P3-PFSG Meeting Notes 2011-02-24

Anna Slomovic
Mark Lizar
Gershon Janssen
Tom Smedinghoff
Trent Adams
Colin Wallis
John Bradley
Rainer Hoerbe
Peter Capek
Dale Olds
Christine Runnegar

Staff:
Joni Brennan
Anna Ticktin

1. ADMINISTRATIVE

2. PRIVACY FRAMEWORK DISCUSSION
Discovery results

Frameworks available for analysis have been posted on the wiki here.
Anna suggests starting with "common principles" to find commonality since privacy is very different across jurisdiction. By starting with what people have already agree on, the group could then move on to proposing a solve to what has not been resolved by the community. John adds that at some point we need to identify what we aim to achieve in producing 1 or more privacy frameworks.

Discussion:

What problems are presented when a TFW that is privacy protected attempts to cross-credential with a TFW that is not? Clearly there are conflicting notions of privacy in a TFW, thus multiple applications of a TFW must be defined. Cost vs. Privacy is an unavoidable trade off.

The next phase of the work---Analysis of principles:

Division of work:

PFSG members are asked to sign up for 1 principle and leverage it across different frameworks , asking: what it is and how it's used, catalog what the suggested high-level controls are from the TFW [the "thing" you are going to be measured on for the audit] to determine whether it's actionable. Reports should be made available by the next PFSG call on 17 March.

Needs: (this work will be collated upon completion):

Volunteers:

Remaining principles to be researched:

Analysis of definitions:

3. AOB

Archived Groups