Call for Submissions

Workshop on

Society, Privacy and the Semantic Web -

Policy and Technology

PrivOn 2016

Hashtag: #PrivOn2016

at the International Semantic Web Conference (ISWC) 2016

October 17th-21st, 2016, Kobe, Japan

Abstract

Schneier’s article “The Internet is a surveillance state” summarised the state of Internet privacy as “Welcome to an Internet without privacy, and we've ended up here with hardly a fight”. Later, Snowden revealed that the NSA was tracking online communication in a large-scale surveillance programme. This was followed by revelations that other countries were running similar covert operations. On the 25th anniversary of the Web, Tim Berners-Lee called on the world to take a stand against surveillance and suggested the creation of a global digital bill of rights.

Since last years workshop privacy continues to make headline news. Autumn, saw the collapse of the EU-US Safe Harbor Agreement, which resulted in legal uncertainty regarding transatlantic data exchange and in December, the new EU Data Protection Regulation was finally completed, after years of discussion involving parliamentarians, lobbyists and activists.

This workshop aims to raise awareness that the technologies our community are working on have global societal consequences and, vice versa, our research can be guided by social, economic and legal privacy requirements. This year’s workshop will build on previous workshops, by investigating the privacy implications of semantic technology and also how the technology can be used to develop privacy preservation tools.

Motivation and Objectives

Bruce Schneier’s introduces his book “Data and Goliah” by highlighting the fact that: “The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we’re offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches”. The Snowden’s revelations added fuel to the fire by uncovering details of an Internet surveillance program called PRISM, which showed the NSA had obtained direct access to the systems of nine Internet companies, including Google, Facebook, and Apple. The months that followed included a stream of revelations of other internet surveillance programs such as MUSCULAR, XKeyscore and Tempora, as well as the bulk collection of US and European telephone metadata, and large scale data analytics over the collected data. In an interview with the BBC, Tim Berners-Lee called for the online community to take action: “In front of us are two roads - which way are we going to go?”. Tim Berners-Lee suggested to establish a Magna Carta for the world wide web and to crowdsource a set of values which will be so much part of our lives in a way that they become on a level with human rights. Berners-Lee’s call was answered in the form of a number of collaborative efforts to define a bill of rights for the web that are commonly referred to as “The Web We Want”. The impact of data, technology and privacy is so broad that the discussion should have the title “The Society We Want”.

From a legal perspective the landscape has seen considerable changes over the last year. In December 2015, after nearly four years of negotiations, the European Commission, Parliament and Council finally completed the General Data Protection Regulation, which poses tight restrictions on the use and the flow of personal data and introduces tough penalties - of up to 4 % of annual global revenue - for those that do not comply. However, there is still a big question mark surrounding the actual implementation, and the tools that are necessary in order to verify compliance with the regulation. 2015 also seen the collapse of Safe Harbour which left many companies in a state of uncertainty concerning transatlantic data exchange. Early 2016, heralded a new framework for transatlantic data flows known as the EU-US Privacy Shield. The agreement imposes obligations on companies in the U.S. to protect the personal data of Europeans and stronger monitoring and enforcement by the U.S. Department of Commerce and Federal Trade Commission. The focus has now shifted to the actual implementation of the regulation and the tools required to support it. At the same time there has been an upsurge of awareness on the importance of privacy in hot research topics such as “Big Data” and the “internet of Things”. In this context, the intersection of issues around privacy and semantic web technologies become immensely topical and of direct relevance to citizens, researchers and funding agencies.

We (the Semantic Web community) are responsible for the conception of technologies that enable large scale integration and mining of personal and public information in all domains of society. We are part of the problem therefore we should be part of the solution. To date the focus has been on researching specific privacy and security models and frameworks. However, we are “putting the cart before the horse”, we are proposing technical solutions without fully understanding the societal and legal requirements. This workshop aims to explore and promote discussion around many questions which remain unanswered:

Given implications of our technology, what is “acceptable behavior” for data aggregation and use? What are the societal norms that we have to develop or emerge? What are the “robots.txt” equivalents that need to be developed to keep data aggregators and governments in check? What should a Magna Carta look like?

What policies and laws are already in existence and what else do we need? How do we engage meaningfully in a discussion? What do we need to do in research or policy influencing in order to make a difference? How are these policies and laws developed and supported in an inherently international environment? How do we engage with other communities, e.g. in law and policy making?

How do we technologically support the described efforts? How do we support the compliance of privacy laws? How is our increased responsibility being reflected in our scientific events and conferences?

The workshop is a continuation of the previous three workshops, which started to build a critical mass within our community around these topics of increasing importance - but still a lot of work needs to be done. Asking societal questions is uncommon for technology oriented researchers, but necessary for technologies with a society wide impact. The goals of the workshop can be summarised as follows:

• Raise awareness that the technologies the community are working on have global societal consequences. Concurrently, raise awareness that our research can be guided by determining a road map for desirable privacy goals.

• Provide a platform for debate between the different communities that are involved in Web privacy and security - e.g. policy makers, users, social sciences and computer scientists.

• Grow the community of individuals actively working on the topic and promote the diversity of research beyond the technical aspects.

Audience

A number of Semantic Web researchers are actively working on technological solutions for security and privacy of both data and semantic data. However, we explicitly aim to broaden the participation in this workshop, reflecting the growing importance and impact semantic technologies have. Given the broader context of this workshop, it will appeal not only to the usual ISWC audience but but also to other groups. Notably we aim to attract policy makers, lawyers and researchers with an interest in the societal impact of technology. Furthermore we expect interest from a number of different application domains such as healthcare, financial, and ebusiness where privacy is an important topic.

Topics Of Interest

This workshop aims to capture the intersection between society, policy and technology, by examining the privacy implications and opportunities of semantic technologies. We welcome submissions on (but not restricted to) the following topics:

• • Surveillance, tracking and semantic technologies

  • What should a “Magna Carta for Data” look like?

  • What societal conventions are necessary to protect privacy and how can they be supported by semantic technologies?

  • What are the economic incentives for privacy preserving semantic tools?

  • What impact does privacy legislation have on Linked Data and semantic technologies?

  • Synchronisation of policies from different legal domains

  • Semantic tools for monitoring and enforcing privacy and data protection laws

  • Managing personal information disclosure in semantic environments

  • Techniques for anonymity, pseudonymity and unlinkability in linked and semantic data

  • Dealing with inference in private, sensitive or confidential data

  • Protecting against pattern/behaviour discovery and community mining

  • Protecting against identity theft and data falsification

  • Encryption together with linked and semantic data

  • Digital signatures together with linked and semantic data

  • Data transparency and user consent on the Web of Data

  • Data provenance and trustworthiness of knowledge sources

  • Semantic technology and privacy by design

  • Semantic technology and privacy impact assessments

  • Privacy challenges arising from Linked Open Data

  • Case Studies: Impact of semantic technologies on privacy in specific domain

Format and Submission Procedure

Contributions to the workshop can be made in terms of papers and reports as well as position papers addressing different issues of the stated topics of interest.

• Research papers and reports (up to 16 pages) and position papers (up to 8 pages), must adhere to the LNCS Style.

• Papers must be submitted in PDF format through the workshop submission site at: https://easychair.org/conferences/?conf=privon2016

• Papers will be reviewed by the program committee and a limited number will be selected for presentation at the workshop.

• We aim to publish the proceedings of the workshop online at CEUR-WS.

Important Dates

Organising Committee

• Christopher Brewster, TNO, Amsterdam Email: Christopher.Brewster@tno.nl Web: http://www.cbrewster.com

• Michelle Cheatham, Wright State University, USA Email:michelle.cheatham@wright.edu Web: http://www.michellecheatham.com/

• Mathieu d'Aquin, Knowledge Media Institute of the Open University, United Kingdom Email:Mathieu.Daquin@open.ac.uk Web: http://kmi.open.ac.uk/people/member/mathieu-daquin

• Stefan Decker, RWTH Aachen University, Germany Email: stefan@stefandecker.org Web: http://www.stefandecker.org

• Sabrina Kirrane, Vienna University of Business and Economics Email:sabrina.kirrane@wu.ac.at Web: http://www.sabrinakirrane.com/

Program Committee

• • Piero Bonatti, Universita di Napoli Federico II, Italy

  • Pompeu Casanovas,Universidad Autónoma de Barcelona, ​​Spain

  • David Corsar, University of Aberdeen, UK

  • Luca Costabello, Fujitsu, Ireland

  • Philippe Cudré- Mauroux, University of Fribourg, Switzerland

  • Ernesto Damiani, University of Milan, Italy

  • Tim Finin, University of Maryland Baltimore County, USA

  • Kristine Gloria, Rensselaer Polytechnic Institute (RPI), USA

  • RV Guha, Google, USA

  • Vinay Gupta, Etheruem/Consensys, UK

  • Harry Halpin, W3C/INRIA, France

  • Benjamin Heitmann, RWTH Aachen University, Germany

  • Pascal Hitzler, Wright State University, USA

  • Shinsaku Kiyomoto, Information Security Laboratory, Japan

  • Krzysztof Janowicz, University of California, USA

  • Ian Niles, Microsoft, USA

  • Inah Omoronyia, University of Glasgow, UK

  • Axel Polleres, Institute for Information Business of WU, Austria

  • Víctor Rodríguez Doncel, Universidad Politécnica de Madrid, Spain

  • Harald Sack, University of Potsdam, Germany

  • Ravi Sandhu, University of Texas at San Antonio, USA

  • Stefan Schlobach, Vrije Universiteit Amsterdam, Netherlands

  • Simon Steyskal, Institute for Information Business of WU, Austria

  • Jetzabel Serna, Deutsche Telekom Chair of Mobile Business and Multilateral Security, Germany

  • Nigel Shadbolt, University of Southampton Highfield, UK

  • Sarah Spiekermann, Institute for Management Information Systems, WU, Austria

  • Keerthi Thomas, The Open University, UK

  • Bert Van Nuffelen, Tenforce, Belgium

  • Aad Versteden, Versteden Tenforce, Belgium

  • Serena Villata, INRIA Sophia Antipolis, France

  • Daniel Weitzner, CSAIL, Massachusetts Institute of Technology, Cambridge

  • Rigo Wenning, W3C, France