2017-03-23 Meeting Notes (CR)

Date

2017-03-23

Status of Minutes

Approved

Approved at: 2019-12-12 Meeting notes (CR) DRAFT

Attendees

Voting

  • Andrew Hughes
  • Harri Honko
  • Jim Pasquale
  • Mary Hodder
  • Mark Lizar
  • Iain Henderson


Non-Voting

  •  David Turner


Quorum Status

Meeting was quorate



Voting participants

Participant Roster (2016) - Quorum is 4 of 7 as of 2016-10-06

Iain Henderson, Mary Hodder, Harri Honko, MarkLizar, Jim Pasquale, John Wunderlich, Andrew Hughes

Discussion Items


TimeItemWhoNotes
4 mins
  • Roll call
  • Agenda bashing

1 min
  • Organization updates
All

Please review these blogs offline for current status on Kantara and all the DG/WG:

5 min
  • Status of Consent Receipt Specification v1
  • email Ballot results: 
    Motion is approved: "To approve the Draft Recommendation 'Consent Receipt Specification v1.0.0 DRAFT 3' for Leadership Council certification towards an All Member Ballot"

    YES: Iain, Harri, Mark, John, Jim
    NO: none
    ABSTAIN: Andrew (by prior agreement with the WG)

    5 YES out of 7 eligible voting participants

40 min
  • Discussion of approach
All
  • - discuss approach and schedule for next round of specification enhancements
    - a contributions period
    - a period of consolidation and combination of the contributions
    - a period of WG Editor work
    - Public review etc
    - confirmation of change request tracking tool (GitHub Issues unless strong objection)


Harri

  •  Their EU-based lawyer commented that the CR v1.0 draft has elements that are based on UK/US Common Law, rather than civil codes (GDPR)
  • e.g. Consents have to be better atomized - so that over time, is there an accumulation of receipts? or accumulation of consents?
    • The implementation detail might be: is there a concept of dynamic evaluation of consented purposes? Or is it static at transaction time? e.g. if a purpose or consent is changed at a later date, are the original receipts canceled and re-issued? is the original updated? is there a 'diff' receipt that only covers the different scope?
  • Mary
    • The caution about "Purposes lists" and "Sensitive data types" needs to be resolved - must be very cautious about how these are displayed to the user, especially if it's sensitive data - need to create recommendations
  • Mark
    • Need to set up a backlog - and define a work plan and schedule
    • Set a date for CR v1.1
    • Need to write guidance on spec usage
  • Need consensus on
    • Prioritization of backlog
    • Need to consider any issues that are used for GDPR implementation
    • The original agreement was to do 6-month epics
  • Andrew to try to get the comments from the public review into github

Comments to ICO Consent DraftsMark
  • Please have comments to Mark by Sunday EOD
  • Mark to consolidate and circulate
  • Next call a WG motion to approve the consolidated comments for submission on March 31
  • CIS WG goal: to highlight the work of the CIS and CR specification
  • Mark has sent a request to personal data community to contribute

Submitting the work to ISOMark
  • The WG charter states that the WG outputs should be contributed to ISO - how to proceed?
  • Should we update the charter to remove this? Or identify new paths to other SDOs like BSI? or what?
    • Basically review the purpose of the consent work in this WG
  • Comment: we should hold off until v1.1
  • Mark to send a note to the list and ask the question