2019-01-10 Meeting notes (CR)
Date
2019-01-10
Status of Minutes
Approved
Approved at: 2019-12-12 Meeting notes (CR) DRAFT
Attendees
Voting
- Andrew Hughes
- Jim Pasquale
- John Wunderlich
- Paul Knowles
Non-Voting
- Sneha Ved
- David Turner
Regrets
- Oscar Santolalla
Quorum Status
Meeting was <<<>>> quorate
Voting participants
Participant Roster (2016) - Quorum is 6 of 11 as of 2018-11-19
Iain Henderson, Mary Hodder, Harri Honko, Mark Lizar, Jim Pasquale (C), John Wunderlich (VC), Andrew Hughes (VC), Oscar Santolalla, Richard Gomer, Paul Knowles, Samantha Zirkin
Discussion Items
Time | Item | Who | Notes |
---|---|---|---|
4 mins |
|
| |
5 min |
| All | Please review these blogs offline for current status on Kantara and all the DG/WG:
There is a wiki page that will hold all the known implementations of Consent Receipts - Please update the page or inform Andrew of your implementation.
|
10 min | Product roadmap for the demo | All |
|
30 min | Specification update approach | All |
See a flowchart version of this here: https://share.mindmanager.com/#publish/b-DWOcuKGnVY1PXBKXTpL0-DQOeqmZMGfGUAPiC5 |
AOB | |||
Next meeting | *** Next call 2019-01-10 10:30 am Eastern Standard Time / 15:30 GMT Next call January 17, 2019 |
From earlier calls:
- Andrew has set up a github repo for next-version specification backlog items, including use cases:
https://github.com/KantaraInitiative/consent-receipt-v-next - Some possible items for next versions:
- Structural changes to the spec including a hierarchy of objects that should improve high transaction volume
- Integration/association of the new Blinding Identity Taxonomy into the CR Spec family (to inform implementers of potential data categories of interest)
- See also this Data Categories infographic: https://enterprivacy.com/wp-content/uploads/2018/09/Categories-of-Personal-Information.pdf
- Recommendations for Customer Journey / UX / UI features
- Library of industry-specific or case-specific Purpose categories and example Purpose statements
- Expansion of Consent Types to allow for more than just Explicit Consent situations
- (idea) Optional receipt metadata to assist privacy dashboards in organizing and processing 'bring forward' items (e.g. "remind me to check this share in 3 months")
- digi.me product and management have identified six areas for development
- consent over period of time (rather than instantaneous consent)
- termination/modification of consent from either side
- high transaction volume & low per-instance cost
- how the 'receipt' fits into accounting systems infrastructures
- receipt as the basis for legal matters and actions
- UX/UI concerns
- for Clinical Trials uses, data holder is required to keep data for 10 years - need to consider longevity of the receipts to go alongside data holdings