Schneier’s article “The Internet is a surveillance state” summarised the state of Internet privacy as “Welcome to an Internet without privacy, and we've ended up here with hardly a fight”. Later, Snowden revealed that the NSA was tracking online communication in a large-scale surveillance programme. This was followed by revelations that other countries were running similar covert operations. On the 25th anniversary of the Web, Tim Berners-Lee called on the world to take a stand against surveillance and suggested the creation of a global digital bill of rights.
Since last years workshop privacy continues to make headline news. Autumn, saw the collapse of the EU-US Safe Harbor Agreement, which resulted in legal uncertainty regarding transatlantic data exchange and in December, the new EU Data Protection Regulation was finally completed, after years of discussion involving parliamentarians, lobbyists and activists.
This workshop aims to raise awareness that the technologies our community are working on have global societal consequences and, vice versa, our research can be guided by social, economic and legal privacy requirements. This year’s workshop will build on previous workshops, by investigating the privacy implications of semantic technology and also how the technology can be used to develop privacy preservation tools.
Bruce Schneier’s introduces his book “Data and Goliah” by highlighting the fact that: “The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we’re offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches”. The Snowden’s revelations added fuel to the fire by uncovering details of an Internet surveillance program called PRISM, which showed the NSA had obtained direct access to the systems of nine Internet companies, including Google, Facebook, and Apple. The months that followed included a stream of revelations of other internet surveillance programs such as MUSCULAR, XKeyscore and Tempora, as well as the bulk collection of US and European telephone metadata, and large scale data analytics over the collected data. In an interview with the BBC, Tim Berners-Lee called for the online community to take action: “In front of us are two roads - which way are we going to go?”. Tim Berners-Lee suggested to establish a Magna Carta for the world wide web and to crowdsource a set of values which will be so much part of our lives in a way that they become on a level with human rights. Berners-Lee’s call was answered in the form of a number of collaborative efforts to define a bill of rights for the web that are commonly referred to as “The Web We Want”. The impact of data, technology and privacy is so broad that the discussion should have the title “The Society We Want”.
From a legal perspective the landscape has seen considerable changes over the last year. In December 2015, after nearly four years of negotiations, the European Commission, Parliament and Council finally completed the General Data Protection Regulation, which poses tight restrictions on the use and the flow of personal data and introduces tough penalties - of up to 4 % of annual global revenue - for those that do not comply. However, there is still a big question mark surrounding the actual implementation, and the tools that are necessary in order to verify compliance with the regulation. 2015 also seen the collapse of Safe Harbour which left many companies in a state of uncertainty concerning transatlantic data exchange. Early 2016, heralded a new framework for transatlantic data flows known as the EU-US Privacy Shield. The agreement imposes obligations on companies in the U.S. to protect the personal data of Europeans and stronger monitoring and enforcement by the U.S. Department of Commerce and Federal Trade Commission. The focus has now shifted to the actual implementation of the regulation and the tools required to support it. At the same time there has been an upsurge of awareness on the importance of privacy in hot research topics such as “Big Data” and the “internet of Things”. In this context, the intersection of issues around privacy and semantic web technologies become immensely topical and of direct relevance to citizens, researchers and funding agencies.
We (the Semantic Web community) are responsible for the conception of technologies that enable large scale integration and mining of personal and public information in all domains of society. We are part of the problem therefore we should be part of the solution. To date the focus has been on researching specific privacy and security models and frameworks. However, we are “putting the cart before the horse”, we are proposing technical solutions without fully understanding the societal and legal requirements. This workshop aims to explore and promote discussion around many questions which remain unanswered:
Given implications of our technology, what is “acceptable behavior” for data aggregation and use? What are the societal norms that we have to develop or emerge? What are the “robots.txt” equivalents that need to be developed to keep data aggregators and governments in check? What should a Magna Carta look like?
What policies and laws are already in existence and what else do we need? How do we engage meaningfully in a discussion? What do we need to do in research or policy influencing in order to make a difference? How are these policies and laws developed and supported in an inherently international environment? How do we engage with other communities, e.g. in law and policy making?
How do we technologically support the described efforts? How do we support the compliance of privacy laws? How is our increased responsibility being reflected in our scientific events and conferences?
The workshop is a continuation of the previous three workshops, which started to build a critical mass within our community around these topics of increasing importance - but still a lot of work needs to be done. Asking societal questions is uncommon for technology oriented researchers, but necessary for technologies with a society wide impact. The goals of the workshop can be summarised as follows:
A number of Semantic Web researchers are actively working on technological solutions for security and privacy of both data and semantic data. However, we explicitly aim to broaden the participation in this workshop, reflecting the growing importance and impact semantic technologies have. Given the broader context of this workshop, it will appeal not only to the usual ISWC audience but but also to other groups. Notably we aim to attract policy makers, lawyers and researchers with an interest in the societal impact of technology. Furthermore we expect interest from a number of different application domains such as healthcare, financial, and ebusiness where privacy is an important topic.
This workshop aims to capture the intersection between society, policy and technology, by examining the privacy implications and opportunities of semantic technologies. We welcome submissions on (but not restricted to) the following topics: