~ Introduction ~
The Privacy & Personal Data Management Session of the Solid Symposium 2025 aims to bring together
technical and legal-ethical experts to discuss Solid as a concrete system for data governance,
to ground the debate on emergent problems from both a technical perspective and a
legal-ethical perspective of data protection.
In this edition, we aim to continue the discussions around technical and legal privacy aspects that
should be incorporated into Solid. We aim to draw from a broad interdisciplinary perspective on privacy
and personal data management, including human-centric perspectives on privacy and the emergence of
personal data spaces and digital wallets. Towards this aim, the programme will be a mix of flash talks
from extended abstracts and presentations of short papers to showcase the
current state of research and trajectories in privacy-related research in Solid.
~ Call for Contributions ~
The Privacy & Personal Data Management Session aims to bring together technical and legal-ethical experts to discuss
Solid as a concrete system for data governance, to ground the debate on emergent problems from both a technical
perspective and a legal-ethical perspective of data protection. The first two editions of this Session were co-located
with the Solid Symposium 2023 and 2024 and were hosted in Nürnberg, Germany, and
Leuven, Belgium, respectively.
The previous editions explored privacy-related problems concerning identity management, security, and authorization
in Solid from an interdisciplinary perspective.
In this edition, we aim to discuss technical and legal privacy aspects that should be incorporated into Solid.
We aim to draw from a broad interdisciplinary perspective on privacy and personal data management, including
human-centric perspectives and the emergence of personal data spaces and digital wallets.
The session welcomes a broad range of methodologies not limited to semantics and knowledge engineering,
proof-of-concept implementations, and methodologies drawn from legal and social sciences.
Thus, this session comprises presentations from short papers and flash talks from extended abstracts in related areas
not limited to the following:
- User-centric perspectives on privacy, security, and transparency
- Regulatory/legal compliance (e.g., GDPR, DGA, CCPA) in decentralised settings
-
Impact of the European strategy for data, and related upcoming/proposed regulatory frameworks
(DGA, DSA, DMA, ePrivacy, AI Act, Data Act, Health Data Spaces), on decentralised Web systems
- Legal agreements for automated data exchange based on legal grounds beyond consent
- Semi-automation of consent support systems
- Interfaces for consenting / consent withdrawing / rights exercising / usage control
- Access and usage control policies
- Policy management and enforcement
- Negotiation of access to data through agents
- Privacy-preserving agents and autonomous multi-agent systems
- Usability of data-related decisions on Solid
- Solid for personal data spaces
- Personal knowledge graphs
- FAIR management and interoperability of personal data spaces
- Digital identities, data wallets (e.g., impact of EUDI regulation)
- Solutions for data sovereignty, identity management and authentication
- Auditing Pods for transparency & accountability (logging, registries, …)
- Compliance with standards (e.g., Web or security standards)
- Privacy-preserving data analysis technologies / privacy enhancing technologies
- Cybersecurity, risk and impact assessments
~ Submission Instructions ~
Submitted papers must be in English, unpublished, and must not be currently under review for any other publication.
Short papers:
Must have a maximum of 5-6 one-column pages, including references. Papers that do not meet the size and formatting
requirements will not be reviewed. Accepted papers will be presented at the session and considered to be published
online as CEUR-Workshop Proceedings. Submissions must follow the CEUR style format
(overleaf,
zip-file).
Authors of accepted short papers will have the possibility to add 1 or 2 more pages to their paper to address the
reviewers' comments for the camera ready version (in total the camera ready should have a maximum of 8 pages).
Extended abstracts:
Must have a maximum of 1-2 one-column pages, including references. Accepted abstracts will give a flash talk at the
session and will be published in the session webpage (if desired by the authors).
The review process is double-blind. Papers must be anonymised prior to submission
for review by removing any identifying information.
All papers must be in PDF format and submitted through
OpenReview (TBA).
~ Dates ~
All deadlines are 23:59 AoE
Deadline for submissions: 28 February 2025
Notifications by: 17 March 2025
Camera-ready by: TBA
Registration: TBA
Programme online by: TBA
If an early decision on a paper/talk is required, for instance for visa and travel booking reasons,
please contact the organisation directly any time before the deadlines above.
~ Organisation ~
Organisers
Beatriz ESTEVES (Ghent University, Belgium)
Chang SUN (Maastricht University, Netherlands)
Rui ZHAO (University of Oxford, United Kingdom)
Programme Committee
TBA