Alfred de Jager made a comment about data ownership, access control and provenance, asking whether and how these issues had been handled in the WG.
This is out of scope for the work but an important issue that needs to be addressed.
Proposal:
Add text to the spec to explain that access control and provenance is out of scope for the current work but that data publishers and consumers should not take use of any core vocabulary as an automatic 'right to share' and their use has no effect on ownership and access rights. Personal data is, by its nature, sensitive and must be handed accordingly. Data provenance and security is not covered by this spec.
Component
DocumentationCategory
improvement
Login or
create an account to comment.
Comments
The new text says more or less exactly as suggested in the issue. A seubsection of the Conformance section now says:
"Access control and provenance is out of scope for the current work but data publishers and consumers should not take use of any core vocabulary as an automatic 'right to share.' Their use has no effect on ownership and access rights. Personal data is, by its nature, sensitive and must be handed accordingly. Data provenance and security is not covered by this specification but it is recognised as being of very high importance."
(At the time of writing, the revised document si expected to be published within the next 7 days).