P3WG Meeting Minutes 2010-09-23

Attendees 

  1.  Jeff
  2. Abbie
  3. Trent
  4. Mark
  5. Colin

NON Voting

  1. Anna S
  2. Anna T
  3. Christine 
  4. Joni

Apologies

  1.  Susan Landau

AGENDA:

1.      Roll call
2.       Action Item updates
a.       P3wg outreach to corporate CPOs (Anna)
b.      Privacy policy rights vs. new technology Terms Of Service (Jeff)
c.       Tracking list of Regulatory Activities and Call for Papers on wiki (Mark)
3.      Approve minutes from previous meeting
4.      Liaison w/HIAWG and IAWG (Jeff)
5.      Attendance at KI F2F in Paris
6.      Privacy news updates
a.       MIT conference (Trent)
b.      NASPO support (Abbie)
c.       Hansen Privacy Terminology (Trent)
d.      Editing 29190 (Abbie)
7.      Strategic foci reports
a.       Privacy Module (Trent, Robin, Colin S)
b.      Privacy Management Framework (Mark)
c.       Rosetta Stone document (Robin)
d.      Collaboration w/IAWG on LOA and Privacy Agreements/Privacy Module white paper (Colin S)
e.       Managing Liaison w/SC27 & other standards bodies (Robin, Colin W, Abbie)
f.        Enhancing Certificate/Signature Semantics (Robin)
g.       Privacy Risk Assessment (Jeff)
h.       Standard Privacy Policy
i.         Consent and Anti-patterns
j.        Identifiers in Public Sector e-Procurement
k.      Space/Time Data and Identity position paper
l.         Pro-active Privacy Scan of other KI groups
m.     Government Assurance Levels White Paper
n.       Observatory on Identity/Policy Initiatives
8.      All other business
9.      Update Roll Call
10.  Review Action Items

Minutes

Discussing Anna's input and its use for IAPP.

Marketing input from Anna is useful for introducing Kantara and also useful for providing a summary of P3.  Anna points that this is important as P3 deals explicitly with identity related issues which is a way to distinguish this privacy group from other groups.

Joni suggest that this should be added to

Anna T - Action Item to add this to the P3 home page.

Jeff - Discussing Privacy Notifications for existing products.  Feedback is that this is too general of a topic for this workgroup as it is not specific to Identity. This was echoed by all others on the group.

Anna listed a bunch of groups that may be more appropriate in driving such an effort.  (I will try and find list)

Mark suggest that there is an identity related point that notice in identity management needs to be sufficient for the use of identity.

Review of a P3 - (H)IAWG Liaison Call - Joni gave an update - that we are all working towards greater liason activities and mechanisms for working in conjuntion - HIAWG patient portal project and the Privacy Management Framework as two low hanging pieces of fruit to start discussing.  We are going to start meeting on a quarterly basis to liase.

Anna S - discusses that this is an exciting point to liaise around as there is ongoing efforts in privacy framework work, she has been involved in Health and Identity for over 10 years and that there is a need for this type of activity that can attract others into Kantara.

Joni - discussed how important this is and Anna is happy to be a liaison in this area as there is a great need for this. Take action to pull Anna -S into this thread. 

Discussing the KI MTG in Paris..  discussed dropping the slot,..

Joni mentioned that at the Paris meeting there will be discussion about budgets

IGF- Future of Privacy discussion.  - Christine presented the future of privacy on behalf of P3.  This presentation was very well received by W3C, OASIS, etc.  There was about 100 participants in the room.  Christine made a report of Security openness and privacy.  Included brief statement about the technical community, beyond just the policy and the privacy community.  There is a need for technical identity to be represented in the legal and policy discussion that are involved.

Trent mentioned that P3 statement was very well recieved. 

Christine mentioned that this will be contributed at as report into the IGF.  The IGF had a five year mandate and that this is the fifth year that it is going and we will see if this will continue in the future.

Anna discusses the Global Privacy Enforcement Network -  multiple countries involved.. A good effort to track for P3

Trent - Privacy Framework Proposal draft is being contributed to the P3 focused around credential management.  Asking whether P3 is ready to accept the work, is there someone ready to sheppard the work.     The WG has agreed to accept the work although Trent made it clear that there is no leader and that the WG will have to review the work and then decide as a group on how to  progress.

Mark suggests that this work is a pinnacle point for liaising with other WG.