Recently, much attention has been given to Tim Berners-Lee’s Solid specification. This is not surprising as the Solid specification is meant to let people easily reuse their data from one party at another party and will thus lead to many positive advancements.
However, even though many of concepts of Solid are not new, their application to personal data in organisations is. And, this novelty leads to many unclarities regarding regulation and technical implementations.
Knowledge graphs facilitate systematic large-scale data analysis by providing both human and machine-readable structures, which can be shared across different domains and platforms. Nowadays, knowledge graphs can be used to standardise the collection and sharing of user information in many different sectors such as transport, insurance, smart cities and Internet of Things (IoT). Regulations such as the GDPR make sure that users are not taken advantage of when they share data. From a legal standpoint it is necessary to have the user's consent to collect information.
This paper describes a new semantic metadata-based approach to describing and integrating diverse data processing activity descriptions gathered from heteroge-neous organisational sources such as departments, divisions, and external proces-sors. This information must be collated to assess and document GDPR legal compliance, such as creating a Register of Processing Activities (ROPA). Most GDPR knowledge graph research to date has focused on developing detailed compliance graphs.