ANCR WG 20210421 DRAFT

Wednesday 10:30 EST
- Screenshare and dial-in:
- United States: +1 (224) 501-3316, Access Code: 485-071-053 (confirm or change)
- See ANCR calendar for additional details: https://kantara.atlassian.net/wiki/display/WA/Calendar

Mark, Vitor, Jan, Peter (non-voting) , Sal

Quorate: yes 4 of 6

--

IRP Policy Announcement

Moved, approved

Discussion of the difference between human centric approaches vs. technical centric approaches that typically only consider enterprise risk.

Go to the beginning of the workflow.

and how this relate to

Need to describe privacy framework, privacy agreement and how this relates and constrast with current privacy policy.

Human, Legal State Change, and Lifecycle

Initial receipt is a notice (do we agree). → the anchor receipt → the part of a receipt that is common across use cases.

Privacy promise....

(part of framework, not discussed, could be quality of notice).

ANCR receipt

Place of notice digital and physical location (of the person)
Method in 1.2
- how do I do this
Method of collection of consent vs. collection of notice
Method of deliver of notice
- Related to quality of consent and better definition of risk
Location is where the subject is exposed to the policy.
- Tell me that you agree
  - (Consent Methods....)
  - And whether the notice is legally compliant
Can you consent if you don't know who you are dealing with...
- In the US implicit consent is the norm...
Make it something that Bob could figure out...
- 1.1. was call your lawyer to fill out the field..
You want to be able to create your own receipt, that captures the level of transparency at that interaction
- Quality of Notice
- Use of Rights

(Previous)

Jan appointed Editor of ISO 27560.