Date
2018-11-14
...
- Call to order
- Roll Call & Determination of quorum status
- Agenda bashing
- Kantara Organization updates
- WG Motions
- Discussion
- Upcoming conferences and events
- All Other Business (AOB)
- Adjourn
...
- David Turner
- Ken Klingenstein
- Peter Davis, CPO Airside Mobile
- Chris Olsen
- Nancy LushColin Wallis
- Sal D'Agostino
Regrets
Quorum Status
...
Meeting was <<<>>> quorate
Voting participants
Participant roster (CMS) - Quorum is 4 of 6 as of 2018-04-02
...
Time | Item | Who | Notes |
---|
5 min | - Call to order
- Roll call
- Agenda bashing
- Organization updates
| Chair |
|
5 min | WG Motions Quorum required | Chair | Moved by: Seconded: Discussion: Result:
|
5 min | Introductions | All | Welcome!
|
FYI30 min | Discussion on document drafting | AllCorné | The draft is in a Google doc - feel free to comment - Chairs and Editor will control acceptance of material. Progress is stalled - need to rethink our approachAndrew describe his new mindmap analysis of consent managementPeter notes that the mindmap resembles the challenges that they faced when designing their appA big issue presenting the information to the person in simple waysJim - include thinking about how people could track their digital exhaust- Axciom became LiveRamp - they presented their 'Privacy Chain' product at IIW
Peter - the Kantara consent receipt captures the end result of the agreement, does not cover situations where there is negotiation This analysis seems usefulReminders from prior meetings: - Set a deadline for our work - EIC Munich in May
- Corné will start with 2 streams: BP-1 (Consent Definition) and BP-2 (Privacy Notice)Looking for writing partners to build contentReview this Powerpoint deck
- Corné gave an overview of the process steps iWelcome goes through during customer workshops.
- The workshops deal with Information Management, data flows, and eventually what user consents are required by the customer systems.
- They talk about the customer journey (UI and consumer facing) and the iWelcome digital platform (API and platform facing)
- Definethe data model, the data processing purposes and consumer control capabilities
- They discover the mandatory minimum data to deliver the service; data processed under other legal bases (collection is permitted but not mandatory); voluntary data where consent is needed
- Q: Noted that "workforce" is listed in the first slide - do the workshops cover employee data? Normally the workshops are directed at the 'consumer' interaction.
- ACTION: The Employee use case should be covered in the consent use cases.
- They work through the customer journey to define the data model - registration and initial data collection, data collection at later stages
- The process highlights where additional data is wanted by the company but is not in the data model - requires further analysis by the team
- The workshop then defined processing purposes for each of Mandatory, Other legal basis, and Voluntary data collection/processing
- Note that these analysis processes are independent of the specific architecture implemented
- Corné showed how the metadata could be used to give transparency and user controls in the mobile UI
- Q: Should there be a "consent notice" in addition to the "privacy notice"?
- Patterns that we should analyse
- One time data collection, single use
- One time data collection, multiple use
- Periodic data collection
- 'Continuous' data collection from a data connection
|
FYI | Discussion on the Interview Questions | All | The first draft of the interview questions is in a Google doc - please comment. |
5 min | Upcoming conferences and events | Andrew | Events that Kantara will have an active role: https://kantarainitiative.org/events/ - Corné presented a draft WG timeline leading up to EIC in May
|
5 min | AOB | Chair | - At the Kantara member member meeting - Paul Knowles presented the Blinding Identity Taxonomy and Schema Overlays - put on the agenda for a future meeting
|
| Adjourn | Chair | Next WG meeting Wednesday, November 21, 2018 10:00 Eastern Standard Time / 14:00 GMT |
From 2018-09-05 meeting:
https://martechtoday.com/two-french-location-data-companies-receive-gdpr-consent-warnings-223467
https://www.dandodiary.com/2018/08/articles/securities-litigation/investors-filed-gdpr-related-securities-suit-nielsen-holdings/
...
- Gartner positions this in their Integrated Risk Management sphere
...
...