25 min | | Former user (Deleted) | NOTE: Small changes to publication schedule below - PII Retention - suggested new field
- This resulted from the work on the "Purpose Termination" field.
- Currently: field is called "Purpose Termination"
- Suggestion: add new field "PII Retention"
- The current understanding is that at some point in the future the Purpose will 'end'. It highly likely that a specific date will not be known at the point in time of receipt generation. Likely that purpose will end (and thus information retained) as a result of a trigger.
- The information available is whatever was provided in the Notice.
- No strong agreement on what to do
- DEFER this change suggestion
- "Jurisdiction" field
- The meaning of this field is not clear.
The applicable Jurisdictions is not a simple value that can easily be determined in all casesBased on feedback from implementors, there are some issues that should be addressed for CR v1.0: v1 - Conformance is missing ; Major schema change to add validation. (Samuli can explain)
- ‘PII Principle ID” is used without reference or definition. I assume that this is the data subject (which seems like a more intuitive name). PII Principle. i.e., the individual's name is missing.
- I think you’ll need an array of strings to name multiple third parties.
- We need an array for multiple controllers in json – this is suggested in the spec but no array is available.
- Mark Added - "Public Key should be in Data Controller section"
- Mark Added "Add Data Retention Field as suggested in v.0.9.3”
v1.x
- Need an explanation of the relationship between the elements.
- publicKey: currently string, should this be JWK object?
- collectionMethod: table says type is object, schema says type is string, I guess string is correct
- Consent type - requests for both content and JSON structure
- Purpose termination / data retention
|