Date
2017-04-20
Status of Minutes
...
Attendees
Voting
- Andrew Hughes
- Harri Honko
- Jim Pasquale
- Iain Henderson
- Mark Lizar
- John Wunderlich
Non-Voting
...
- David Turner
- Jens Kremer
- Samuli
- Robert Lapes
- Sal D'Agostino
| Info |
|---|
|
| Meeting (status)was quorate |
| Info |
|---|
|
Participant Roster (2016) - Quorum is 4 of 7 as of 2016-10-06 Iain Henderson, Mary Hodder, Harri Honko, MarkLizar, Jim Pasquale, John Wunderlich, Andrew Hughes |
...
| Time | Item | Who | Notes |
|---|
| 4 mins | | Former user (Deleted) | |
| 1 min | | All | Please review these blogs offline for current status on Kantara and all the DG/WG: |
| 1 min | - Status of Consent Receipt Specification v1
| Former user (Deleted) | - All Member Ballot is now open - closes on Monday, April 24, 2017
|
| 15 min | - Discuss myData team comments
| Harri Honko | Note from prior meeting: myData EU-based lawyer commented that the CR v1.0 draft has elements that are based on UK/US Common Law, rather than civil codes (GDPR) | 10 min | - Recap the Discussion of approach
| All | FROM 2017- 03-23 MEETING NOTES04-20 notes: - discuss approach and schedule for next round of specification enhancements
- a contributions period
- a period of consolidation and combination of the contributions
- a period of WG Editor work
- Public review etc
- confirmation of change request tracking tool (GitHub Issues unless strong objection) - Mary
- The caution about "Purposes lists" and "Sensitive data types" needs to be resolved - must be very cautious about how these are displayed to the user, especially if it's sensitive data - need to create recommendations
- Mark
- Need to set up a backlog - and define a work plan and schedule
- Set a date for CR v1.1
- Need to write guidance on spec usage
- Need consensus on
- Prioritization of backlog
- Need to consider any issues that are used for GDPR implementation
- The original agreement was to do 6-month epics
- Andrew to try to get the comments from the public review into githubJens Kremer - has provided review comments on the v1.0 with respect to GDPR fit
- Had done a related PhD recently
- A review from an independent viewpoint - with no particular prior knowledge of the Kantara context
- Consider this as an external perspective - from the possible viewpoint
- Main issue might be that a dichotomy is starting to emerge between common law systems versus public law systems (state regulation, rights-based)
- The CR work takes an individual centred /common law perspective - and also an Organizational perspective
- This will look strange to an EU lawyer
- Fundamental difference:
- Common law approach - the consent is not regulated - e.g. give the people the information and the people can agree on anything
- Public law approach - this is regulated and not up to the participants to decide - there are absolutes - the person cannot agree to arbitrary conditions
- This is grounded in the idea that privacy and data protection is a fundamental right - this is in contrast to taking a contract approach
- It might be possible to create a specific profile that is constrained to the GDPR rules
- This might be a case of reconsidering how the definitions are stated to ensure that they fit with the GDPR terminology (CR v1.0 uses ISO definitions
|
| 30 min | Discuss work backlog priorities for CR v1.1 | All | Consent Receipt v1.1 Work Backlog - Discussed items 1-11 on the CR v1.1 backlog list
|
...
Parked notes about v1.1 approach from previous meetings:
- Mary
- The caution about "Purposes lists" and "Sensitive data types" needs to be resolved - must be very cautious about how these are displayed to the user, especially if it's sensitive data - need to create recommendations
- Mark
- Need to set up a backlog - and define a work plan and schedule
- Set a date for CR v1.1
- Need to write guidance on spec usage
- Need consensus on
- Prioritization of backlog
- Need to consider any issues that are used for GDPR implementation
- The original agreement was to do 6-month epics
|
| |