Date
2017-03-23
Status of Minutes
Approved
Approved at: 2019-12-12 Meeting notes (CR) DRAFT
Attendees
Voting
- Andrew Hughes
- Harri Honko
- Jim Pasquale
- Mary Hodder
- Mark Lizar
- Iain Henderson
Non-Voting
Discussion Items
Time | Item | Who | Notes |
---|
4 mins | | |
|
1 min | | All | Please review these blogs offline for current status on Kantara and all the DG/WG: |
5 min | - Status of Consent Receipt Specification v1
| | - email Ballot results:
Motion is approved: "To approve the Draft Recommendation 'Consent Receipt Specification v1.0.0 DRAFT 3' for Leadership Council certification towards an All Member Ballot"
YES: Iain, Harri, Mark, John, Jim NO: none ABSTAIN: Andrew (by prior agreement with the WG)
5 YES out of 7 eligible voting participants
|
40 min | | All | - - discuss approach and schedule for next round of specification enhancements
- a contributions period - a period of consolidation and combination of the contributions - a period of WG Editor work - Public review etc - confirmation of change request tracking tool (GitHub Issues unless strong objection)
Harri - Their EU-based lawyer commented that the CR v1.0 draft has elements that are based on UK/US Common Law, rather than civil codes (GDPR)
- e.g. Consents have to be better atomized - so that over time, is there an accumulation of receipts? or accumulation of consents?
- The implementation detail might be: is there a concept of dynamic evaluation of consented purposes? Or is it static at transaction time? e.g. if a purpose or consent is changed at a later date, are the original receipts canceled and re-issued? is the original updated? is there a 'diff' receipt that only covers the different scope?
- Mary
- The caution about "Purposes lists" and "Sensitive data types" needs to be resolved - must be very cautious about how these are displayed to the user, especially if it's sensitive data - need to create recommendations
- Mark
- Need to set up a backlog - and define a work plan and schedule
- Set a date for CR v1.1
- Need to write guidance on spec usage
- Need consensus on
- Prioritization of backlog
- Need to consider any issues that are used for GDPR implementation
- The original agreement was to do 6-month epics
- Andrew to try to get the comments from the public review into github
|
| Comments to ICO Consent Drafts | Mark | - Please have comments to Mark by Sunday EOD
- Mark to consolidate and circulate
- Next call a WG motion to approve the consolidated comments for submission on March 31
- CIS WG goal: to highlight the work of the CIS and CR specification
- Mark has sent a request to personal data community to contribute
|
| Submitting the work to ISO | Mark | - The WG charter states that the WG outputs should be contributed to ISO - how to proceed?
- Should we update the charter to remove this? Or identify new paths to other SDOs like BSI? or what?
- Basically review the purpose of the consent work in this WG
- Comment: we should hold off until v1.1
- Mark to send a note to the list and ask the question
|