You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 2
Next »
Date
2019-04-18
Status of Minutes
DRAFT
Approved at: <<Insert link to minutes showing approval>>
Attendees
Voting
- Jim Pasquale
- Andrew Hughes
Non-Voting
Regrets
Quorum Status
Meeting was <<<not>>> quorate
Voting participants
Participant Roster (2016) - Quorum is 6 of 10 as of 2019-03-20
Iain Henderson, Mary Hodder, Mark Lizar, Jim Pasquale (C), John Wunderlich (VC), Andrew Hughes (VC), Oscar Santolalla, Richard Gomer, Paul Knowles, Lisa LeVasseur
Discussion Items
Time | Item | Who | Notes |
---|
4 mins | | | - Deferred: Status: Wiki refresh work
- Deferred: Status: Distribution-version of slide deck describing the work here (consent receipt today → personal data processing receipt tomorrow - or whatever we decide)
- Demo status update
- Spec v2
- DIACC Notice and Consent Overview comments
- AOB
|
5 min | | All | Please review these blogs offline for current status on Kantara and all the DG/WG: There is a wiki page that will hold all the known implementations of Consent Receipts - Please update the page or inform Jim, or John, or Andrew of your implementation. |
15 min | v2 specification timeline | Andrew | - There is an opportunity here - if we can get v2 of the specification to a stable (but not necessarily final) state by late-July then we could potentially contribute it into the ISO Study Period to inform the 1st working draft of the standard (presuming that ISO approves starting the project)
- We need a Product Manager/Owner dedicated to driving the next version of the receipt specification - if we don't make the timelines then the opportunity will probably be lost.
|
15 min | Demo status update | all | - Oscar has proposed that Ubisecure create a primitive Privacy Control Panel app that accepts inbound receipts over an OAuth-controlled API.
- digi.me is nearing completion of mods to their 'consent access dashboard' to make it look/behave like a Privacy Control Panel
- We need to add a couple fileds to the spec (just for the demo) that allow the user to 'call back' to the receipt-issuer to invoke a user-mediated function like 'forget me'. These need to be fields that are URLs somewhere in the receipt-issuing party's namespace - the idea is that the user views a receipt and can click on the field/URL for the action they want to invoke. It's a way to fake an action button that does what we believe might happen in real implementations.
- Status updates from participants:
|
15 min | DIACC Notice and Consent doc | all | ** Need a person to be responsible for this activity ** - Deadline is May 3 for comments
|
defer | Product roadmap for the demo | All | Here's the project page for the "Demo v2" 2019-04-11 call notes:
Comments (2019-04-04) - (jim) digi.me green light
- (sneha) green light
2019-03-28 call notes: - Ubisecure
- Oscar sent an email to the list about how to pass the v1.1 receipts to the dashboard/receiver service
- Simple flows - a mechanism - for the end-user
- This would allow direct receipt transfers instead of 'faking it' via the Downloads folder
====== Go to the demo v2 page for the breakdown of roles and functions for 2019-02-21 call
|
defer | Specification update approach |
| See a flowchart version of this here: https://share.mindmanager.com/#publish/b-DWOcuKGnVY1PXBKXTpL0-DQOeqmZMGfGUAPiC5
2019-03-14 notes: - Mark:
- sent the GDPR extension to the W3C "Data Privacy Vocabulary Community Group" for comment
- building a proposal to split the notice from the 'consent' in the structure
- (note that this is similar to the digi.me proposal)
- Andrew urges all participants to post issues into the github repo for proposed spec changes - so that we can discuss and prioritize them for action
|
5 min | AOB |
| - H2020 TRUESSEC.eu project (draft document is from June 2018)
|
| Next meeting |
| *** Next call 2019-04-18 10:30 am Eastern DAYLIGHT Time https://global.gotomeeting.com/join/323930725
|