>10 September 2010</strong>. W3C membership is not required
to participate in this workshop.</p>
<p>The total number of participants will be limited. To ensure diversity, a
limit might be imposed on the maximum number of participants per
organization.</p>
<p>Instructions for how to register will be sent to submitters of accepted
position papers. These instructions will also indicate a possible limit on the
maximum number of participants per organization.</p>
<p>Workshop sessions and documents will be in English. Position papers,
presentations, minutes and the workshop report will be public.</p>
<p>There is no fee to participate.</p>
<h3 id="eoi">Expression of Interest</h3>
<p>To help the organizers plan the workshop: If you wish to participate, please
<b>as soon as possible</b> send a message to <a href="mailto:team-privacyws-submit@w3.org">team-privacyws-submit@w3.org</a>
with a short (one paragraph) "expression of interest" stating:</p>
<ul>
<li>that a representative from your organization plans to submit a position
paper</li>
<li>whether you want to send one or two participants</li>
<li>whether or not you wish to make a presentation</li>
</ul>
<p>Note: Sending that expression of interest does not mean that you registered
for the workshop. It is still necessary to send a <b>position paper</b> (see
below), which then must be considered for acceptance by the Program
Committee.</p>
<h2 id="paper">Position Papers</h2>
<div class="submit">
<p>Please submit position papers by sending them to <a href="mailto:team-privacyws-submit@w3.org">team-privacyws-submit@w3.org</a> </p>
</div>
<p>You paper must meet the following criteria:</p>
<ul>
<li>explains your interest in the Workshop</li>
<li>aligned with the Workshop's stated <a href="#scope">goals</a> as outlined
above.</li>
<li>1 to 5 pages long</li>
<li>formatted in (valid) HTML/XHTML, PDF, or plain text</li>
</ul>
<p>Based on a review of all submitted position papers, the Program Committee
will select the most relevant and invite the submitters of those papers to the
Workshop. From among all accepted papers, the program committee will choose a
small number of papers judged most appropriate for fostering discussion, and
ask the authors of those papers to give short presentations about them at the
Workshop. After the workshop, those presentations will then be published on the
<a href="./">workshop home page</a>.</p>
<h2 id="dates">Important dates</h2>
<table width="60%" border="1" align="center">
<tbody>
<tr valign="top">
<th>Date</th>
<th>Event</th>
</tr>
<tr valign="top">
<td>27 July 2010</td>
<td>Call for Participation issued</td>
</tr>
<tr valign="top">
<td>10 September 2010</td>
<td>Deadline for <a href="#paper">position papers</a></td>
</tr>
<tr valign="top">
<td>18 September 2010</td>
<td>Acceptance notification sent</td>
</tr>
<tr valign="top">
<td>24 September 2010</td>
<td>Program released</td>
</tr>
<!-- <tr valign="top">
<td>@@</td>
<td>Deadline for Registration</td>
</tr> -->
<tr valign="top">
<td>04/05 October 2010</td>
<td>Workshop</td>
</tr>
</tbody>
</table>
<h2 id="Organization" class="break">Workshop Organization</h2>
<p>Workshop sessions and documents will be in English</p>
<p></p>
<h3>Keynotes</h3>
<ul>
<li>Jacques Bus (Digitrust)</li>
<li>Ken Anderson (Office of the Information and Privacy Commissioner of
Ontario)</li>
</ul>
<p></p>
<h3>Chairs</h3>
<ul>
<li>Lalana Kagal, MIT</li>
<li>Rigo Wenning, W3C</li>
</ul>
<h3><a name="Prog_chair" id="Prog_chair">Program Committee</a></h3>
<ul>
<li>Hal Abelson (MIT)</li>
<li>David Basin (ETH Zürich)</li>
<li>Gunter Bitz (SAP)</li>
<li>Jacques Bus (Digitrust)</li>
<li>David Chadwick (Kent University)</li>
<li>Malcolm Crompton (Information Integrity Solutions)</li>
<li>Jean-Marc Dinant (Centre de recherche informatique et droit, Université
Namur)</li>
<li>Sandro Etalle (University of Twente)</li>
<li>Renato Iannella (Semantic Identity)</li>
<li>Volkmar Lotz (SAP)</li>
<li>Eve Maler (PayPal)</li>
<li>Ashok Malhotra (Oracle)</li>
<li>John Morris (CDT)</li>
<li>Alexander Pretschner (Fraunhofer)</li>
<li>Marc Rotenberg (EPIC)</li>
<li>Norman Sadeh (Carnegie Mellon University)</li>
<li>Ravi S. Sandhu (University of Texas at San Antonio, ICS)</li>
<li>Mischa Tuffield (Garlik)</li>
</ul>
<p></p>
<h3>Venue</h3>
<p>The Workshop will be hosted by the <a href="http://dig.csail.mit.edu">Decentralized Information Group</a> at MIT.
More detailed venue information will be made available in due course.</p>
<h2>Deliverables</h2>
<p>Position <a href="papers">papers</a>, <a href="agenda.html">agenda</a>,
accepted presentations, and <a href="report.html">report</a> will also be
published online.</p>
<p></p>
<div id="footer">
<address>
For more information, contact <a href="mailto:rigo@w3.org">Rigo
Wenning</a>.<br />
<small>$Date: 2010/12/06 18:19:13 $</small>
</address>
</div>
<!-- footer end -->
</div>
</body></html>