P3-PFSG Meeting Notes 2011-02-03

Attendees:

Gershon Janssen
Bill Braithwaite
Dale Olds
Jeff Stollman
Mark Lizar
Tom Smedinghoff
Anna Slomovic
Colin Wallis
Jay Unger
Trent Adams
Rich Furr

Apologies:
Myisha Frazier McElveen

Staff:
Joni Brennan
Anna Ticktin

Meeting Notes:

1. ADMINISTRATIVE:

  • Roll Call

2. PRIVACY FRAMEWORK DISCUSSION

A.  Review of Discovery

  • Do we have enough discovery? Are any new documents?
  • Joni advises to reach out to Chairs of InfoSharing for related documents. And Ben Wilson from IAWG / Digicert is working on a very early draft outline of an RP Guidelines document.
  • Mark advises we add a draft document authored by Myisha Frazier McElveen of IAWG on SAC Profiling Rules.

B.  Review of Definitions
Key Definitions for a privacy framework status:

  • PFSG has work to do to amalgamate the Kantara definition with the ABA proposed definition. How do all the various components converge? How extensive should the ultimate definition be?
  • Tom proposes we think about specifying definitions in the context of the framework.
  • Anna advises we be mindful of picking up definitions that are too specific to a particular region, thereby making it irrelevant for other communities around the world.
  • Tom / ABA feels "definitions" is a MAJOR problem because every group is drafting their own. Tom advises that the ABA and ID Commons have been trying to collect all definitions within the community. They've identified approximately 38 groups and 1733 terms which have been compiled into a spreadsheet to determine a consensus on definitions.
  • Joni reminds the sg that we are attempting to align with the IAF and align with our certification process... cautioning against going down the rabbit hole of definitions.
  • Dale Olds agrees and suggests defining the basic framework first as deep diving definitions could stunt forward progress and achieving the ultimate goal.
  • The SG agrees that lexicons should follow the framework.

Next steps:

  • The PFSG should begin to analyze documents as the group builds the framework whilst referencing Scott David's work along the way.
  • Mark highlights 3 buckets for definitions : Privacy. Identity. Trust.

ACTION ITEM 20110203-01 Mark + Anna--- to add the IAF terms  and the ABA draft definitions document to the wiki

C. Action Items on Discovery & Definitions

  • Tom offers a discussion on the recent ABA draft definition of a Trust Framework.
  • The ABA is focussed on the Legal side of the equation. There are a lot of usages of this term, but none with any consistently in the community.
  • The draft definition is a high-level review: 2 parts---operational requirements (tools) and legal requirements (rules).

PFSG Scope:

  • We should assert that we are attempting to build the general privacy component within a broader Trust Framework. Attribute Assurance would not be within the PFSG direct scope.
  • Due to time constraints, this  conversation thread will be picked up on the next scheduled telecon.

3. AOB

  • None.