Contributors: (ordered alphabetically) Arthit Suriyawongkul(ADAPT Centre, Trinity College Dublin),
Axel Polleres(Vienna University of Economics and Business),
Beatriz Esteves(IDLab, IMEC, Ghent University),
Bud Bruegger(Unabhängige Landeszentrum für Datenschutz Schleswig-Holstein),
Damien Desfontaines(No affiliation provided),
Danielle Welter(University of Luxembourg),
David Hickey(Dublin City University),
Delaram Golpayegani(ADAPT Centre, Trinity College Dublin),
Elmar Kiesling(Vienna University of Technology),
Fajar Ekaputra(Vienna University of Technology),
Georg P. Krog(Signatu AS),
Harshvardhan J. Pandit(AI Accountability Lab (AIAL), Trinity College Dublin),
Iain Henderson(JLINC Labs),
Javier Fernández(Vienna University of Economics and Business),
Julian Flake(University of Koblenz),
Julio Hernandez(Dublin City University),
Mark Lizar(OpenConsent/Kantara Initiative),
Maya Borges(Danish Agency for Digitisation),
Paul Ryan(Uniphar PLC),
Piero Bonatti(Università di Napoli Federico II),
Rana Saniei(Universidad Politécnica de Madrid),
Rob Brennan(University College Dublin),
Rudy Jacob(Proximus),
Simon Steyskal(Siemens),
Steve Hickman(Epistimis LLC).
NOTE: The affiliations are informative, do not represent formal endorsements, and may be outdated as this list is generated automatically from existing data.
This document provides additional details and examples for contextual concepts such as durations, frequencies, and locations used in the Data Privacy Vocabulary [[DPV]], and is a companion to the [[DPV]] specification.
DRAFT RELEASE This is draft release intended for review.
DPV Specifications: The [[DPV]] is the core specification within the DPV family, with the following extensions: Personal Data [[PD]], Locations [[LOC]], Risk Management [[RISK]], Technology [[TECH]] and [[AI]], [[JUSTIFICATIONS]], [[SECTOR]] specific extensions, and [[LEGAL]] extensions modelling specific jurisdictions and regulations. A [[PRIMER]] introduces the concepts and modelling of DPV specifications, and [[GUIDES]] describe application of DPV for specific applications and use-cases. The Search Index page provides a searchable hierarchy of all concepts. The Data Privacy Vocabularies and Controls Community Group (DPVCG) develops and manages these specifications through GitHub. For meetings, see the DPVCG calendar.
Contributing: The DPVCG welcomes participation to improve the DPV and associated resources, including expansion or refinement of concepts, requesting information and applications, and addressing open issues. See contributing guide for further information.
Introduction
This document assumes the reader is familiar with DPV through the [[[PRIMER]]], and thus focuses on providing a topically structured documentation of concepts defined by DPV.
dpv:Applicability: Concept provided to represent indication of cases where the information or context is not applicable (N/A) or not available or this is not known or determined yet. If the information is applicable and available, this concept should not be used.
go to full definition
dpv:NotApplicable: Concept indicating the information or context is not applicable
go to full definition
dpv:NotAvailable: Concept indicating the information or context is applicable but information is not yet available
go to full definition
dpv:UnknownApplicability: Concept indicating information or context availability is unknown i.e. it is not known if the information exists or is applicable and therefore statements about its availability cannot be made (yet)
go to full definition
dpv:EndlessDuration: Duration that is (known or intended to be) open ended or without an end
go to full definition
dpv:FixedOccurrencesDuration: Duration that takes place a fixed number of times e.g. 3 times
go to full definition
dpv:IndeterminateDuration: Duration that is indeterminate or cannot be determined
go to full definition
dpv:TemporalDuration: Duration that has a fixed temporal duration e.g. 6 months
go to full definition
dpv:UntilEventDuration: Duration that takes place until a specific event occurs e.g. Account Closure
go to full definition
dpv:UntilTimeDuration: Duration that has a fixed end date e.g. 2022-12-31
go to full definition
dpv:FeeRequirement: Concept indicating whether a fee is required
go to full definition
dpv:FeeNotRequired: Concept indicating a fee is not required. This is distinct from a Fee of zero as it indicates a fee is not applicable in the context
go to full definition
dpv:FeeRequired: Concept indicating a fee is required. The value of the fee should be specified using rdf:value or an another relevant means
go to full definition
dpv:Frequency: The frequency or information about periods and repetitions in terms of recurrence.
go to full definition
dpv:ContinuousFrequency: Frequency where occurrences are continuous
go to full definition
dpv:OftenFrequency: Frequency where occurrences are often or frequent, but not continuous
go to full definition
dpv:SingularFrequency: Frequency where occurrences are singular i.e. they take place only once
go to full definition
dpv:SporadicFrequency: Frequency where occurrences are sporadic or infrequent or sparse
go to full definition
dpv:Importance: An indication of 'importance' within a context
go to full definition
dpv:PrimaryImportance: Indication of 'primary' or 'main' or 'core' importance
go to full definition
dpv:SecondaryImportance: Indication of 'secondary' or 'minor' or 'auxiliary' importance
go to full definition
dpv:Justification: A form of documentation providing reasons, explanations, or justifications
go to full definition
dpv:Scope: Indication of the extent or range or boundaries associated with(in) a context
go to full definition
Duration and Frequency
Duration
To express the duration of events or operations, such as how long processing will take or the validity of consent, the concept [=Duration=] can be used. Duration is indicated using the relation [=hasDuration=], and has the following subtypes:
[=TemporalDuration=] - indicating a relative temporal duration, e.g. 6 months.
[=UntilTimeDuration=] - indicating duration that occurs until the end of specified time, e.g. until 31 DEC 2022.
[=UntilEventDuration=] - indicating duration that occurs until the end of specified event, e.g. until account is closed.
[=FixedOccurrencesDuration=] - a duration that is based on number of Occurrences, e.g. until you view it 3 times
[=EndlessDuration=] - indicating a duration without an end condition or temporal notation.
Frequency
[=Frequency=] indicates how frequently something occurs. Statistically, this can be expressed as the combination of number of Occurrences and a time period, which can further be expressed as a probabilistic value or a percentage. For example, for something occurring once every year, the frequency is: 1 or 100% for 1 year. While such quantified representations are important for determining metrics and performing operations, DPV focuses on the qualitative labelling of such representations within a specific context.
The relation [=hasFrequency=] associates a frequency with a context, and can be expressed using the following subtypes:
[=ContinuousFrequency=] - indicates things occurring Continuously, e.g. location collection happens Continuously.
[=SporadicFrequency=] - indicates things occurring sporadically or rarely or not often, e.g. collecting system usage logs every month.
[=OftenFrequency=] - indicates things happen often or regularly or commonly, e.g. online status is reported every 5 mins.
[=SingularFrequency=] - indicates things happen only once.
Importance & Necessity
DPV provides two subtypes of concepts to denote contextual - [=Importance=] and [=Necessity=], which can be applied to specific contexts such as `dpv:Process`, `dpv:Purpose`, `dpv:PersonalData`.
[=Necessity=] enables specifying whether the contextual information is [=Required=], is [=Optional=], or is [=NotRequired=]. These can be used to indicate, for example, which parts of processing operations (e.g. purposes, personal data) are optional, and whether a particular processing operation is required to be carried out.
[=Importance=] is similar in application to [=Necessity=], and provides a way to indicate how central or significant the indicated operation(s) are to the context (e.g. to the Controller). Subtypes of importance are [=PrimaryImportance=] to indicate 'main' or 'central' or 'primary' importance, and [=SecondaryImportance=] to indicate 'auxiliary' or 'peripheral' or 'secondary' importance.
Scope & Justification
[=Scope=], associated using the relation [=hasScope=], indicates the extent or range or boundaries associated with(in) a context. For example, where processing only takes place for a specific service or within a jurisdictional framework.
[=Justification=] enables providing a reason or 'justification' within the context. For example, why a particular activity is taking place, or for when a request could not be fulfilled - such as when exercising a right. Justifications can be indicated using the [=hasJustification=] relation. The [[[JUSTIFICATIONS]]] extension provides a taxonomy of such justifications based on practical use-cases and requirements. (examples for justifications are provided with status concepts later in this document)
Applicability
[=Applicability=] concepts enable expressing conditions where the information is not available, or is not applicable, or it is unknown. The concepts provided to represent these are: [=NotApplicable=], [=NotAvailable=], and [=UnknownApplicability=]. These concepts are useful for 'closed world' interpretations where information _must_ be provided e.g. when filling out a form a human may write "N/A" in the text field instead of providing the requested information.
Status
To assist with expressing the state or status associated with various activities, DPV provides the [=Status=] concept that can be associated contextually using the [=hasStatus=] relation. Types of statuses included in DPV are: [=ActivityStatus=], [=ComplianceStatus=] including [=Lawfulness=], [=AuditStatus=], [=ConformanceStatus=], [=RequestStatus=], [=EntityInformedStatus=], [=IntentionStatus=], [=ExpectationStatus=], [=InvolvementStatus=], [=NotificationStatus=], and [=ReuseCompatibility=]. The corresponding relations provided are: [=hasActivityStatus=], [=hasComplianceStatus=], [=hasLawfulness=], [=hasAuditStatus=], [=hasConformanceStatus=], [=hasRequestStatus=], [=hasInformedStatus=], [=hasIntention=], [=hasExpectation=], [=hasInvolvement=], [=hasNotificationStatus=], and [=hasReuseCompatibility=].
dpv:ExpectationStatus: Status indicating whether the specified context was intended or unintended
go to full definition
dpv:Expected: Status indicating the specified context was expected
go to full definition
dpv:Unexpected: Status indicating the specified context was unexpected i.e. not expected
go to full definition
dpv:LawfulnessUnknown: State of the lawfulness not being known
go to full definition
dpv:Unlawful: State of being unlawful or legally non-compliant
go to full definition
dpv:NonCompliant: State of non-compliance where objectives have not been met, but have not been violated
go to full definition
dpv:PartiallyCompliant: State of partially being compliant i.e. only some objectives have been met, and others have not been in violation
go to full definition
dpv:ConformanceStatus: Status associated with conformance to a standard, guideline, code, or recommendation
go to full definition
dpv:ReuseCompatibility: Concept indicating whether the specified context is compatible with another earlier context
go to full definition
dpv:CompatibilityUnknown: Concept indicating the compatibility of the context with an earlier context is currently unknown
go to full definition
dpv:PrimaryUse: Concept indicating compatibility based on the use being either the original context or something that is compatible with it
go to full definition
dpv:SecondaryUse: Concept indicating incompatibility based on the use not being compatible with an earlier context
go to full definition
Activity Status
[=ActivityStatus=] represents a state or status of an activity's operations and lifecycle, which includes [=ActivityProposed=], [=ActivityOngoing=], [=ActivityHalted=], [=ActivityCompleted=], and [=ActivityNotCompleted=]. These are associated using the [=hasActivityStatus=] relation. Here, the concept 'Activity' is broadly defined and can refer to a process, a processing operation, or any other type of activity.
Compliance Status
[=ComplianceStatus=] represents status associated with compliance with some norms, objectives, or requirements. Types include [=Compliant=], [=PartiallyCompliant=], [=NonCompliant=], [=ComplianceViolation=], [=ComplianceUnknown=], [=ComplianceIndeterminate=]. These are indicated using the [=hasComplianceStatus=] relation. The association with a law or objective can be specified using [=hasApplicableLaw=] or `hasPolicy` directly for the status or indirectly through the concept whose status is being represented.
Lawfulness Status
[=Lawfulness=] represents a special type of [=ComplianceStatus=] which relates to legal compliance, or lawfulness, and has types [=Lawful=], [=Unlawful=], and [=LawfulnessUnknown=]. It is indicated with the relation [=hasLawfulness=]. When using status associated with laws, we recommend using compliance status to refer to whether the specific activities being considered are according to the requirements of law, and lawfulness to refer to the overall nature of the activity being lawful or unlawful. Note that non-compliance may not necessary lead to unlawfulness e.g. there are exceptions or additional obligations to be carried out for non-compliance within the framework of the law.
Audit Status
[=AuditStatus=] represents the state or status of an audit, where the term audit is loosely defined, and may or may not relate to legal compliance - for e.g. for impact assessments, or as part of certification, or to assess compliance (in combination with above), or for organisational quality assurance processes. Types of audits include [=AuditApproved=], [=AuditConditionallyApproved=], [=AuditRejected=], [=AuditRequested=], [=AuditNotRequired=], and [=AuditRequired=]. The audit status is indicated by using the relation [=hasAuditStatus=].
Conformance Status
[=ConformanceStatus=] represents the status of conformance, which is defined distinctly from compliance by considering voluntary association or following of a guideline, requirement, standard, or policy, and where compliance is related to the (legal or other systematically defined) conformity of a given system or use-case with rules which may dictate obligations and prohibitions that must be followed. To provide an illustrative example, consider conformance with a standard on best practices regarding security may assist in the demonstration of compliance with a legal norm requiring organisational measures of security. Types of conformance defined are: [=Conformant=] and [=NonConformant=].
Request Status
[=RequestStatus=] represents the state or status of requests, which can be between entities such as data subjects and controllers regarding exercising of rights, or between controllers and processors regarding processing operations, or between authorities and controllers regarding compliance related communications. Types of request statues are: [=RequestInitiated=], [=RequestAcknowledged=], [=RequestAccepted=], [=RequestRejected=], [=RequestFulfilled=], [=RequestUnfulfilled=], [=RequestRequiresAction=], [=RequestRequiredActionPerformed=], [=RequestActionDelayed=], and [=RequestStatusQuery=].
Reuse Compatibility Status
[=ReuseCompatibility=] represents the contextual indication of whether there is reuse, and whether it is 'compatible' with an initial or prior context. This context is undefined in the concept itself, but can be specified to be based on criteria such as purpose, personal data, entities and relationships, locations, jurisdictions, and other such concepts. DPV provides two categories of reuse as [=PrimaryUse=] to indicate initial or compatible reuse, and [=SecondaryUse=] to indicate subsequent incompatible reuse. These are associated with the context using the [=hasReuseCompatibility=] relation.
Location & Jurisdiction
To represent location, the concept [=Location=] along with relations [=hasLocation=] is provided. For geo-political locations, the concepts such as [=Country=] and [=SupraNationalUnion=] are subtypes, with [=hasCountry=] and [=ThirdCountry=] with [=hasThirdCountry=] provided for convenience in common uses (e.g. data storage, transfers).
To define contextual location concepts, such as there being several locations, or that the location is 'local' to an event, DPV provides two concepts. [=LocationFixture=] specifies whether the location is 'fixed' or 'deterministic', and is extended with concepts [=FixedLocation=], [=FederatedLocations=], [=DecentralisedLocations=], [=RandomLocation=], and [=VariableLocation=]. [=LocationLocality=] specifies whether the location is 'local' within the context, and is extended as [=LocalLocation=] and [=RemoteLocation=]. Local locations provided include [=PrivateLocation=], [=PublicLocation=], [=WithinDevice=], [=WithinPhysicalEnvironment=], and [=WithinVirtualEnvironment=]. Remote location is extended to represent [=CloudLocation=].
By default, the location concepts represent the boundaries and what is contained inside them. To subjectively indicate something outside of this location, the property [=isOutsideOfLocation=] is provided. Having this property is helpful to indicate spaces outside of a given location, for example to indicate a CCTV is monitoring the area outside of a home. Using [=hasLocation=] and [=isOutsideOfLocation=] with ex:Home would indicate the monitoring of the combined area of inside and outside the home.
To represent locations as jurisdictions, the relation [=hasJurisdiction=] is provided. The concept [=Law=] represents an official or authoritative law or regulation created by a government or an authority. To indicate applicability of laws within a jurisdiction, the relation [=hasApplicableLaw=] is provided.
[[[LEGAL]]] provides taxonomies extending these concepts, such as to represent specific countries, their laws, authorities, memberships, adequacy decisions, and other information.
dpv:Law: A law is a set of rules created by government or authorities
go to full definition
dpv:Location: A location is a position, site, or area where something is located
go to full definition
dpv:Jurisdiction: A jurisdiction represents the locations that define the extent of authority (or control) claimed, granted, or asserted by a legal entity (in particular a legal authority) to govern or enforce rules
go to full definition
dpv:Country: A political entity indicative of a sovereign or non-sovereign territorial state comprising of distinct geographical areas
go to full definition
dpv:Region: A region is an area or site that is considered a location
go to full definition
dpv:City: A region consisting of urban population and commerce
go to full definition
dpv:ThirdCountry: Represents a country outside applicable or compatible jurisdiction as outlined in law
go to full definition
dpv:EconomicUnion: A political union of two or more countries based on economic or trade agreements
go to full definition
dpv:InverseJurisdiction: An inverse jurisdiction for a specific jurisdiction is the set of all other jurisdictions that are not part of the specific jurisdiction
go to full definition
dpv:SupraNationalUnion: A political union of two or more countries with an establishment of common authority
go to full definition
dpv:LocationLocality: Locality refers to whether the specified location is local within some context, e.g. for the user
go to full definition
dpv:PrivateLocation: Location that is not or cannot be accessed by the public and is controlled as a private space
go to full definitiondeprecated in next version
dpv:PublicLocation: Location that is or can be accessed by the public
go to full definitiondeprecated in next version
dpv:WithinDevice: Location is local and entirely within a device, such as a smartphone
go to full definitiondeprecated in next version
dpv:CloudLocation: Location that is in the 'cloud' i.e. a logical location operated over the internet
go to full definition
dpv:PrivateSpace: A space that is owned or controlled by a private entity and where access to members of the public is restricted
go to full definition
dpv:HybridPublicPrivateSpace: A space that is a hybrid space i.e it has both public and private components - such as by having part of it be a private space or which is operated privately
go to full definition
dpv:PrivatelyOperatedPublicSpace: A space that is operated or managed by a private entity but which is accessible to the public e.g. a public bus station operated by a specific company
go to full definition
dpv:PrivatelyOwnedPublicSpace: A space that is privately owned but which is accessible and usable by the public - whether freely or through a process which is open to all members of the public e.g. hotel lobby, shopping mall atriums
go to full definition
dpv:PersonalSpace: A private space associated with an individual in a personal capacity - such as their home or the space around their physical person e.g. my home or my room
go to full definition
dpv:PrivateCommunalSpace: A space that is accessible to a group or a community within a private space and where members of the public do not have access to it e.g. society amenities such as gyms and pools
go to full definition
dpv:PrivatelyOwnedSpace: A place that is privately owned e.g. offices, malls
go to full definition
dpv:PrivatelyOwnedPublicSpace: A space that is privately owned but which is accessible and usable by the public - whether freely or through a process which is open to all members of the public e.g. hotel lobby, shopping mall atriums
go to full definition
dpv:SemiPrivateSpace: A private space that acts as a shared space with other entities but which is still essentially private for the individuals e.g. a semi-private hospital room shared with another patient
go to full definition
dpv:PublicSpace: Any space that is accessible to the public or is owned by the public
go to full definition
dpv:HybridPublicPrivateSpace: A space that is a hybrid space i.e it has both public and private components - such as by having part of it be a private space or which is operated privately
go to full definition
dpv:PrivatelyOperatedPublicSpace: A space that is operated or managed by a private entity but which is accessible to the public e.g. a public bus station operated by a specific company
go to full definition
dpv:PrivatelyOwnedPublicSpace: A space that is privately owned but which is accessible and usable by the public - whether freely or through a process which is open to all members of the public e.g. hotel lobby, shopping mall atriums
go to full definition
dpv:PubliclyAccessibleSpace: A space that is accessible to all members of the public e.g. parks, malls, train stations
go to full definition
dpv:PrivatelyOperatedPublicSpace: A space that is operated or managed by a private entity but which is accessible to the public e.g. a public bus station operated by a specific company
go to full definition
dpv:PubliclyOwnedSpace: A space that is owned by the public e.g. national parks, forests
go to full definition
dpv:WithinPhysicalEnvironment: Location is local and entirely within a physical environment, such as a room
go to full definitiondeprecated in next version
dpv:WithinVirtualEnvironment: Location is local and entirely within a virtual environment, such as a software system
go to full definitiondeprecated in next version
dpv:LocationFixture: The fixture of location refers to whether the location is fixed
go to full definition
dpv:DecentralisedLocations: Location that is spread across multiple separate areas with no distinction between their importance
go to full definition
dpv:FederatedLocations: Location that is federated across multiple separate areas with designation of a primary or central location
go to full definition
dpv:FixedLocation: Location that is fixed i.e. known to occur at a specific place
go to full definition
dpv:FixedMultipleLocations: Location that is fixed with multiple places e.g. multiple cities
go to full definition
dpv:FixedSingularLocation: Location that is fixed at a specific place e.g. a city
go to full definition
State of an activity that could not be completed, but has reached some end state
Usage Note
This relates to a 'Stop' state as distinct from a 'Halt' state. It makes no comments on whether the Activity can be resumed or continued towards completion.
Concept provided to represent indication of cases where the information or context is not applicable (N/A) or not available or this is not known or determined yet. If the information is applicable and available, this concept should not be used.
Usage Note
These concepts are useful in closed-world interpretations, for example in forms where a field must have a value to explicitly denote it is not applicable or the information is not available yet.
State of being conditionally approved through the audit
Usage Note
A "conditional approval" is intended to reflect states where the audit has identified further changes which must be implemented before considering the audit has been 'passed', without requiring another audit to validate them. This is distinct from the case where an audit has state 'rejected', which means changes must be made and submitted for review. The requirements of a 'conditional acceptance' are expected to be minor or not significant enough to warrant another audit to review them.
Context is a catch-all concept for information of relevance not possible to represent through other core concepts. DPV offers specific contextual concepts such as Necessity, Frequency, and Duration. More can be created by extending Context within use-cases.
Date Created
2019-04-05
Date Modified
2022-06-15
Contributors
Axel Polleres, Elmar Kiesling, Fajar Ekaputra, Harshvardhan J. Pandit, Javier Fernández, Simon Steyskal
A political entity indicative of a sovereign or non-sovereign territorial state comprising of distinct geographical areas
Usage Note
The definition of country is not intended for political interpretation. DPVCG welcomes alternate definitions based in existing sources with global scope, such as UN or ISO.
Status indicating whether the specified context was intended or unintended
Usage Note
Expectation is associated with the outcome of a goal or purpose for what is expected to happen i.e. an ex-post indication of what was expected to happen in the specified context. Intention and Expectation are closely related terms. We recommend using Intention when the entity has the ability to control the implementation and Expectation for when the entity does not have control or for what happens after or beyond the exercise of control.
Date Created
2024-05-10
Contributors
Delaram Golpayegani, Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan
A space that is a hybrid space i.e it has both public and private components - such as by having part of it be a private space or which is operated privately
Date Created
2025-04-07
Contributors
Arthit Suriyawongkul, Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
Duration that is indeterminate or cannot be determined
Usage Note
Indeterminate means (exact or otherwise) information about the duration cannot be determined, which is distinct from 'EndlessDuration' where it is known (or decided) that the duration is open-ended or without an end.
Status indicating whether the specified context was intended or unintended
Usage Note
Intention is associated with the goal or purpose for what is about to happen i.e. an ex-ante indication of whether the specified context is/was planned or intended. Intention and Expectation are closely related terms. We recommend using Intention when the entity has the ability to control the implementation and Expectation for when the entity does not have control or for what happens after or beyond the exercise of control.
Date Created
2024-05-10
Contributors
Delaram Golpayegani, Georg P. Krog, Harshvardhan J. Pandit, Paul Ryan
An inverse jurisdiction for a specific jurisdiction is the set of all other jurisdictions that are not part of the specific jurisdiction
Usage Note
Inverse Jurisdictions are helpful when asserting and checking rules that involve a concept representing jurisdictions outside of a given jurisdiction. An inverse jurisdiction of an inverse jurisdiction should give back the same original jurisdiction but this is undefined and strongly dissuaded as it could lead to recursive definitions in some use-cases
Date Created
2025-05-04
Contributors
Beatriz Esteves, Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
A jurisdiction represents the locations that define the extent of authority (or control) claimed, granted, or asserted by a legal entity (in particular a legal authority) to govern or enforce rules
Concept indicating the information or context is not applicable
Usage Note
This relates to a 'Stop' state as distinct from a 'Halt' state. It makes no comments on whether the Activity can be resumed or continued towards completion.
Concept indicating the information or context is applicable but information is not yet available
Usage Note
This concept is useful when describing situations where information is required but is not available (yet). For example, if in a form a field asks about whether a process X was completed, and it is correct to interpret that process X is applicable and must be completed, but the information is not yet available as to whether this was done - then NotAvailable is useful to represent this.
A private space associated with an individual in a personal capacity - such as their home or the space around their physical person e.g. my home or my room
Date Created
2025-04-07
Contributors
Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
Concept indicating compatibility based on the use being either the original context or something that is compatible with it
Usage Note
Primary Use refers to an assessment where two contexts are found to be compatible, e.g. if purpose is used to test compatibility, then for two activities the second activity is said be the primary use if its purpose is compatible with the first activity's purpose
Date Created
2025-06-19
Contributors
Arthit Suriyawongkul, Beatriz Esteves, Delaram Golpayegani, Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
A space that is accessible to a group or a community within a private space and where members of the public do not have access to it e.g. society amenities such as gyms and pools
Date Created
2025-04-07
Contributors
Arthit Suriyawongkul, Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
A space that is privately owned but which is accessible and usable by the public - whether freely or through a process which is open to all members of the public e.g. hotel lobby, shopping mall atriums
Date Created
2025-04-07
Contributors
Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
Any space that is accessible to the public or is owned by the public
Usage Note
Public space is distinct from places under (public) government ownership as such places can exclude public from accessing the place e.g. government military installations or reserved land
Date Created
2025-04-07
Contributors
Arthit Suriyawongkul, Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
Concept indicating whether the specified context is compatible with another earlier context
Usage Note
Compatibility refers to whether two contexts, such as dpv:Process instances, are compatible with each other based on a criteria which is not defined by the concept. This criteria can be based on requirements from law, such as GDPR's purpose compatibility or can be based on privacy norms such as contextual integrity. To express such interpretations, further concepts should be expanded from this base concept
Date Created
2025-06-19
Contributors
Arthit Suriyawongkul, Beatriz Esteves, Delaram Golpayegani, Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
Concept indicating incompatibility based on the use not being compatible with an earlier context
Usage Note
Secondary Use refers to an assessment where two contexts are found to be incompatible, e.g. if purpose is used to test compatibility, then for two activities the second activity is said be the secondary use if its purpose is incompatible with the first activity's purpose
Date Created
2025-06-19
Contributors
Arthit Suriyawongkul, Beatriz Esteves, Delaram Golpayegani, Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
A private space that acts as a shared space with other entities but which is still essentially private for the individuals e.g. a semi-private hospital room shared with another patient
Date Created
2025-04-07
Contributors
Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
Concept indicating information or context availability is unknown i.e. it is not known if the information exists or is applicable and therefore statements about its availability cannot be made (yet)
Usage Note
This concept is useful when describing situations where it cannot be stated whether the context applies or whether the information is not available yet. For example, if a form field asks about whether a process X was completed and it is not yet known whether X applies or not and therefore it is also unclear whether X was completed or not. Using UnknownApplicability is a signal that the applicability of X should be assessed, and if applicable, then information about X should be identified and used here.
Location is local and entirely within a device, such as a smartphone
Usage Note
This concept will be deprecated in a future DPV release, it is suggested to use the existing concepts representing device as tech:Device to have parity and consistency between the use of device as a technology and for data storage
Location is local and entirely within a physical environment, such as a room
Usage Note
This concept will be deprecated in a future DPV release, it is suggested to use other concepts that also represent the nature of the location e.g. dpv:PrivateSpace or its accessibility dpv:PubliclyAccessibleSpace
Location is local and entirely within a virtual environment, such as a software system
Usage Note
This concept will be deprecated in a future DPV release, it is suggested to use the existing concepts representing device as tech:Software and its taxonomy to have parity and consistency between the use of software as a technology and as a virtual environment for data storage and operations
Indicates situations where the context is not applicable, information is not available, or this is unknown. An appropriate instance of dpv:Applicability should be used with this relation to express the situation
Indicates the inverse jurisdiction for a given jurisdiction
Usage Note
Using this property gives the set of all other jurisdictions that are not part of the jurisdiction e.g. when used with a country, it refers to all other countries
Date Created
2025-05-04
Contributors
Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
Also used to Indicate the status of a Right Exercise Activity
Usage Note
For expressing the status of the DPIA document or process. Here different statuses are used to convey different contextual meanings. For example, dpv:ActivityStatus expresses the state of the activity in terms of whether it is ongoing or completed, and dpv:AuditStatus expresses the state of the audit process in terms of being required, approved, or rejected. These are applied over each step of the DPIA i.e. DPIANecessityAssessment, DPIAProcedure, and DPIAOutcome. Similarly, a process also uses hasStatus with DPIAConformity to indicate adherence to the results of the DPIA process.
Indicates the interpretation where the location being referenced is outside of the indicated concept
Usage Note
This property is helpful for cases where a distinction needs to be made between inside/outside of a concept, and the area outside of that concept is to be referenced. For example, using Home with dpv:hasLocation means inside the Home, and using this property along with Home means outside of Home - such as the yard or porch
Date Created
2025-05-04
Contributors
Georg P. Krog, Harshvardhan J. Pandit, Julian Flake
DPV uses the following terms from [[RDF]] and [[RDFS]] with their defined meanings:
rdf:type to denote a concept is an instance of another concept
rdfs:Class to denote a concept is a Class or a category
rdfs:subClassOf to specify the concept is a subclass (subtype, sub-category, subset) of another concept
rdf:Property to denote a concept is a property or a relation
The following external concepts are re-used within DPV:
External
Funding Acknowledgements
Funding Sponsors
The DPVCG was established as part of the SPECIAL H2020 Project, which received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 731601 from 2017 to 2019.
Harshvardhan J. Pandit was funded to work on DPV from 2020 to 2022 by the Irish Research Council's Government of Ireland Postdoctoral Fellowship Grant#GOIPD/2020/790.
The ADAPT SFI Centre for Digital Media Technology is funded by Science Foundation Ireland through the SFI Research Centres Programme and is co-funded under the European Regional Development Fund (ERDF) through Grant#13/RC/2106 (2018 to 2020) and Grant#13/RC/2106_P2 (2021 onwards).
Funding Acknowledgements for Contributors
The contributions of Harshvardhan J. Pandit have been made with the financial support of Science Foundation Ireland under Grant Agreement No. 13/RC/2106_P2 at the ADAPT SFI Research Centre; and the AI Accountability Lab (AIAL) which is supported by grants from following groups: the AI Collaborative, an Initiative of the Omidyar Group; Luminate; the Bestseller Foundation; and the John D. and Catherine T. MacArthur Foundation.
