Date
September 29, 2016
Attendees
Goals
- Review current draft of CR Spec and give feedback to editor to feed into the work
- Discuss specific topics that will require consensus decisions from the WG
Discussion Items
Time | Item | Who | Notes |
---|
5 min | - Roll call
- Agenda bashing
- Minutes Approval
| Former user (Deleted) | - Prior minutes requiring approval
2016-09-22 Meeting Notes (Consent Receipts) 2016-09-15 Meeting Notes (Consent Receipts) 2016-09-08 Meeting Notes (Consent Receipts) 2016-09-08 Meeting Notes (Consent Receipts) "Move to approve listed meeting notes previously circulated" Motion: Deferred - insufficient attendance of attendees of the listed meetings to confirm notes Second: Discussion: Result: |
25 min | | Former user (Deleted) | KI-CR09-DRAFT-2016-09-24.doc (confluence attachment) KI-CR09-DRAFT-2016-09-24 (Google doc) - David gave an update on the current draft status
- Working on structure of the document to simplify and reduce complexity of the document presentation
- David has sent the list of current issues to the list for feedback
- Mary is working with a company now - usability studies and eventually a consent receipt
|
25 min | - Discussion on 'content' item needing consensus decision
| All | Implementation and interpretation questions that David posted to WG list - MyData submitted some comments. I added them to the 0.9 doc as comments starting with "From MyData":
- Consent Time Stamp
- Collection Method
- Jurisdiction
- PII Controller Org
- PII Controller Contact
- Privacy Policy
- Version
- CR GUID
- Public Key - description and data type
- PII Controller address - data type
- PII Controller email - data type
- Resolve multiple definitions. These terms have two or more definitions. It's OK to have one normative definition and to include the other definitions as notes.
- Resolve multiple terms. There should only be one normative term. The other can be mentioned in a note:
- expressed vs. explicit
- implied vs. implicit
- I need clarification on "Consent Type".
- What is the difference between PII Controller and Company/Organization?
- Consistent use of terms. I propose to change all occurrences of:
- "sensitive data" to "sensitive PII"
- "data controller" to "PII Controller"
- "PII Subject" to "PII Principal"
- I propose removing Appendix C.
- I recommending adding a human readable CR example based on the same information used in Appendix D.
|
Action Items
CR Spec publication schedule
Current: call for comments on draft spec commences
...