Agenda
1. Roll Call
- Mark Lizar
- Anna Slomovic
- Colin Wallis
Staff
Anna Tickten -
2. Updates
- Discussing Federation Use cases for Privacy Assessment Criteria
- For Security Services (police,) they have internal process but no need for a PAC.
- F2F - Joint Session on PAC
1. P3WG needs to finalize the PAC document by compiling, discussing and adjudicating the comments that have been collected on the draft.
2. P3WG will submit the document for comment to IAWG with particular emphasis on areas of possible overlap, such as requirements for notice/service description and definitions.
3. IAWG will provide raw comments to P3WG and the two groups, jointly, can determine what the overlapping items should contain and where they should go. E.g., if the privacy notice will be included in the mandatory service description within the IAF, then P3 can provide the required privacy elements of that service description, such as a listing of all data that will be collected and/or verified by the CSP.
4. The PAC can then go for broader discussion with the relevant communities.
Additionally, before step 1 above can be completed, P3 needs to raise a strategic issues up to Kantara leadership about whether PAC should go beyond FICAM requirements. For example, FICAM discusses only data disclosure to federal applications. If a CSP is to be