Privacy Online 2017

Call for Submissions

Workshop on

Society, Privacy and the Semantic Web -

Policy and Technology

PrivOn 2017

Hashtag: #PrivOn2017

at the International Semantic Web Conference (ISWC) 2017

October 21st-25th, 2017, Vienna, Austria

Abstract

Schneier’s article “The Internet is a surveillance state” summarised the state of Internet privacy as “Welcome to an Internet without privacy, and we've ended up here with hardly a fight”. Later, Snowden revealed that the NSA was tracking online communication, followed by revelations that other countries were running similar covert operations.

Autumn 2015 saw the collapse of the EU-US Safe Harbor Agreement, which resulted in legal uncertainty regarding transatlantic data exchange, while April 2016 saw the ratification of the the new EU Data Protection Regulation, which will come into being in May 2018, after years of discussion involving parliamentarians, lobbyists and activists. On the 28th anniversary of the Web, Tim Berners-Lee sent a widely spread open letter warning of the devastating effect of losing control over personal data and the spread of misinformation, especially on the political scene.

This workshop aims to raise awareness that the technologies our community are working on have global societal consequences and, vice versa, our research can be guided by social, economic and legal privacy requirements. This year’s workshop will build on previous workshops by investigating the privacy implications of semantic technology and also exploring how the technology can be used to support privacy preservation.

Motivation and Objectives

Bruce Schneier introduces his book “Data and Goliah” by highlighting the fact that: “The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we’re offered. Governments use surveillance to discriminate, sensor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches”. The Snowden revelations added fuel to the fire by uncovering details of an Internet surveillance program called PRISM, which showed the NSA had obtained direct access to the systems of nine Internet companies, including Google, Facebook, and Apple. The months that followed included a stream of revelations of other internet surveillance programs such as MUSCULAR, XKeyscore and Tempora, as well as the bulk collection of US and European telephone metadata, and large scale data analytics over the collected data. In an interview with the BBC, Tim Berners-Lee called for the online community to take action: “In front of us are two roads - which way are we going to go?”. Tim Berners-Lee suggested to establish a Magna Carta for the world wide web and to crowdsource a set of values which will be so much part of our lives in a way that they become on a level with human rights. Berners-Lee’s call was answered in the form of a number of collaborative efforts to define a bill of rights for the web that are commonly referred to as “The Web We Want”. The impact of data, technology and privacy is so broad that the discussion should have the title “The Society We Want”.

From a legal perspective the landscape has seen considerable changes over the last few years. In December 2015, after nearly four years of negotiations, the European Commission, Parliament and Council finally completed the General Data Protection Regulation, which poses tight restrictions on the use and the flow of personal data and introduces tough penalties - up to 4% of annual global revenue - for those that do not comply. However, there is still a big question mark surrounding the actual implementation, and the tools that are necessary in order to verify compliance with the regulation. 2015 also saw the collapse of Safe Harbour which left many companies in a state of uncertainty concerning transatlantic data exchange. Early 2016 heralded a new framework for transatlantic data flows known as the EU-US Privacy Shield. The agreement imposes obligations on companies in the U.S. to protect the personal data of Europeans and stronger monitoring and enforcement by the U.S. Department of Commerce and Federal Trade Commission. The focus has now shifted to the actual implementation of the regulation and the tools required to support it. At the same time there has been an upsurge of awareness of the importance of privacy in hot research topics such as “Big Data” and the “Internet of Things”. In this context, the intersection of issues around privacy and semantic web technologies has become immensely topical and of direct relevance to citizens, researchers and funding agencies.

We (the Semantic Web community) are responsible for the conception of technologies that enable large scale integration and mining of personal and public information in all domains of society. We are part of the problem, therefore we should be part of the solution. To date the focus has been on researching specific privacy and security models and frameworks. However, we are “putting the cart before the horse” -- we are proposing technical solutions without fully understanding the societal and legal requirements. This workshop aims to explore and promote discussion around many questions which remain unanswered:

Given implications of our technology, what is “acceptable behavior” for data aggregation and use? What are the societal norms that we have to develop or emerge? What are the “robots.txt” equivalents that need to be developed to keep data aggregators and governments in check? What should a Magna Carta look like?
What policies and laws are already in existence and what else do we need? How do we engage meaningfully in a discussion? What do we need to do in research or policy influencing in order to make a difference? How are these policies and laws developed and supported in an inherently international environment? How do we engage with other communities, e.g. in law and policy making?
How do we technologically support the described efforts? How do we support the compliance of privacy laws? How is our increased responsibility being reflected in our scientific events and conferences?

Audience

A number of Semantic Web researchers are actively working on technological solutions for security and privacy of both data and semantic data. However, we explicitly aim to broaden the participation in this workshop, reflecting the growing importance and impact semantic technologies have. Given the broader context of this workshop, it will appeal not only to the usual ISWC audience but but also to other groups. Notably we aim to attract policy makers, lawyers and researchers with an interest in the societal impact of technology. Furthermore we expect interest from a number of different application domains such as healthcare, financial, and ebusiness where privacy is an important topic.

Topics Of Interest

This workshop aims to capture the intersection between society, policy and technology, by examining the privacy implications and opportunities of semantic technologies. We welcome submissions on (but not restricted to) the following topics:

Surveillance, tracking and semantic technologies
What should a “Magna Carta for Data” look like?
What societal conventions are necessary to protect privacy and how can they be supported by semantic technologies?
What are the economic incentives for privacy preserving semantic tools?
What impact does privacy legislation have on Linked Data and Semantic Technologies?
Synchronisation of policies from different legal domains
Semantic tools for monitoring and enforcing privacy and data protection laws
Managing personal information disclosure in semantic environments
Techniques for anonymity, pseudonymity and unlinkability in linked and semantic data
Dealing with inference in private, sensitive or confidential data
Protecting against pattern/behaviour discovery and community mining
Protecting against identity theft and data falsification
Encryption together with linked and semantic data
Digital signatures together with linked and semantic data
Data transparency and user consent on the Web of Data
Data provenance and trustworthiness of knowledge sources
Semantic technology and privacy by design
Semantic technology and privacy impact assessments
Privacy challenges arising from Linked Open Data
Case Studies: Impact of semantic technologies on privacy in specific domains

Format and Submission Procedure

Contributions to the workshop can be made in terms of papers and reports as well as position papers addressing different issues of the stated topics of interest.

Research papers and reports (up to 16 pages) and position papers (up to 8 pages), must adhere to the LNCS Style.
Papers must be submitted in PDF format through the workshop submission site at: https://easychair.org/conferences/?conf=privon2017
Papers will be reviewed by the program committee and a limited number will be selected for presentation at the workshop.
We aim to publish the proceedings of the workshop online at CEUR-WS.

Important Dates

July 21, 2017	Paper submission deadline
August 24, 2017	Author notifications
September 7, 2017	Camera ready due
October 21 & 22, 2017	PrivOn 2017 Workshop

Organising Committee

Christopher Brewster, TNO, Amsterdam Email: Christopher.Brewster@tno.nl Web: http://www.cbrewster.com

Michelle Cheatham, Wright State University, USA Email:michelle.cheatham@wright.edu Web: http://www.michellecheatham.com/

Mathieu d'Aquin, Insight Centre for Data Analytics, NUI Galway, Ireland Email:mathieu.daquin@insight-centre.org Web: https://www.insight-centre.org/users/mathieu-daquin

Stefan Decker, RWTH Aachen University, Germany Email: stefan@stefandecker.org Web: http://www.stefandecker.org

Sabrina Kirrane, Vienna University of Business and Economics Email:sabrina.kirrane@wu.ac.at Web: http://www.sabrinakirrane.com/

Program Committee

Piero Bonatti, Universita di Napoli Federico II, Italy

Pompeu Casanovas, Universidad Autónoma de Barcelona, Spain

David Corsar, University of Aberdeen, UK

Luca Costabello, Fujitsu, Ireland

Ernesto Damiani, University of Milan, Italy

Tim Finin, University of Maryland Baltimore County, USA

Kristine Gloria, Rensselaer Polytechnic Institute (RPI), USA

RV Guha, Google, USA

Harry Halpin, W3C/INRIA, France

Benjamin Heitmann, RWTH Aachen University, Germany, Germany

Pascal Hitzler, Wright State University, USA

Shinsaku Kiyomoto, Information Security Laboratory, KDDI Research Inc., Japan

Krzysztof Janowicz, University of California, USA

Alessandra Mileo, Insight Center for Data Analytics, Ireland

Ian Niles, Microsoft, USA

Inah Omoronyia, University of Glasgow, UK

Axel Polleres, Institute for Information Business of WU, Austria

Harald Sack, University of Potsdam, Germany

Ravi Sandhu, University of Texas at San Antonio, USA

Stefan Schlobach, Vrije Universiteit Amsterdam, Netherlands

Simon Steyskal, Institute for Information Business of WU, Austria

Jetzabel Serna, Deutsche Telekom Chair of Mobile Business and Multilateral Security, Germany

Nigel Shadbolt, University of Southampton Highfield, UK

Keerthi Thomas, The Open University, UK

Bert Van Nuffelen, Tenforce, Belgium

Evelyne Viegas, Microsoft, USA

Serena Villata, INRIA Sophia Antipolis, France

Rigo Wenning, W3C, France