2013-10-28 Meeting Notes - London

• Opened with the question: what is Open Notice?
  • Joe Andrieu presented a version of the Open Notice in (found in the Schema Sandbox on the wiki) that was not consent specific and used for each web page. In this context a consent receipt would be a specific instance of an Open Notice,
  • In this context the Consent Receipt is a
• Mark talked about Discovery/Publishing of the consent receipt. 
• Various notice discovery options presented
  • The provision of a consent receipt at the point of consent is the primary way of discovery for the consent tag.
    • Wether this works for all open notices is up for debate, in fact a publishing methods of consent tags can themselves be used to open the notice of the website, and be published with the various discovery options presented in the presentation
• Consent tag is required infrastructure that is missing and needed for compliance to solve many issues regulators have - illustrated EU law and talked about NSTIC - US Gov - Hypothesis for Discovery is that Adoption will be required with new EU laws. Discovery will be at the point of consent.
  
  

• Par presented on Common Terms, illustrating how signs are very important and used to summarise and make useful policy.
• Illustrated a concentrated study of common elements of policy and broke these down to an easy category
• Developed a process for companies to go through to link policy to these categories

• Presented his research on purpose in data protection
• collected data base of data protection registrations and listed purposes by type
• Illustrated a dynamic diagram for
• Interesting to see what is used for purpose now and how relevant (or not) it is to current environment of consent online

• Work comes from privcy preference modelling, location sharing privacy prefs, mobile app for privacy prefs,

people care about limited number of issues - small clusters who have like-minded preferences.

• Work includes 
  • personalising disclores
  • nutrition labels, icons, etc.
  • NLP and machine-learning
  • Parsing and statistical linguistic analysis techniques - to auto extract features of policies. Not to fully automate, (impossible) but to speed up what can be accomplished with crowd-sourcing. The ability to identify a small number of silences.
  • E.g. privacychoice. Go beyond keywords.
    • Amazon mechanical turk - to get quality annotations.
  • Identify pertinent fragments of texts - extract answers.
  • Formal methods side - build on what extracted from policies. formal models of privacy policies
  • Joel Reidenberg working on the legal side, with aleecia mcdonald, lorrie cranor.
  • Updating the sweeping techniques. GPEN sweep.
  • Joel Reidneberg - ask about the raw data from GPEN.

Playing with different ways of asking questions to users. Presentations.

funded by the national science foundation (US)

• grouping and packaging privacy preferences
  • done a lot of work in nutrition labels
  • privacy icons
• Natural Language Processing and Machine Learning