dpv icon indicating copy to clipboard operation
dpv copied to clipboard
verified publisher icon w3c

Create new Justifications extension

Open coolharsh55 opened this issue 3 years ago • 4 comments

As per https://www.w3.org/2022/12/14-dpvcg-minutes.html the justifications from risk extension will be moved to a new extension so that they are available for general use across all use-cases. The existing list also needs to be cleaned (in phrasing) and categorised for this new division. Additionally, references to GDPR specific justifications need to be provided separately (in DPV-GDPR most probably).

coolharsh55 avatar Dec 14 '22 17:12 coolharsh55

Added justifications extension at path /justifications. Namespace is 'justifications'. Contains four types of justifications: Not Required, Non-Fulfilment, Delay, Exercise. Contains relevant XLSX/CSV setup, RDF output, HTML output. See live version at https://harshp.com/dpv/justifications/ (mirrors dev branch of this repo)

@besteves4 I have changed the terms to make them more consistent, universal, and flexible e.g. no prefix for terms so that the terms are self-descriptive e.g. ProcessSafeguarded is justification that something isn't required as the process is safeguarded. I added the suffix 'Impaired' to cases where it talked about intereference so the justification is broader and we don't have to define what "intereference" should mean. Is this okay? Or should I revert back to the term names that we had previously discussed (from your webpage)?

I also removed the Rights-specific justifications concept because they were redundant (after above). If we need to justify why a right was not provided, not fulfilled, etc. then the suitable justification can be used directly. We don't really need a rights specific taxonomy (they are the same justifications for any process including rights). What do you think?

If both are okay, then I will continue and add the links to specific justifications to GDPR extension, similar to the link between Legal Basis and Rights, so that the relevant possible justifications are listed in RDF and HTML.

coolharsh55 avatar Apr 21 '24 14:04 coolharsh55

Hi. I'm okay with the changes made to the naming of terms. I also agree with the rights-specific justifications being redundant. In terms of GDPR-specific justifications is the idea still to extend the justifications concepts with the GDPR clauses and have that in the GDPR extension, or is it just associating the generic justification terms with the GDPR rights already available in the GDPR extension?

besteves4 avatar Apr 29 '24 13:04 besteves4

Hi. Thanks. For GDPR rights, my proposal is to just add in has justification links from the right to the justification and then note in the HTML that these are possible uses. This is simpler, but semantically ambiguous.

The other mechanism would be then to create specific instances of right nonfulfilment for each right - this would then be a separate section in gdpr listing where rights cannot be fulfilled, where the non fulfilment will use has justification and has legal basis to link to the justification and right respectively. This is complex but semantically correct.

coolharsh55 avatar Apr 29 '24 13:04 coolharsh55

Accepted in https://w3id.org/dpv/meetings/meeting-2024-05-15 - issue will be closed automatically by commit. The GDPR concepts are discussed in #63 and have milestone v2.1 (so v2 will only contain generic justifications)

coolharsh55 avatar May 17 '24 07:05 coolharsh55

Confirmed this can be closed in meeting MAY-22. Further discussions should open a new issue.

coolharsh55 avatar May 23 '24 11:05 coolharsh55