Technical building blocks that help address critical public policy issues on the Web.
[Semantic Web | Privacy: P3P | Security [XML Signature, XML Encryption, XML Key Management] | Patent Policy ]
Working at the intersection of Web technology and public policy, the Technology and Society Domain's goal is to augment existing Web infrastructure with building blocks that assist in addressing critical public policy issues affecting the Web.
Technical building blocks available across the Web are a necessary, though not by themselves sufficient to ensure that the Web is able to respond to fundamental public policy challenges such as privacy, security, and intellectual property questions. Policy-aware Web technology is essential in order to help users preserve control over complex policy choices in the global, trans-jurisdictional legal environment of the Web. At the same time, technology design alone cannot and should not be offered as substitutes for basic public policy decisions that must be made in the relevant political fora around the world.
02 April 2003 : OWL Last Call Working Drafts Published, The Web Ontology Working Group has released six Working Drafts, five in Last Call, for the OWL Web Ontology Language 1.0, including the OWL Guide, Overview, Use Cases and Requirements, Semantics and Abstract Syntax, Reference, and Test Cases. OWL is used to publish and share sets of terms called ontologies, providing advanced Web search, software agents and knowledge management.
19 March 2003: Patent Policy Working Group publishes Proposed Policy: W3C Royalty-Free Patent Policy supported by summary and press release
24 January 2003: RDF Core publishes last call documents, The RDF Core Working Group has released six Last Call Working Drafts : RDF Primer, RDF Test Cases, RDF/XML Syntax Specification (Revised), RDF Vocabulary Description Language 1.0: RDF Schema, RDF Semantics, and Resource Description Framework (RDF): Concepts and Abstract Syntax. Also published is a W3C Note, LBase, a framework for specifying Semantic Web languages in a uniform and coherent way.
See also older T&S new items.
The Semantic Web seeks to augment the current Web of linked documents with a Web of linked data. Today, Web users follow links from document to document in a largely manual process. Tomorrow, semantically-enabled links will enable both human users, and human users assisted by computers, to navigated these links and find the information they are looking for. At the heart of the Semantic Web is the Resource Description Framework (RDF). Much the same way that HTML is the language that helped initiate the original Web, RDF is a framework for supporting resource description, or metadata (data about data), for the Web. RDF provides common structures that can be used for interoperable XML data exchange. RDF follows the W3C design principles of interoperability, evolution, and decentralization.
The Semantic Web Activity is charged to both continue the development of the RDF family of technical standards, and to engage in advanced develop activities that explore pre-commercial applications of these technologies in preparation for later standardization. To reach its full potential, the Web must becomes a place where data can be shared and processed by automated tools as well as by people. Not only is Semantic Web technology important for the evolution of the Web in general, but also it has a critical role to play in making the Web capable of addressing public policy challenges.
To help address growing concerns about online privacy, W3C launched the Platform for Privacy Preferences (P3P) project to enable the development of a variety of tools and services that give users greater control over personal information and enhance trust between Web services and individual users.
P3P-enable services will enhance user control by putting privacy policies where users can find them, present policies in a form that users can understand them, and, most importantly, enable users to act on what they see in policies more easily. For ecommerce services and other Web sites, P3P can be used to offer seamless browsing experience for customers without leaving them guessing about privacy. Moreover, P3P will help ecommerce services develop comprehensive privacy solutions in the increasingly complex value chain that makes the commercial Web such a success. On today's Web, when a consumer buys a product or service from one Web site, completing the transaction may well involve numerous individual services linked together, each of which has some role in the ultimate delivery to the user and each of which has some responsibility for honoring the privacy preferences expressed by the user at the beginning of the transaction.
W3C's Platform for Privacy Preferences specification (P3P) provides a mechanism that allows users to be informed of a site's practices. Users, or software operating on their behalf, can then decide whether to proceed with a transaction. Future enhancements to the protocol could allow software to negotiate for a different privacy policy and come to an agreement with the site which will be the basis for any subsequent release of information. P3P has been developed
With the main work on P3P 1.0 complete, attention in the P3P community is shifting to implementation and deployment. Policy Outreach Working Group, whose members coordinate outreach to business, consumer, and public policy groups around the world, has been engaged in a variety of discussions with governments, trade associations, and consumer groups, to assure a smooth path for P3P deployment. The group is planning P3P promotion events in both the United States and Europe with the goal of promoting P3P deployment among the top commercial web sites, and educating users about the role that P3P will come to play in their online privacy relationships.
Important to building trust on the Web is the ability to reliably associate a statement with the person or organization who made it. Digital signatures provide integrity, signature assurance and non-repudiation over Web data. Such features are especially important for documents that represent commitments such as contracts, price lists, and manifests. In view of recent Web technology developments, future work will address the digital signing of XML in various application contexts such as RDF (Resource Description Framework) or P3P (Platform for Privacy Preferences). This capability is critical for a variety of electronic commerce applications, including payment tools.
W3C's XML Signature specification, developed jointly with the IETF. specifies XML syntax and processing rules for creating and representing digital signatures. XML Signatures can be applied to any digital content (data object), including XML. An XML Signature may be applied to the content of one or more resources. Enveloped or enveloping signatures are over data within the same XML document as the signature; detached signatures are over data external to the signature element. In August 2001 the XML Signature Syntax and Processing specification advanced to Proposed Recommendation where it received positive review. It is expected to issue as a Recommendation soon.
Encryption renders data (plain-text) confidential (cipher-text) such that it can be safely stored or transmitted; only the intended recipients can restore the data to its original form. This feature is important given that many applications are using the Internet to exchange sensitive information such as payment and purchase orders. The work of the XML Encryption Activity is to specify XML encryption syntax and processing for encrypting XML in whole or part (e.g., element). This can then be used by XML applications, such as XML Protocol.
In March 2002, the Working Group sent XML Encryption Requirements, XML Encryption Syntax and Processing, and the Decryption Transform for XML Signature to Candidate Recommendation.
The XML Signature and XML Encryption Activities focus on the processes of signature and encryption, but did not specify how a cryptographic key, necessary to these processes, is actually obtained. Consequently, there is a requirement that simple XML-based clients be able to securely obtain keys, including those from pre-existing Public Key Infrastructures (PKI). The role of this Activity is to satisfy these requirements in a manner that is consistent with the XML and XML Signature architectural approach. In March 2002 the Working Group published its Requirements, XML Key Management, and Bulk Operations specifications.
The Patent Policy Working Group has been chartered to advise W3C on the means to address the growing challenge that patent claims pose to the development of open standards for the Web. Web technology has developed over the last decade through an unprecedented burst of entrepreneurial energy and global cooperation. Both the competitive forces which have lead to innovative technology, and the cooperative spirit which has produced global interoperability standards at an extremely rapid pace have occurred, until very recently, in a market environment without any significant intellectual property licensing requirements. In contrast to other network industries such as telecommunications or transportation, innovation has occurred without recourse to patent rights to protect investment in research and development. The second decade of the Web has already demonstrated that patents will be a factor in the ongoing development of the World Wide Web infrastructure. In an number of cases of the last few years, patent claims have raised questions about the ability to implement W3C Recommendations.
Recently augmented with representatives from the Open Source community and a more public process, the Working Group is proceeding with work on developing a patent policy whose primary goal is to produce Web standards that can be implemented on a Royalty-Free basis.
The Technology & Society Team presently includes ten staff members. Daniel Weitzner is the Domain Leader. Danny joined the W3C Team in September, 1998. Before joining the W3C, he was co-founder and Deputy Director of the Center for Democracy and Technology, an Internet civil liberties organization in Washington, DC. He was also Deputy Policy Director of the Electronic Frontier Foundation. The team has expertise in a number of areas, including security, electronic commerce, intellectual property rights, and public policy. As of February 2002 the team consists of:
In addition, Emmanuel Pietriga from INRIA is doing his postdoc at MIT/W3C working on a visual RDF editor.
Several activities in the Technology and Society Domain (Semantic Web and Privacy) have benefited substantially from the contributions of W3C Fellows. Fellows visit W3C from a Member organization for a period of six months to several years, generally committing 80% of their time to W3C work. Not only have Fellows made essential contributions to the work of this Domain, but also, Fellows have the unique opportunity to explore issues that arise at the intersection between technology and the law.
W3C held a workshop on Digital Rights Management (DRM) in January 2001. Key findings from the discussion include:
The legal questions surround copyright on the Web are clearly complex, and the path toward technical solutions uncertain. That said, we invite further discussion of the possibilities and priorities for W3C work.
Older T&S news items:
1999 Overview of T&S Activities, an earlier version of this page.
Last modified by $Author: swick $ on $Date: 2004/01/20 13:59:49 $
Copyright © 2001-2003 W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C liability, trademark, document use and software licensing rules apply. Your interactions with this site are in accordance with our public and Member privacy statements.