P3WG Meeting Minutes 2010-05-06
Kantara Initiative Privacy & Public Policy Teleconference
Date and Time
- Date: Thursday, 06 May, 2010
- Time: 08:00 PDT | 11:00 EDT | 16:00 UTC
Meeting Minute Status
This call was not quorate and these meeting notes have not yet been approved.
AttendeesÂ
- Robin Wilton
- Jeff Stollman
- Brett McDowell
- Mark Lizar
- Joni Brennan
- Colin Suter
Apologies
Trent Adams
Abbie Babir
Agenda
Minutes
1. Roll Call
2. Action Item updates
- Robin: Reporting back on sending a letter to Darrel Schull (through his affiliation with BIPAC) communicates regularly with CPOs. No response from Darrel.
- Privacy Module Update: This will be developed as a Whitepaper, should go out from P3, which can be used to engage with the Identity Assurance WG.  Looking to see how this will develop as a detailed privacy module or a add on to IA.  Goal is to have this done by May 20th and to find its direction. Trent is now working on the document.Â
- Â
- No Update from Abbie: On OECD funding (no one on the call can go with out funding)
- Jeff asked if anyone is going to join the Paris KI meeting?
- Brett will go if there is a Quorum with IA
- Robin will be there
3. Approve minutes from previous meeting
No Quorum
Approve minutes from previous meeting
a.      Minutes from 28 JAN
b.     Minutes from 04 FEB
c.      Minutes from 18 FEB
d.     Minutes from 25 FEB
e.      Minutes from 25 MAR
f.       Minutes from 01 APR
g.      Minutes from 08 APR
h.      Minutes from 15 APR
i.        Minutes from 22 APR
j.       Minutes from 06 May
4. Subgroup Reports
Workstream Foci
- Mark had some ideas on scaling down the workstream foci and will send these to the list. Looking at looking at the drivers.
- Jeff Going through Workstream Foci Items:Â
- Privacy Management Framework
- Mark wil send email to the people/list interested and email to the WG and Jeff recommends a doodle poll to collate interest
- Rosetta Stone
- Robin in charge of this, evolution of a paper that he has already written, he will take this on and contribute this within the next two weeks. May 20th
- Practical guidance about how to translate policy makers, technologists and privacy folks.
- Brett- Thinks it should be voted on by a group, at least as a report, even as a full industry recommendation
- Robin in charge of this, evolution of a paper that he has already written, he will take this on and contribute this within the next two weeks. May 20th
- Privacy Risk Assessment
- Brett: Create a risk register of privacy issues, probability and imapct and try to look at from an assessment perspective
- Consildate this objective with Robins main deliverable.
- Privacy Capability Assessment Model/Framework - define a set of criteria
- Â These two things converging the model and criterai to build an assessment criteria program
- Risk assessment why you are doing
- Capability model ?
- Â These two things converging the model and criterai to build an assessment criteria program
- Brett: Create a risk register of privacy issues, probability and imapct and try to look at from an assessment perspective
- Standard Privacy Policy
- Aaron is open for this but is not on all the call
- Standard policies to different industries with different requirements
- Robin: One size fits all privacy policy is a difficult tasks, would be good to get more infomration
- Mark suggest that Iain may be interested in this as a part of a Standard Agreement Effort from the Information Sharing Working Group
- Enhancing Certificate
- Robin: what kind of architecture to build an IDP to vaildate an assertion of identity, but also what to bind that with an assertion from a persons employer
- Looking at participant from norweigen gov to put some energy in. This is pending
- Robin: what kind of architecture to build an IDP to vaildate an assertion of identity, but also what to bind that with an assertion from a persons employer
- Consent and Anti-Patterns (Edgar Whitely)
- Consent and notice are badly implemented, and to make some examples of these bad ways, to help define better ways
- Identifiers in Public Sector E-Government
- Closely related to certificate semantics. - Enahancin Certificates - These can be joined.
- Collaborations with IAWG
- Privacy module is linked to this
- Space Time Data and Identity Position Paper (LIST)
- Joe Andreu
- No energy so it can be relegated to the wiki list
- About privacy impact of data that is not covered by law as PII - like location data or other bits of data.
- Joe Andreu
- Â Managing Liason with SC27 and other standards bodies
- Abbie and Robin
- Abbies is managing this liason
- Abbie and Robin
- Proactive Privacy Scan on KI Groups (LIST)
- No Leaders so this can be relegagedÂ
- Government Assurance Levels Whitepaper (potential List)
- Robin: Overtaken by eventsÂ
- Brett suggests that Colin May be driving this
- Observatory on Identity Policy Initiatives
- Brett brings up ISO document that on jurisdictional profiles
- Profiling IAF by jurisdiction
- Informational document
- Privacy Management Framework
5. All Other Business
Brett asks to be more aggressive to trimming quorum.
6. Review Action Items
ACTION ITEMS
- ACTION: Mark to send Charter Revision to the list and to follow up on the Privacy Management Module
- ACTION:Robin and Jeff to have a sidebar conversation
- ACTION: Robin -- Privacy Module & Rossetta Stone for May 20th
- ACTION: Mark to touch base with Iain Henderson on Standard Agreement as A part of the Standard Privacy PolicyÂ
- ACTION: Robin to contact Jan Shallenback to update on ISO document
Next Meeting
- Date: Thursday, 20 May, 2010
- Time: 8:00 PDT | 11:00 EDT | 15:00 UTC (Time Chart)Dial-in details:
- US/Canada toll-free number: 1.866.305.1460 begin_of_the_skype_highlighting              1.866.305.1460      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1.866.305.1460      end_of_the_skype_highlighting
- Direct dial (toll) number: +1.416.620.1296
- Attendee Code: 9247530
- International toll-free numbers:
o UK: 0800 917 5847
o Netherlands: 08002659007
o Belgium: 080079491
o Japan: 00531160345
These toll-free numbers are generously provided by BIPAC.