Page Comparison

• Review document deliverables
  
  • UMA Legal Primer
  • UMA Legal Use Cases

Attending: Eve, Kathleen, Ann, John W, Adrian, Scott, Paul, Mark

We started reviewing the primer. If we can't make it all fit into 2-3 pages as we first hoped, let's try and use a "progressive disclosure" approach, so that the first part boils down the rest of the paper in a very short space.

NOTE: All but Eve (and John): Eve will "take the pen" over the weekend in the doc. If you want to do stuff in the doc till the next meeting, please do so in Suggest mode!

Adrian introduced the notion of the AS as the only safe way to handle bots (such as Siri) that are the alternative to the explosion of apps on mobile devices (see the de-app-ification trend). So the "agent" theme as exemplified by a personal AS could be an exploratory theme in the doc.

How deep to go on privacy compliance? Scott suggests that UMA makes the underlying systems reliable and predictable, which provides a basis for trust and enables observability of regular actions. The systems are tuned to local expectations. Things are "done to spec". Adrian observes that UMA could be said to be a "core component of privacy engineering". Scott also reframes as "operational privacy". Don't forget about Privacy by Design – here is the (old by now?) paper on Privacy by Design implications of UMA.

Why could an XXX love it?

CPO:

• Standards make for cheaper solutions for compliance. Average US privacy budget (PSR '15): $300K.
• Emerging ecology of user control standards gives an alternative to contracts of adhesion.

Data subject:

• There's power in having more "consent tech" solutions available and deployed on your behalf to choose from.