Introduction to Fides Lang with Cillian Kieran
Summary
TLDRKilian Kiernan introduces Fideslang, a high-level description language for privacy that simplifies complex privacy tasks by integrating with CI pipelines and runtime environments. Fideslang uses a standard ontology to define privacy characteristics of software systems and data, focusing on data categories, uses, subjects, and qualifiers. This language is designed to be human-readable, making it accessible for developers and non-engineers alike, ensuring privacy compliance and interoperability across systems.
Takeaways
- 📝 Fideslang is a high-level description language for privacy, designed to simplify and automate complex privacy tasks.
- 🌐 It integrates with CI pipelines and runtime environments, supporting privacy in software systems and data processing.
- 🔒 Privacy is complex due to varying global regulations and a lack of interoperability in data definitions across teams and companies.
- 👨🏫 Developers often require significant training to understand privacy concepts, highlighting the need for standardized privacy ontologies.
- 🗂️ Fideslang uses a taxonomy that includes four major privacy primitives: data categories, data uses, data subjects, and data qualifiers.
- 🔑 Data categories define the type of data processed, such as 'contact data' or 'email address'.
- 🎯 Data uses label the purpose of data usage, like 'advertising' or 'personalization'.
- 👤 Data subjects represent the type of user or subject whose data is being processed, with different rights and policies.
- 🔍 Data qualifiers denote the degree of identification in the data, such as 'aggregated', 'anonymized', or 'identifiable'.
- 📖 Fideslang is designed to be easy to read, understand, and write, making it accessible to developers and non-engineers alike.
- 🔗 It provides a clear understanding of privacy characteristics, behaviors, and risks associated with data processing in systems.
- 💡 Fideslang's hierarchical taxonomy and dot notation allow for precise and fine-grained privacy definitions, enhancing compliance and interoperability.
Q & A
What is Fideslang and how does it relate to privacy?
-Fideslang is a high-level description language for privacy, supported by a set of tools and workflows. It integrates with CI pipelines and runtime environments to simplify and automate complex privacy tasks, helping teams manage privacy in compliance with global regulations.
Why is privacy a complex problem in software development?
-Privacy is complex due to multiple global regulations with different definitions for how specific categories of data should be treated, compounded by a lack of interoperability as every team and company may define their own view of data types.
What does Fideslang aim to achieve by defining a standard ontology for privacy?
-Fideslang aims to achieve a clear understanding of privacy characteristics, behaviors, and associated risks of systems' data processing by defining a standard ontology, making it easier for developers and non-engineers to understand and comply with privacy regulations.
What are the four major privacy primitives captured by Fideslang's taxonomy?
-The four major privacy primitives are data categories, data uses, data subjects, and data qualifiers. These primitives help describe the type of data, the purpose of its use, the type of user or subject it pertains to, and the degree of identification it provides.
How does Fideslang's hierarchical taxonomy work?
-Fideslang's taxonomy is hierarchical, allowing for both broad and fine-grained categorization of data. For example, 'contact data' is a broad category that includes all contact information, while 'email address' is a more specific sub-category within it.
What is the purpose of data categories in Fideslang?
-Data categories in Fideslang represent the types of data a system processes, providing a clear 'what' aspect of the data being handled, which is crucial for understanding privacy implications.
Can you provide an example of how data uses are described in Fideslang?
-Data uses in Fideslang are described using labels that indicate the purpose for which data is used, such as 'advertising' or 'personalization'. This provides a 'why' aspect, helping to clarify the intent behind data processing.
Why is it important to distinguish data subjects in privacy regulations?
-Data subjects represent the type of user or subject whose data is being processed. Distinguishing them is important because rights or policies for data processing may vary by subject grouping, such as a customer versus a patient.
What do data qualifiers in Fideslang signify?
-Data qualifiers in Fideslang denote the degree of identification for a given data, indicating how identifiable the individual is. Qualifiers include 'aggregated', 'anonymized', and 'identifiable', which help define the privacy level of the data.
How does Fideslang make it easier to comply with privacy regulations?
-Fideslang provides an easy-to-read, understand, and write definition language for privacy that synthesizes major regulations. This ensures that rules and policies can be applied evenly across systems and provides an interoperable standard for privacy.
Where can one find more information about Fideslang and its technical documentation?
-For more information about Fideslang, one can visit ethica.com or check the detailed technical documentation located on the GitHub repository for Fideslang.
Outlines
📜 Introduction to Fideslang for Privacy in Data Processing
Kylan Kieran introduces Fideslang, a high-level description language for privacy that integrates with CI pipelines and runtime environments to simplify privacy tasks. Fideslang addresses the complexity of global privacy regulations by providing a standard ontology for data privacy. It is designed to be human-readable and easy for developers to use, even those not familiar with privacy concepts. The language categorizes data into four privacy primitives: data categories, data uses, data subjects, and data qualifiers. These categories help in understanding the privacy characteristics, behaviors, and risks associated with data processing in software systems.
Mindmap
Keywords
💡Fideslang
💡Privacy
💡Data Categories
💡Data Uses
💡Data Subjects
💡Data Qualifiers
💡Taxonomy
💡Interoperability
💡CI Pipeline
💡Runtime Environment
💡Ethical AI
Highlights
Fideslang is a high-level description language for privacy.
It integrates with CI pipelines and runtime environments to automate privacy tasks.
Privacy is complex due to varying global regulations and lack of interoperability.
Fideslang aims to define a standard ontology for privacy in data processing systems.
It is designed for describing privacy characteristics of software systems and data.
Fideslang is based on a taxonomy capturing four major privacy primitives: data categories, data uses, data subjects, and data qualifiers.
Data categories define the types of data a system processes.
Data uses label the purpose for which data is used, like advertising or personalization.
Data subjects represent the type of user or subject whose data is being processed.
Data qualifiers denote the degree of identification for given data, such as aggregated, anonymized, or identifiable.
Fideslang's taxonomy is hierarchical, allowing for both broad and fine-grained privacy descriptions.
It uses dot notation to indicate the relationship between data types and their categories.
Fideslang is easy to read, understand, and write, making it accessible to developers and non-engineers.
It synthesizes major regulations, reducing the need for extensive privacy training.
Fideslang ensures rules and policies can be applied evenly across systems.
It provides an interoperable standard for privacy in git repos, CI pipelines, and runtime environments.
For more information, visit ethica.com or the GitHub repository for detailed technical documentation.
Transcripts
[Music]
hi i'm kylian kieran and i want to talk
a little about fiji's lying today
feta is lying if you're not familiar is
a high level description language for
privacy supported by a set of tools and
workflows
it integrates directly with your ci
pipeline and runtime environment to
simplify and automate complex privacy
tasks
i'm going to share a little more about
how fideslang is used and the benefits
it can provide to any privacy conscious
team so privacy is a complex problem
because of multiple global regulations
with different definitions for how
specific categories of data should be
treated under certain circumstances
this problem is further compounded by a
lack of interoperability because every
team and company defines their own view
of what type of data they're dealing
with of course for developers who aren't
familiar with privacy even penetrating
these concepts means significant
training is required
so the solution to this is to define a
standard ontology for describing privacy
in data processing systems and that's
precisely what feed design is
so feed design is a high level
definition or description language
specifically designed for describing
privacy characteristics of software
systems their associated data sets and
external data sources and destinations
so in order to achieve this and maintain
human readability fides is based on a
taxonomy that today captures four major
privacy primitives which i'll explain in
a little more detail
the first of those is data categories
the categories are types of data that
our system is processing you can think
of this as the what right the what type
of data
the next is data uses or the taxonomy of
labels to describe the purpose for which
data is used in our system you can think
of this as the why
a good example of this might be
advertising or personalization
the third is data subjects so this is
the representation of the type of user
or sometimes called the subject in
privacy regulations so that's who whose
data we're dealing with
the user requires distinction because
rights or policies for how data is
processed may vary by the subject
grouping so an example might be a
customer of an e-commerce system versus
a patient in a clinical trials platform
the fourth and final grouping is data
qualifiers these are an attribute that
denotes the degree of identification for
a given data so that is the how
identifiable the individual is so
qualifier types include aggregated where
there's no individually identifiable
information anonymized which is data
that has been modified to remove
identifiable information or identifiable
which readily identifies the individual
by using these four resources together
as part of feed as lang we can build a
clear understanding of the privacy
characteristics behaviors and associated
risks of our systems data processing
this is the entire premise of feed-outs
and the tools that leverage the fetus
language so fides is very easy to read
understand and write
this is intentional as it should be easy
for any developer or even non-engineers
to pick up
the taxonomy is hierarchical so an
example could be contact data which
encompasses all of the contact
information a user might give to a
system or it might be more fine-grained
such as email address which is a
sub-category of contact information
so for example if we want to declare
that our system was processing data that
might identify a user we would simply
write
user
provided
identifiable data this dot notation
structure indicates that the data in
question was provided by the user and
identifies them directly
we could go a little further and state
that it's user provided identifiable
contact data so in this case we're
stating that it's part of information
related to the contact grouping
and finally we could be very precise and
fine-grained and we could state that
it's user provided identifiable contact
phone number and so in this case we're
clearly saying that it's the fundamental
related to the individual or user
as you can see fides provides an easy to
read and write definition language for
privacy that synthesizes major
regulations for you so you don't need to
in order to provide your work with a
readily understood
privacy compliance set of definitions
this ensures that rules and policies can
be applied evenly and ensures an
interoperable standard for privacy in
both your git repos your ci pipeline or
for evaluation of privacy requests in
your runtime if you'd like to learn more
please check out ethica.com
or the detailed technical documentation
located on the github feed outline
report
Посмотреть больше похожих видео
5.0 / 5 (0 votes)