IAWG Meeting Minutes 2014-01-09

Owned by Former user (Deleted)
Last updated: Feb 06, 2014
4 min read

Kantara Initiative Identity Assurance WG Teleconference

 

Meeting Minutes - approved by IAWG 2014-02-06

 

Date and Time

Agenda

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Minutes approval: IAWG Meeting Minutes 2013-12-12
    4. Action Item Review
    5. Staff reports and updates
    6. LC reports and updates
    7. Call for Tweet-worthy items to feed (@KantaraNews or #kantara)
  2. Discussion
    1. Review approval status of IAF 3520 (S3A) & discuss
    2. Request to draft an opinion or report regarding application of our program(s) toward Safe Harbour regulations. Refer to J. Brennan email request: http://kantarainitiative.org/pipermail/wg-idassurance/2013-December/001880.html
    3. Resilient Network project - status as it relates to IAWG?
    4. Roadmap Review for 2014 & forward-looking plans
  3. AOB
    1. Discussion of IAWG meeting day/time - currently conflicts with OASIS Trust Elevation & others
  4. Adjourn

 Attendees

Link to IAWG Roster

As of 19 December 2013, quorum is 5 of 9

 

Meeting achieved quorum

 

Voting

  • Myisha Frazier-McElveen (C)
  • Andrew Hughes (S)
  • Richard Wilsher
  • Scott Shorter
  • Cathy Tilton
  • Rich Furr (V-C)

Non-Voting

  • Kenneth Myers

Staff

  •  Joni Brennan

Apologies

  • Matt Thompson

Notes & Minutes

Administration 

Minutes Approval

Motion to approve minutes: IAWG Meeting Minutes 2013-12-12: Furr
Seconded: Shorter
Discussion: None
Motion Carried 

Action Item Review

See the Action Items Log wiki page

Staff Updates

  • Director's Corner Link
  • Event Radar 2013 and 2014 Link
  • NSTIC January 30, 2014 NSTIC Pilots In Motion Day - Washington DC Kantara is producing
    • These are the 5 pilots that Kantara is involved in
    • No fee, Registration required - watch for a notice soon
    • US Department of Commerce is sponsoring
  • RSA Conference - planning for Kantara presence
  • HIMSS - planning for Kantara presence
  • Japan sub-team is planning to create a profile of the SAC for Japanese jurisdiction - early days
LC Updates
  •  no meetings this period
  • Andrew noted that the current IAWG is now located in the correct place
Participant updates
  • Noted that the FICAM TFS program is working with IAWG Modular IAF subgroup to refine the models. They have now inserted an explicit reference to the IAWG Modular IAF sub-team work

Discussion

IAF 3520 (S3A)
  • After review of approval records, it appears that the original S3A document was not approved. In addition, the v2.0 in current use has not been formally approved.
  • Comment: The template version of the S3A has a variety of issues that make it difficult to edit. Usability issues, not content issues.
  • RGW described the typography of the S3A - different styles indicate different treatments for text (guidance, public viewable, etc)
  • Note that all the sections related to 'Contacts' should be removed because they are redundant
  • The S3A is probably owned by the ARB - as part of the Application for Approval document set
  • ACTION: Provide feedback to the ARB on usability. Myisha.
Request to draft an opinion or report regarding application of our program(s) toward Safe Harbour regulations
 Click here to expand...
Dear IAWG,
I would like to ask the IAWG to review the referenced memo and please advise an IAWG opinion or report regarding application of our program(s) toward Safe Harbour regulations.  This is of particular interest for business considerations that cross borders.
An excerpt is below and the full details are available from the link. Thank you for your consideration of this request in the new year.

http://europa.eu/rapid/press-release_MEMO-13-1059_en.htm

Restoring Trust in EU-US data flows - Frequently Asked Questions

What is the Commission presenting today?

Today the European Commission has set out actions to be taken in order to restore trust in data flows between the EU and the U.S., following deep concerns about revelations of large-scale U.S. intelligence collection programmes, which have had a negative impact on the transatlantic relationship.

The Commission's response today takes the form of:

   -   A strategy paper (a Communication) on transatlantic data flows setting out the challenges and risks following the revelations of U.S. intelligence collection programmes, as well as the steps that need to be taken to address these concerns;
   -   An analysis of the functioning of 'Safe Harbour'<http://ec.europa.eu/justice/policies/privacy/thridcountries/adequacy-faq1_en.htm> which regulates data transfers for commercial purposes between the EU and U.S.;
   -   A factual report on the findings of the EU-US Working Group on Data Protection which was set up in July 2013;
   -   A review of the existing agreements on Passenger Name Records (PNR) see MEMO/13/1054 <http://europa.eu/rapid/press-release_MEMO-13-1054_en.htm>),
   -   As well as a review of the Terrorist Finance Tracking Programme (TFTP) regulating data exchanges in these sectors for law enforcement purposes see MEMO/13/1164 <http://europa.eu/rapid/press-release_MEMO-13-1164_en.htm>).

In order to maintain the continuity of data flows between the EU and U.S., a high level of data protection needs to be ensured. The Commission today calls for action in six areas:

   -   A swift adoption of the EU's data protection reform
   -   Making Safe Harbour safe
   -   Strengthening data protection safeguards in the law enforcement area
   -   Using the existing Mutual Legal Assistance and Sectoral agreements to obtain data
   -   Addressing European concerns in the on-going U.S. reform process
   -    Promoting privacy standards internationally

Best Regards,
Joni Brennan
Kantara Initiative | Executive Director
  • If Kantara was able to show that IAF covers or does not cover Safe Harbour provisions - it would be valuable
  • Call for expertise to provide an opinion/analysis
    • This might be an IAWG work item
    • This might be a call for external expertise
  • RGW: This is probably a Profiling topic - outside of the scope of the SAC. 
  • JB: This is a marketing and visibility opportunity as well.
  • Comments deadline: unknown, but probably soon.
  • RF: The Department of Commerce has a package for the Safe Harbour provisions - annually updated self-certification
  • SAFE BioPharma has gone through the process before - a near term step for the analysis would be to followup with Peter Alterman on how SAFE BioPharma is working with Safe Harbour. 
  • ACTION: Andrew. Put on the IAWG Roadmap: Produce a Report (opinion) on how the SAC might or might not cover requirements of Safe Harbour (for Kantara consumption).
  • ACTION: Myisha. Send email to the list for volunteer to: Do near-term analysis on the work that would be required once IAWG chooses to engage this topic.
  •  
Resilient Network project

Deferred to next meeting

Roadmap Review for 2014
  • RGW: would like to put the Relying Party Guidelines high on the priority list for this year.

AOB

Discussion of IAWG meeting day/time
  • Does Noon Eastern Thursday work? 
    • ACTION: Andrew to do a Doodle poll for this time

Carry-forward Items

    1. Resilient Network project - status as it relates to IAWG?
    2. Roadmap Review for 2014 & forward-looking plans

Attachments

 

 

Next Meeting