Semantic Web Privacy Design Patterns

Privacy Guidelines for Semantic Web Developers:
be afraid, but not very afraid

Semantic Web Bootcamp
11 January 2007

Daniel J. Weitzner
Decentralized Information Group
MIT Computer Science and Artificial Intelligence Laboratory
W3C Technology and Society Domain Lead

These slides:


Privacy Challenges in Internet's first decade

AT&T TSD 3600 gmail

Privacy Challenges in Web's first decade

Cookie blocker amazon wish list

Privacy challenges in the computer's first four decades

Decade Privacy Challenge Policy Response

Mainframe: collection limits

Collection Limits

Internet and Personal Computers: secrecy and channel security

Security fixes

Web: user control

User Control/Choice

Semantic Web


Law and Society -- a pop quiz

  1. How many believe you are subject to law (any law)?
  2. How many of you follow (most) laws? [exclude speed limits]
  3. How many of you read all the laws to which you believe you are subject?
  4. How many have been to a court of law?

General goal: Making the Web 'Policy Aware'

General view (amongst the 'digerati'): law has to catch up with new technology.

General question: how will laws catch up?

My question: How will the Web finally catch up with the 'real world'?: in everyday life, the vast major of 'policy' problems get worked out without recourse to legal system.

Design goal: instrument the Web to provide seamless social interactions which allow us to avoid legal system the way we do in the rest of life

Global perspective: In the shift from centralized to decentralized information systems we see a general trend:

ex ante policy enforcement barriers -> policy description with late binding of rules for accountability

B. Proto Policy Aware Design Patterns: Free Speech, Child Protection, Content Filtering

"The Internet is 'a unique and wholly new medium of worldwide human communication.'" ACLU v. Reno, United States Supreme Court (June 1997)

"Filters are less restrictive than COPA. They impose selective restrictions on speech at the receiving end, not universal restrictions at the source." Ashcroft v. ACLU, 542 US 654 (2004).

Google safesearch

B. Proto Policy Aware Design Patterns: Web Copyright

Traditional Approach to Copyright

Universal Studios Flickr

Departure from Hollywood content (centralized production) -> Blogs, Flickr and Livejournal (decentralized content we all make)

Copyright in Decentralized Environments: Creative Commons and the Web

Google Creative Commons Yahoo Creative Commons search

Move from up-front enforcement barriers (DRM) -> open description of licensing terms (CC) with after-the-fact enforcement as needed

How does the Policy Aware Web approach help with core privacy challenges?

  1. Transactional approach to privacy in large-scale, many-to-many relationships
  2. Protecting the Privacy of Publicly Available Data

Privacy: the dilemma of consent

Can today's model (EU or US) be sufficient going forward?

Key will be purpose limitation, but we have a dilemma...

Dilemma: limited individual and regulatory capacity to control escalating data collection.

Current result of consent dilemma + increased inference power: strict about what's collected but loose about usage

Better result: loose about what is collected and strict about usage

Collection Limitation -> Use Limitation


  1. Rules express core values!!
  2. Better allocation of individual and regulatory effort
  3. Often the only logical evaluation point

C. Policy Aware Architecture for the Web: End-to-End Accountability for Privacy

today's web architecture

C. Policy Aware Architecture for the Web: End-to-End Accountability for Privacy

today's web architecture

Conclusion: practical design patterns for working with personal information on the Semantic Web


For more information see:

Work described here is supported by the US National Science Foundation Cybertrust Program (05-518) and ITR Program (04-012).

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 2.5 License.