P3WG Meeting Minutes 2012-10-04

Owned by Former user (Deleted)
Last updated: Aug 30, 2013 by Former user (Deleted)

P3WG Plenary Meeting 04 October 2012

Date and Time

  • Date: Thursday, 4 October 2012
  • Time: 08:00 PT | 11:00 ET | 15:00 UTC (time chart)
  • Dial in info:
    Skype: +99051000000481 North American Dial-In: +1-805-309-2350
    Conference ID: 402-2737

Agenda

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Minutes for approval

P3WG Meeting Minutes 2012-09-06

2. Privacy Assessment Criteria

3. AOB

Face to face meeting in Washington, DC

4. Adjourn

 

Attendees

Voting

  • Bill Braithwaite
  • Mark Lizar
  • Anna Slomovic
  • Colin Soutar
  • Quorum was attained with 4 of 7 voting members present.

Non-Voting

  • Peter Capek
  • Gershon Jannsen
  • Jeff Stollman
  • Colin Wallis

 

Minutes & Notes

Administration

Motion for minutes -

Motion to approve by Anna; Bill seconds; no discussion, minutes approved by unanimous consent

Discussion

2. Privacy Assessment Criteria

 

Termination clause.

Jeff – how can this be enforced?

Suggested language from the group:

"As part of the accreditation process, the CSP must demonstrate that it has sufficient means and process, e.g escrow, to support the protection of PII in the event that it ceases to provide CSP services, until the PII preservation is no longer required by law."

In the event that the Subject decides to terminate use of the Service:

"As part the accreditation process, the CSP must demonstrate that, in the event that the Subject terminates use of the CSP Service and requests destruction of their PII, that the CSP will do so, unless otherwise precluded from doing so by law."

 

There was a discussion regarding the Clear trusted traveler program and how the PII were "escrowed" in that case by the US government.   No further details were available on the call, but it appeared that it would be interesting to understand more about this process.

It was stated that Tom would likely have some good input on the proposed text above.

 

Changes in the Service

Suggested language from the group

"At the time of accreditation, the CSP must provide to the accreditor the process that it would use to notify Changes of Services, along with an example.   The notification should include the following: indication that the changes should be clearly highlighted; and the Subject is given the option to continue participation or to terminate, in which case the Subject’s PII are deleted."

 

Transfer of ownership was also discussed, as a specific Change in Service.

Does accreditation automatically flow with an acquired organization - or does it need to be re-accredited.

It was proposed that in order to maintain the accreditation – notice must be provided by the CSP to Kantara, who may then chose to have all or parts of the Service re-accredited.

Action

Colin to seek clarification from the ARB, copying IAWG.

 

3. AOB

Face to face meeting in Washington DC

In addition to the items that were included in the August face to face agenda, the group considered that it would be useful to provide a Powerpoint overview of the progress to date on the PAC.  

 

4. Adjourn

Call closed @ 12:06 EDT

Â