An interesting aspect of semantic technologies is that they are better suited to address some of the challenges relating to privacy, especially to model and reason over domain knowledge relating to information-flows that threaten privacy of users in ’conventional’ computer systems. By ‘conventional’ we mean all computer systems which primary focus is not Semantic Web. In this post we look at some of the uses of ontologies in enhancing privacy.
For example, Tang et al. used a privacy ontology to link real-life court cases to concepts found in privacy directives and principles. Using the reasoning capabilities over this expressed knowledge the case-analyser is able to support legal arguments. In another work, a high level system architecture for ‘Semantic Grid’ is proposed by Wong et al. to tackle information sharing of law-enforcement agencies from several countries. They claim the agents in the architecture make sense of criminal information by reasoning over ontologies which link heterogeneous data from distributed sources.
In more generic approaches, Sacco and Passant propose Privacy Preference Ontology (OPO), a lightweight vocabulary on top of the Web Access Control ontology aiming at providing users with means to define fine-grained privacy preferences for restricting (or granting) access specific RDF data. Similarly, Kost et al. propose to use ontology for the systematic design of privacy requirements, and their verification.
While most of them remain preliminary, these initiatives demonstrate some level of added value that ontologies can bring to the management of privacy, generally and in various domains. The most obvious one tends to be the ability to reason upon information access and the policies that govern them. It is however also interesting to see how ontologies can provide more flexible structures to express privacy policies and requirements than the usual, rather rigid formats employed for this.