Review Comment:
# Review
**Summary:**
The present article presents an ontology framework for modeling the ISO/IEC 29187-1 standard to address privacy protection in Learning Ecosystems and Technologies (LET). The proposed framework is used to develop a compliance question-answering system that can assist stakeholders in understanding and adhering to privacy regulations.
**Overall Review:**
The ontology framework and the compliance question-answering system have the potential to significantly enhance privacy protection in online learning environments. However, the article could benefit from a more detailed comparison with existing methods and frameworks to highlight its unique contributions and advantages. As of now, the actual framework the article is about, is only briefly discussed in section 3, while the rest is either mostly filler text or explaining the ontology concepts already published in [28].
Additionally, more empirical evidence or case studies would strengthen the article and demonstrate the effectiveness and impact of the proposed system in real-world scenarios. Currently, one has to take the author's word for it being an actual improvement/help. Improvements in grammar, clarity, and detail would enhance the readability and comprehensibility of the paper (see detailed comments below).
understanding.
Also, the provided link to resources is non-functional, as it only links to the github profile of one of the autors.
## Detailed Comments
### 1. Introduction
---
- >`[p.2, 3-4]`: ... unheard-of *issues* related to safety, health, and education
- challenges
- >`[p.2, 5-6]`: According to the statistics shared by UNESCO
- missing reference
- >`[p.2, 7-8]`: Numerous students *are still required* to learn online in this unique circumstance
- still? what year is this?
- >`[p.2, 9-10]`: The need for personal data and privacy protection has never been greater than it is *now*
- ... because?
- >`[p.2, 9-10]`: which is why students, instructors, and parents *are growing more concerned* about safeguarding personal information and privacy in online learning
- are they though? are they actually aware of the risks?
- >`[p.2, 12-13]`: Personal information and privacy *are the peace of a person’s natural private existence*,
- what? what does that mean?
- >`[p.2, 14-15]`: *The development of technology* currently makes use of such granular data to optimize systems through prediction and analysis
- what technology?
- >`[p.2, 16-17]`: However, *when employing this data for teaching/learning platforms*, the consequences and difficulties associated with storing vast quantities of sensitive data *are greater*
- are greater than?
- only when employing this data for teaching/learning platforms?
- >`[p.2, 16-17]`: which is why data privacy and digital transformation have emerged as *two of the world’s most pressing issues* [8].
- because of the consequences and difficulties associated with storing vast quantities of sensitive data _when employing this data for teaching/learning platforms_?
### 1.1. Policies around the World for LET
---
- >`[p.2, 23-24]`: As an illustration, the *Family Educational Rights and Privacy Act (FERPA)*
- missing reference
### 1.2. Importance of Privacy Protection
---
- >`[p.2, 38-39]`: *websites will be required to use clear and plain language*
- for what? in general? or only for explaining if and how personal information will be used?
- >`[p.2, 46-47]`: – Right to access: Learners should always have the right to access their data stored by the learning provider in digital format.
- what if the personal data was not collected in digital format in the first place?
- where are all those rights coming from? GDPR? add references to the respective articles
- >`[p.2, 50-51]`: – Right to object: Learners have [...] the right to object to the use of their information *which is different from those consented to*.
- only to those uses that are different from those consented to? can't you object to also those uses that you consented to?
- >`[p.3, 12-13]`: Such assistance is now scarce on the market
- according to whom? why? what market?
- >`[p.3, 14-15]`: *Therefore*, an automated system built on top of an ontology framework can assist general users...
- therefore? why?
### 1.3. ISO Standard & Compliance
---
- >`[p.3, 16-34]`: What's the relevance of this entire subsection? Is it needed at all?
### 1.4. ISO/IEC LET Privacy Protection standard
---
- >`[p.4, 8-9]`: Functional Support Services *(*(FSV) view
- extra parenthesis
### 1.5. Ontology Overview
---
- >`[p.4, 16-20]`: the entire paragraph is a bit wishy-washy and could be more concise
- >`[p.4, 17-18]`: is ontology [17]
- are ontologies
- >`[p.4, 26-27]`: a particularly *attractive* study subject [3]
- rephrase
- >`[p.4, 27-28]`: According to W3C (World Wide Web Consortium), ontologies define the terms used to describe and represent an area of knowledge
- missing reference
- >`[p.4, 51]`: when legal facts were triggered. [29]
- move the reference to the end before the period
### 1.7. Existing Ontology Models
---
- >`[p.5, 11-12]`: Additionally, it includes 26 sub-classes and *21 class attributes*
- what are class attributes? you mean (datatype/object) properties?
- >`[p.5, 13-14]`: Similarly, the UT (Uniform Terminology for European Private Law) initiative
- missing reference
- >`[p.5, 22-26]`: Section ??
- section references are broken
### 2. Research Methodology
### 2.1. Domain & Scope Analysis
---
- >`[p.6, 5-6]`: ontology creation based on ISO/IEC 29187-1 standard *V2*
- so standard version 2 but ontology version 1?
- >`[p.6, 10]`: – Upon a learning transaction,
- the concept of a "learning transaction" wasn't introduced before
- >`[p.6, 14]`: – Which rule *speaks for*
- what does that mean?
### 2.2. Concept Ingestion
---
- >`[p.6, general]`: clause 3.0 but also clause 3
- use consisting naming schemes
- the entire section is very hard to read and follow, especially without any references to the respective tables and figures
- >`[p.6, 32-33]`: the reference which is stored in the *Source* feature.
- ??
### 2.3. Ontology Construction
---
- >`[p.6, 47-48]`: As per the ISO/IEC 29187-1 standard version 2, the principles can be classified into a total of 7 main classes and 21 sub-classes under *the main 7 classes of principle* whereas among these 21 sub-classes, a
- what? what are classes of principle?
- >`[p.7, 38-39]`: SWRL Rules
- What about SHACL Rules? I reckon they could serve as a good alternative to SWRL rules
- replace all $->$ with $\rightarrow$
- >`[p.7, 42-43]`: Guideline(?g) ∧ belongsToRule(?g, ?r)− >
- the dash from the arrow is actually modelled as superscript
- >`[p.8, 44-45]`: The domain and ranges of all the object properties are provided in Table 3
- the arrow direction of "belongsToRule" is wrong in the diagram and should point from Guideline to Rule
- a lot of the object properties in Table 3 aren't included in Fig 3 and vice versa (belongsToSubjectfield, ruleProperties,..)
- use rdfs:subClassOf arrows to indicate the subclass relationships in Fig 3 instead of the reverse bold arrows
- >`[p.9, 30-31]`: Table 6Annotation Properties and descriptions.
- can be removed
- >`[p.9, 37-43]`: The proposed ontology was presented and acclaimed by the ISO/IEC JTC 1/SC 36 Working Group 3 committee ... The developed compliance system is able to accurately answer all defined competency questions.
- reference? we have to take your word for it?
### 2.4. SPARQL Endpoint
### 3. Results and Discussion
### 3.1. Ontology Framework
- >`[p.10, 19-20]`: As shown in Table 7,
- according to table 7 there are 9 datatype properties, 5 annotation properties, and 15 object properties, but tables 4-6 only list 8 datatype properties, 3 annotation properties, and 10 object properties
### 3.2. API Connection
---
- >`[p.11, 19-20]`: get_concept($term )Takes a term as a keyword and provides all the details on the concept.
- only snake case function, why not camel case?
- what term? how can one get the "concept" for a term?
- >`[p.11, 23-24]`: those rule that involves individual learner.
- rules that involve
- >`[p.11, 25-26]`: and returns only those rule that involves
- rules that involve
- >`[p.11, 25-26]`: getAllRulesDetail()Returns all the rules and detailed information *about the rule*.
- about them
- >`[p.11, 28-29]`: Although the API for this study is hosted on a local machine, this can be easily hosted on any server as required.
- link to repository?
### 3.3. Compliance Q/A System
---
- >`[p.11, 38-39]`: by using any terms
- ? what terms?
### 3.4. Discussion & Limitations
---
- >`[p.12, 48-49]`: unlike other modeling approaches.
- such as? missing ref
- >`[p.12, 50-51]`: as described in Clause 3.0
- missing ref
- >`[p.14, 5-6]`: must be aware of which is not easily understood using the standard document.
- standards document
- but it is easily understood using the ontology?
- >`[p.14, 6-7]`: Rule 086, Rule 087, and Rule 089),
- inconsistent numbering, see page 13, line 45: rule 71 and rule 71 (no leading 0)
- >`[p.14, 10-11]`: Therefore, *some of the properties value for these rules are not set *
- ?? what does that mean?
|