Date
2017-10-05
Status of Minutes
Approved
Approved at:Â 2019-12-12 Meeting notes (CR) DRAFT
Attendees
Voting
Non-Voting
- David Turner
- Tom Jones
- Colin Wallis
- Dorata Filipczuk
Quorum Status
Meeting was << non-quorate>>
Voting participants
Participant Roster (2016)Â - Quorum is 5 of 8 as of 2017-08-24
Iain Henderson, Mary Hodder, Harri Honko, MarkLizar, Jim Pasquale, John Wunderlich, Andrew Hughes, Rupert Graves
Discussion Items
Time | Item | Who | Notes |
---|
Time | Item | Who | Notes |
---|
4 mins | | | |
1 min | | All | Please review these blogs offline for current status on Kantara and all the DG/WG: - Update on the new WG title being proposed as Privacy for Public Policy
- Discusse that the current IPR - RF RAND does not allow for derivative works
- Discussed with Iain that the new GDPR for customers might be better placed under the non-assert covenant
- Action - Iain to send an email to principle in this work and see if the new WG IPR be placed under this new wg for customer commons and Kantara
|
30 min | Discuss 'sprint' process diagram | David | Â What is left to do for v1.1? David to produce a new update of the document after this call - 3 issues
- security considerations
- Tom brings up confirmation of the receipt of the receipt out of scope but could/should be mentioned
- Is the receipt is PII?
- Tom mentions a Latanya Sweeney PII identifiably study - needs trusted 3rd party
- This boils down to wether or not encryption is required and at which level
- we decide to err on the side of caution and put in a MUST.
- examples for list of collection methods
- combining the on-behalf -
- clarify use of third party field name
- which party is on the front of the data collection process and which party is on the behalf
- reconciling on behalf with the 3rd party
- example
- SAAS service in the cloud
- SAAS is the data controller
- hosted storage wold be the PII processor
- Is this being shared with related parties on non-related parties
- David suggests
- we keep it as is, and to keep this as an item to be dealt with in the next iteration of the receipt
- in addition, disclosure to process or 3rd party is deal with in the next generation of the
- Disclosure to another jurisdiction - as a remaining field need for the CR v1.1
|
1 min | Discuss work backlog priorities for CR v1.1 | David | Github Issues:Â https://github.com/KantaraInitiative/CISWG/issues |
|
|
|
|
Discussion