...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Date
2020-05-06
IPR
Thank you for joining the call today.
...
Again, if you are uncertain about any matters, please remain silent and do not contribute anything in writing.
Attendees
- Salvatore D'Agostino (Unlicensed)
- vitor jesus (Unlicensed)
- Ken Klingenstein
- Anadi Pandharkar
- Former user (Deleted)
- Tom Jones
- Colin Wallis (Unlicensed)
- Former user (Deleted)
Topics (revisit)
- New Items to discuss?
- Blinding ID work update
- Blinding Identity
- Identity
- identifier
- Blinding Identity
- Blinding ID work update
- Specification Fields (maybe on Github - if we have access)
- quasi identifiers
- attributes
- data types
- Blinding Identity
- Identity
- identifier
- Notice Schema: (outline for ease of work)
- Purpose Category
- Purpose of Use
- Personal Data Categories
- Data Types ( conformance at industry code of conduct - specified in by ecosystem - e.g. pharma - medical research ) Also covered in IRM - Identity Relationship Management
- Identifiers
- Blinding Identity - General Masking Overlay -
- attributes
- Event of the interaction.
- Identifiers
- Data Types ( conformance at industry code of conduct - specified in by ecosystem - e.g. pharma - medical research ) Also covered in IRM - Identity Relationship Management
- Personal Data Categories
- Purpose of Use
- Refer to COEL - Data Types
- DUO -Data Types - https://github.com/EBISPOT/DUO
- Purpose Category
- Notification Types - ISO 29184 provide a number of inputs for the work here.
Converstation on GDPR consent - cut off, discussing how human consent types map to different legal justifications, and how the GDPR defines general consent as a state of consent which is notified legally and defined by law, Debate - between Mark and Harsh - about the laws themselves providing the auhtoritative (legal) standard or Notice Infrastructure for General Consent State as defined in GDPR, in which the legal justifications operate, including contract an consent. - interesting debate to close call - Former user (Deleted) Mark Lizar (Unlicensed) can research and report at a following meting - Or maybe discuss on Sunday on PrivMas Eve?
Decisions
- Discussion of Attribute terminology - and its scope of applicability to this specification - and that this is not directly in scope, e.g. Blinding Identity, but that Blinding identity attributes be defined and references in a security consideration in this specification for attrbutes/datatypes -
- and, this spec should accommodate and interoperate with the scopes of attribute based governance and contract agreement frameworks for interoperability - and discoverability
- 29184 (the sister spec to the CR V1.1) Inputs accepted for drafting of the notice components of the Notice &. Consent (if required) Specification.
- For the Notice Lifecylcle framework Component of the Notice & Consent (if required) specification.
Action items
- interesting debate notes above - Former user (Deleted) Mark Lizar (Unlicensed) can research and report at a following meting - Or maybe discuss on Sunday on PrivMas Eve?
- Summer Project - DUO _ To DPV
- Mark Lizar (Unlicensed) and Former user (Deleted)
- Anadi has been tasked with mapping Unified to DUO
- This is also a part of the summer project
- Discussed breaking some DUO labels down for DPV as a starting point -
- DUO is centralised federated data access framework with data access administered by federated identity Silo
- in contrast DPV is a personal data control vocabulary framework - for which the labels can then be apart of decentralised data access framework .
- (great to see this project naturally progressing)
- Mark Lizar (Unlicensed) and Former user (Deleted)