ANCR WG 20210421 DRAFT

Date and Time

Agenda

  • Roll
  • IPR
  • Minutes  Approval 
  • Agenda Approval
  • Intros
  • Agenda Items Discussion
    • Actions pending
    • Actions new
  • Updates from the consent community
  • AOB


Roll call

Mark, Vitor, Jan, Peter (non-voting) , Sal 

Quorate: yes 4 of 6

Participant List

--

IRP Policy Announcement

Approve Minutes 

ANCR WG 20210414

Moved, approved

Minutes

Discussion of the difference between human centric approaches vs. technical centric approaches that typically only consider enterprise risk.


Go to the beginning of the workflow.

and how this relate to 


Need to describe privacy framework, privacy agreement and how this relates and constrast with current privacy policy.

Human, Legal State Change, and Lifecycle 


Initial receipt is a notice (do we agree). → the anchor receipt → the part of a receipt that is common across use cases.


Privacy promise....

(part of framework, not discussed, could be quality of notice).


ANCR receipt


  • Place of notice digital and physical location (of the person)
  • Method in 1.2 
    • how do I do this 
  • Method of collection of consent vs. collection of notice
  • Method of deliver of notice
    • Related to quality of consent and better definition of risk
  • Location is where the subject is exposed to the policy.
    • Tell me that you agree
      • (Consent Methods....)
      • And whether the notice is legally compliant
  • Can you consent if you don't know who you are dealing with...
    • In the US implicit consent is the norm...
  • Make it something that Bob could figure out...
    • 1.1. was call your lawyer to fill out the field..
  • You want to be able to create your own receipt, that captures the level of transparency at that interaction
    • Quality of Notice
    • Use of Rights

Actions 

  • Define Initial Notice Receipt Fields
  • May 4th workshop
  • IIW presentation
    • Thursday Noon
  • Review framework 

(Previous)

  • Review receipt fields (uploaded) -> test against:
    • transborder requirements
    • delegation
    • outsourced receipts ("store")
    • legally covering GDPR and other potential laws/acts/regulations
    • can we pair receipts for active state
  • Updating language on our part is an important next step

Other

Jan appointed Editor of ISO 27560.