Date
2016-11-03
Attendees
Voting
...
| Info |
|---|
|
Participant Roster (2016) - Quorum is 4 of 7 as of 2016-10-06 Iain Henderson, Mary Hodder, Harri Honko, Mark Lizar, Jim Pasquale, John Wunderlich, Andrew Hughes |
Discussion Items
| Time | Item | Who | Notes |
|---|
| 10 mins | | Former user (Deleted) | Meeting was quorate |
| 25 min | | Former user (Deleted) | - David is having trouble keeping the document internal tables in sync. Slowing down the editing.
- Review cycles have been too short to make effective use of Word as a commenting tool - David will post up the Google Doc version for this last round of feedback
- Consent Type field
- There are too many variations to constrain this field at this time
- We can include a list of suggested values and observe actual implementations
- Mark originally saw this field as a boolean "explicit" y/n
- Purpose / Purpose Category field
- Should leave these as-is for now
- No easy way to reconcile what should go into these fields
- Human readable / JSON examples
- Use John's examples since they are already done
- Simon Crossley - MyLife Digital
- Very good technical design feedback on the JSON parts
- Proposed some new fields
- Issued-At-Time (distinguishes time the consent occurred versus the time the receipt was issued). IAT is a JSON reserved name.
- Issued-By
- State / Status
- Not sure how to handle this - it's not really a point-in-time value which would be typical for a transactional receipt but rather a dynamic value
- Rename "Consent Timestamp" field to Issued-At-Time
- Suggested to make some of the fields Object types instead of Strings to allow more flexibility
- For purpose termination field - could reference NIST SP 800-63-3 privacy metadata
- PII Confidentiality
- Is in the list of elements but is not in the Schema
- Delete this because nobody is using it -> move to V1.1
- NIST uses "Acceptable Primary Use" and "Acceptable Additional Use"
|
CR Spec publication schedule
Current: call for comments on draft spec commences
...