Versions Compared

Old Version 2

changes.mady.by.user Mark Lizar (Unlicensed)

Saved on

compared with

New Version Current

changes.mady.by.user jim pasquale

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

Date

2020-05-06

IPR

Thank you for joining the call today. 

...

Again, if you are uncertain about any matters, please remain silent and do not contribute anything in writing.

Attendees

Topics (revisit)

...

  • Reviewing Table of Contents
  • Inviting comments on what should / should not be included 
  • Reviewing of contributions for appendix 
    • Notifications for consent lifecycle management. 
    • Consent Types (Appendix) 
    • Blinding Identity Taxonomy (Appendix) 
    • Notice Specification &  Personal Data Categories, 

Discussion items


TopicDescriptionDiscussion 

Call for Inputs Asking for any future inputs, considerations, or contributions for the specification 

Inputs

  • what are the requirements for inputting into the ISO/IEC 27560 stream? 
  • EDPB - Consent Doc 


Mark Table of Contents Review  

Introduction

Notations and Abbreviations

Terms and definitions

Terms - Section heading

Elements of a Receipt

  1. a) Introduction
  2. b) Conformance
  3. c) Receipt Terms and Fields 
  4. d) Receipt data structure
  5.  e) Notice, Notifications for Consent Receipts for Consent Lifecycle Management
    1. Notice, Notification and Consent Receipt Structure
  6. f) 29184 Presentation and Delivery (for transparency, security and compliance to legal standards)
  7. g) JSON Schema

Considerations

  1. a) General
  2. b) Sensitive or Special Categories of Personal Information
  3. c) Security and Integrity
    1. Data Capture and Masking
      1. Blinding Identity Taxonomy 
    2. LifeCycle Considerations 

Acknowledgements

References

Appendix A: 

Appendix B: 

Appendix C:

Appendix D: Options Security Consideration Framework & the Blinding Identity Taxonomy

Appendix E: Linking and Stacking: Receipt & Record examples 

Revision history

  • Flow of drafting: 
    • section 3 - first list all the fields for the maximum consent record 
    • Section 5 -
      •  notice and notifications are subsets of the consent record fields 
    • appendix has the new contributions
      • consent
types
      • type labels. -  justifications (legal) 
      • notification types
        • Notifications for Consent Lifecycle Management
          • quadrant of 4 types
            • data protection consent record (closed in an org) 
              • Data Subject can send a notice 
              • Controller can send a notice 
            • data control - using consent receipt 
              • Data subject 
              • Controller 
            • notification 
              • must present 
              • ack or not
      • Personal Data Categories
      • Mapping to GDPR - 
        • Native - W3C DPV 
      • Unified Data Fields -for scalable mapping
        • Using for other legal jurisdictions 
        • Unified W3C DPV Terms 
        • use of OCA for unified data automation 
        • recommend mapping 
        • mapping equivalence assessment 


 Asking for any future inputs, considerations, or contributions for the specification 


Are we missing considerations ? 



Spec Drafting,  - schedule and contribution to effort  - 

editors or reviewers 

  • Former user (Deleted)  - Receipt Terms and Fields   estimated May 13
  • 29184 - presentation and delivery 
  • Security Considerations 




AOBPresentation at 

List updates for next week

  • IIW 
  • MyData Operator 
  • PCTF Comments 
  • NIST Comments going out 

Action items