Sabrina Kirrane is an assistant professor working at the Institute of Information Business at the Vienna University of Economics and Business and a distinguished expert for privacy. At SEMANTiCS, she is a part of the poster and demo track committee.
Privacy preservation on the web seems to experience a renaissance in the age of IoT, social media and machine learning. How do you perceive this trend?
Considering that the European General Data Protection Regulation, has come into effect on the 25th May 2018, it comes as no surprise that privacy in general and data protection in particular are regularly making headline news. Although there is a lot of discussion surrounding the actual implementation of the regulation and the tools required to support it, there is also much talk of the economic impact the new regulation will have on European innovation. Although privacy is particularly topical at the moment, I would say that the trend is in fact much broader, with topics such as security, trust and transparency, especially in the context of both Big Data and the Next Generation Internet, also receiving lots of visibility of late. For instance, the European Big Data Value Forum, an event which brings together industry professionals, researchers, and policy makers to discuss the challenges and opportunities of the European data economy and data-driven innovation, last year had a specific focus on “Trusted AI in Smart Industry”. GDPR aside, interest in privacy and related topics goes well beyond the regulation, in fact just last month both privacy and security were highly figured at the 2018 Web Conference, which had both a keynote on “Web Privacy and Security: The User Experience” and a panel on “Privacy and Security, remaining challenges for the Web”. As for transparency, blockchain technology immediately comes to mind with both technologists and entrepreneurs investigating what distributed ledger technology has to offer.
Which contribution can we expect from semantic technologies to security, privacy in general and a safer internet in particular?
When it comes to semantic technologies, promising privacy and security research directions include the development of policy languages that are capable of encoding usage constraints, regulatory obligations, norms and values in a manner that supports automatic enforcement or compliance checking. Additionally, several researchers are looking into the use of blockchain technology together with Linked Data to increase transparency with respect to data processing and sharing. Accountability, is a related topic, which involves making individuals and organisations responsible for their actions, here blockchain smart contracts have much to offer in terms of automatic enforcement and compliance checking. Other interesting, topics include the application of homomorphic encryption, which enables the execution of computations on top of ciphertext, to RDF, however fully homomorphic encryption brings with it performance and scalability issues that still need to be tackled. Although anonymisation is a relatively new topic within the Semantic Web community, there is nonetheless two distinct avenues of research: one focusing on proposing anonymisation strategies specifically for graph data and the other focusing on using semantic technologies to assess the strength of existing anonymisation proposals.
Which trends do you perceive as most promising with respect to privacy or other regulatory issues? What can we expect for the future?
Personally I think some of the most promising or exciting trends come under the legal informatics umbrella. For instance, the use of natural language processing techniques to extract obligations from legislative text or contextual information relating to court rulings from legal proceedings. Another interesting and related area is the use of semantic technology to generate legal knowledge graphs that can be used to integrate legal knowledge from distributed legal data sources. Such techniques could be used to develop systems that are capable of supporting legal practitioners in terms of legal reasoning. Personally I'm very interested in regulatory obligations in the context of intelligent software agents. For example, at the Normative Multi-Agent Systems Dagstuhl, which I attended in April this year, we were discussing how to formally represent and reason over regulatory policies, societal norms and values, all of which need to be considered if we are to make the original vision for the Semantic Web, whereby intelligent agents make use of vast amounts of heterogeneous multilingual data in order to support humans in everyday activities, a reality.
What can you tell us about recent milestones or achievements with your current research projects?
I am currently working on the two projects: SPECIAL, which is a research and innovation project funded under the Horizon 2020 privacy-preserving Big Data technologies call, and DALICC, which is funded by the Austrian Federal Ministry of Transport, Innovation and Technology (BMVIT). The primary objective of the SPECIAL project is to help citizens and organisations to share more data, while guaranteeing data protection and transparency. DALICC also aims to support the data driven economy, however the focus is primarily on intellectual property rights management. The last couple of months have been particularly busy for both project teams as we are currently working towards our first public releases. Since moving to Austria I've also been actively involved in several standardisation activities. I was a member of the W3C Permissions and Obligations Expression working group, which recently published two W3C Recommendations relating to the Open Digital Rights Language (ODRL) (They can be found here and here). Last year I was invited to give a talk on digital rights management at an event which focused on current issues in standards developing organisations decision-making for the Internet. In April this year I was one of the organizers of a W3C Workshop on Privacy and Linked Data. One of the primary outcomes of the workshop is the plan to setup a W3C community group, which will work towards standardising web based privacy controls and vocabularies. In this context, on the 24th of May (the day before the GDPR came into effect) I presented our plans for the community group at an event entitled "The End of Privacy 1.0", which is hosted by the Open Data Institute. The objective of the event is to explore challenges and opportunities in terms of standardisation in the context of the new privacy paradigm where citizens have more control over what happens with their personal data.
SEMANTiCS covers a broad range of technology topics and explores how Linked Data is enriching these various methods and approaches.
Sabrina is a member of the SEMANTiCS 2018 poster and demo track-commitee.