(finns även på engelska, franska och japanska; dessutom översättningar till andra språk)
http://www.w3.org/ -- 14 december 2006 -- W3C publicerade idag rapport från workshop om personlig integritet och minnesanteckningar som rekommenderar kommande steg i arbetet att stödja löften om hur integritet bevaras när man utbyter känslig information på webben. Experter på integritet och behörighetskontroll, från Amerika, Australien, Asien och Europa, träffades i oktober 2006 i Ispra, Italien, för att studera utmaningar kring personlig integritet och dessas lösningar. W3C framför sitt tack till Europakommissionens Joint Research Center som erbjöd plats för W3C:s workshop Languages for Privacy Policy Negotiation and Semantics-Driven Enforcement.
"Den arbete som många individer lagt ner på att organisera denna workshop, och deltagarnas djupa engagemang visar hur viktigt detta tema är", säger Jan Löschner, chef för datasäkerhet vid Europakommissionens forskningscenter ("Joint Research Center"). "Jag uppskattar den konstruktiva atmosfären under detta möte, och hoppas att föreslagna lösningar implementeras och användes i framtiden".
On the Web, information collection and transfer are routine, often conducted by multiple parties in a manner transparent to the user. As more parties are granted access to information, it becomes more challenging to track chains of privacy promises and to enforce them. Tools can help, but tools require descriptions of access privileges, and such descriptions can be hard to formulate when so many parties are involved.
Though we may be familiar with scenarios such as a doctor exchanging patient information with a laboratory, these issues are not limited to large-scale enterprises. More individuals are sharing personal information (photos, blog entries, etc.) on the Web. They too recognize the need for more effective approaches for managing personal information, for describing who can access their information, and for learning who is to be held accountable when a given service does not respect their privacy preferences.
"This Workshop provided a broad, articulated outline of privacy-related challenges in the Information Society," said Professor Piero A. Bonatti of the University of Naples. "It was an excellent chance to bring together the visions and the approaches of institutional, industrial, and academic actors, covering not only computer science but also economics and other disciplines. The challenges discussed in the workshop are definitely going to be hot research topics for the coming years."
Previous W3C work on Web privacy, the Platform for Privacy Preferences Project (P3P), focused on how to express privacy preferences in a way that allows software to enforce those preferences. The Workshop explored a different set of questions: How can privacy promises be maintained as information changes hands? How can access control decisions and accountability mechanisms leverage the Web to help manage obligations and actions arising from the data exchange? How can community and user driven Web sites leverage access control and accountability frameworks? Workshop participants suggested that W3C charter an Interest Group as a forum for continued discussion of these questions.
One common obstacle toward progress on integrated privacy approaches for both enterprise processes and the Web is the lack of interoperability between different policy languages. Current policy mechanisms are tailored to specific use cases and serve those use cases well. But today's enterprise and Web environments require a tight coupling of different approaches. Participants in the Workshop agreed that the community should embrace the reality of policy language diversity and work on facilitating connections among these multiple languages, rather than trying to create a a single combined policy language to cover the entire field of personal information processing and access control. W3C is participating in the PRIME and PAW projects, which promise to provide valuable input into future work in this area.
W3C är ett internationellt konsortium där konsortiets medlemmar, en heltidsanställd stab och andra intresserade arbetar tillsammans för att utveckla webbstandarder. W3C:s huvudsakliga verksamhet är att ta fram webbstandarder samt riktlinjer, råd och anvisningar som säkerställer webbens långsiktiga tillväxt. Fler än 400 organisationer är medlemmar i konsortiet. W3C drivs gemensamt av MIT Computer Science and Artificial Intelligence Laboratory (MIT CSAIL) i USA, European Research Consortium for Informatics and Mathematics (ERCIM) med högkvarter i Frankrike, och Keio University i Japan, samt har ytterligare regionala kontor världen runt. Mer information finns på http://www.w3.org/