DRAFT 2019-07-10 Meeting notes

Date

2019-07-10

Status of Minutes

DRAFT

Approved at: <<Insert link to minutes showing approval>>

Agenda

Call to order
1. Roll Call & Determination of quorum status
2. Agenda bashing
3. Kantara Organization updates
WG Motions
Discussion
1. WG path forwards
2. WG & publication scope
Upcoming conferences and events
All Other Business (AOB)
Adjourn

Attendees

Voting

Andrew Hughes
Marco Venuti

Non-Voting

Lisa LeVasseur
Nancy Lush

Regrets:

Quorum Status

The meeting was not quorate

Voting participants

Participant roster (CMS) - Quorum is 4 of 6 as of 2018-04-02

(Voting status: Marco Venuti, Jim Pasquale, Andrew Hughes, John Wunderlich, Kate Downing)

Discussion Items

Time	Item	Who	Notes

Time	Item	Who	Notes
5 min	Call to order Roll call Agenda bashing Organization updates	Chair	Meeting was called to order and the roll was called Please ensure that you sign the Group Participation Agreement Please review these blogs offline for current status on Kantara and all the DG/WG: 2019: May Work + Discussion Group Activity
5 min	WG Motions A Quorum required	Chair	Motion to ... Moved by: Seconded: Discussion: Result:
5 min	Introductions	All	Welcome!
30 min	WG path forward	All	Discussion about pressure points and the demand for 'consent' Discussion on seeing 'consent' requirements in some RFPs - purchasing Also - Service providers (data processors) are starting to insist that Brands (the data controllers) have valid 1st party consent from consumers (data controller to data processor demands) ACH asked Marco for ratio of wants consent stuff versus not asking for consent stuff in rfps ACH asked Marco for sample language - examples of how company RFPs ask for consent management-related stuff Andrew speculates - what if CMS WG produced a boilerplate clause setting out how to ask for consent management stuff? James - one aspect is when a customer 'signs up' with a provider - explicit; another aspect is passive tracking; this is the omnichannel user consent management problem - the person might set different instructuctions on every different channel the customer connects to the provider (e.g. in person vs mobile app) Caution to ourselves that user preferences can come from any channel, not just 'web' or 'mobile app' Lisa & Eve Maler have written a paper that sets out 'consent' needs to evolve - interesting supporting material James - identification of the user is a challenge that intersects with the explicit/active consent management topic This is a big challenge for companies Companies are seeking a solution to lightweight but robust identification solutions - rather than asking for an emailed picture of a passport or ID card There is a need for safe, secure solutions to linking customer interaction channel identifiers together in order to manage consent instructions at a person level, not at a channel-user level Notes that collection of passive identifiers via setting a cookies etc is problematic when those passive identifiers are sent onwards to a third party that has the capability of linking those passive identifiers to actual individuals. If the identifiers cannot be linked to real persons (because they are not sent onwards) then they are less problematic. Companies want risk mitigation - this can mean unification of the many 'consents' that a person gives to a company due to many channels
5 min	Upcoming conferences and events	Andrew	Events that Kantara will have an active role: https://kantarainitiative.org/events/
5 min	AOB	Chair	ACTIONS:
	Adjourn	Chair	Next WG meeting Wednesday, XXXXXXXX, 2019 10:00 Eastern Daylight Time / 14:00 GMT https://global.gotomeeting.com/join/276734989