Versions Compared

Old Version 117

changes.mady.by.user Eve Maler

Saved on

compared with

New Version 118

changes.mady.by.user Eve Maler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

2017-11-10

Attending: Eve, Jeff, Devon, Theresa, Mark, Kathleen, Tim, Ann, John

Doc homework:

  • A very early section (the first?) should present the "pain point" by introducing several broad scenarios, including an Alice-to-Alice, Alice-to-Bob, and Alice-to-org, drawing from deliverable #1. It could introduce the language of "resource owner" and "requesting party". We could note that org-to-whoever sharing is out of scope for this exercise (framework). We could have a very high-level version of the x-and-y-axis scenario diagram that just talks about these two roles. and then the version with the three high-level scenarios.
  • In NewSec, we want to make the strongest case we can for our chosen legal devices, and ultimately for our biggest target type of toolkit (templates of some sort).
  • Later, we can get into the sub-scenarios we have collected, e.g., Alice as a guardian of a data subject too young to consent etc.

The "collaborative diagrams" in the GSlides need more differentiation and "iconification".

"Model clauses" specifically means they need regulatory approval, so how about "template clauses" or even "clause templates" or something? Templates will do for now.

Let's get more specific about pain points. 

"Through a combination of strengthening data protection regulations, justified consumer cynicism and savviness about poor security and AdTech/MarTech ecosystems, and good rationales for data sharing, particularly in the cases of healthcare and the Internet of Things, we're seeing people start to be given just a little more transparency into and control of their personal data. Organizations have never had more incentives to make changes and reduce friction..."

The healthcare construct of a "consent directive" can be directly and favorably compared to ToS opt-in (or, for that matter, opt-out – soon to be made effectively illegal by GDPR) as a mechanism for inviting individuals to express their data sharing preferences in ways that are not influenced by outside actors. UMA enables this construct to be digitized in a standard and repeatable way. This framework enables it to be 

AIs:

  • Eve: Create two new scenario diagrams ready to put into the GDoc:
    • Very high-level diagram introducing "RO" and "RqP" language
    • Fixed three-scenarios diagram
  • Tim: Flesh out the licensing framework itself
    • Possibly this includes the rationale as started in the comment on NewSec

Be sure to see all the new comments in the doc.

2017-11-03

Attending: Eve, Sal, John, Colin, Mark

...