Versions Compared

Old Version 4

changes.mady.by.user Former user (Deleted)

Saved on

compared with

New Version 5

changes.mady.by.user Former user (Deleted)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

TimeItemWhoNotes
4 mins
  • Roll call
  • Agenda bashing
Former user (Deleted)
  •  
1 min
  • Organization updates
All

Please review these blogs offline for current status on Kantara and all the DG/WG:


5 minDiscuss 'sprint' process diagramDavid

 What is left to do for v1.1?

  • Sprint 5 resolution - issues will be closed - the Appendix listing examples will be moved into a different document/wiki
  • Sprint 6
    • The remaining issues
    • Looking to the end of October for completion of a stable draft



10 minDiscuss work backlog priorities for CR v1.1David

Github Issues: https://github.com/KantaraInitiative/CISWG/issues

  • David wants to close off the issue of multiple 'Data Controller'
    • Some regulations allow the possibility of having more than one Data Controller - so the CR v1.1 has to be able to support this
    • General consensus on the call
  • Discussion on #80
    • Leave it as it is for this version
    • Future implementations may wish to declare very specific 'types' of consent that ofconsentthat are specifically bound to other things
    • RG: does this section include 'soft consent'?
      • Discussion - perhaps the discussion is more about pseudonymity versus identified entities
      • This is a longer discussion about device fingerprints being used as indentifying dataasindentifyingdata
  • #106
    • AI: ACH - Need a blurb "about Kantara"
30 minDraft of publication synopsis for new WGAndrew

The purpose of the Consent Management Solutions – Best Current Practices publication is to establish an open standard of good practice for the management of an individual’s consent to process their personal data in electronic systems. The publication describes the practices used by leading organizations to manage the full lifecycle of an individual’s consent to process their personal data. The lifecycle stages include privacy notice, prompt for acceptance of terms, collection of consent, production and storage of consent receipt, and, management of the record of consent.

The practices and requirements derived from them described in the publication can be used as the basis for a conformity assessment scheme which may include product and services certification.

 

Proposed Table of Contents

  • Introduction
  • Scope
  • Notations and Abbreviations
  • Terms and Definitions
  • Actors and Roles
  • Best Current Practices – Consent management solutions
    • General
    • Consent Management Life Cycle
    • Regulations
    • Privacy Notice
    • Collection of consent
    • Management of consent records (creation, updates, expiry, change of scope)
    • Interoperability of consent records
  • Use Cases
  • Considerations (Non-Normative)
  • Document Change History
  • Bibliography
  • Contributors

Discussion

  • There is a new wiki page that will hold all the known implementations of Consent Receipts
    • Includes a space to describe how the implementation uses the Kantara CR spec
  • Discussion about Consent Management Solutions BCP TOC
    • Link the BCP into Data Governance and Data Management practices
      • This is a pre-requisite

...