P3WG Meeting Minutes 2012-10-04
P3WG Plenary Meeting 04Â October 2012
Date and Time
- Date: Thursday, 4 October 2012
- Time: 08:00 PT | 11:00 ET | 15:00 UTC (time chart)
- Dial in info:
Skype: +99051000000481 North American Dial-In: +1-805-309-2350
Conference ID:Â 402-2737
Agenda
- Administration:
- Roll Call
- Agenda Confirmation
- Minutes for approval
P3WG Meeting Minutes 2012-09-06
2. Privacy Assessment Criteria
3. AOB
Face to face meeting in Washington, DC
4. Adjourn
Â
Attendees
Voting
- Bill Braithwaite
- Mark Lizar
- Anna Slomovic
- Colin Soutar
- Quorum was attained with 4 of 7 voting members present.
Non-Voting
- Peter Capek
- Gershon Jannsen
- Jeff Stollman
- Colin Wallis
Â
Minutes & Notes
Administration
Motion for minutes -
Motion to approve by Anna;Â Bill seconds; no discussion, minutes approved by unanimous consent
Discussion
2. Privacy Assessment Criteria
Â
Termination clause.
Jeff – how can this be enforced?
Suggested language from the group:
"As part of the accreditation process, the CSP must demonstrate that it has sufficient means and process, e.g escrow, to support the protection of PII in the event that it ceases to provide CSP services, until the PII preservation is no longer required by law."
In the event that the Subject decides to terminate use of the Service:
"As part the accreditation process, the CSP must demonstrate that, in the event that the Subject terminates use of the CSP Service and requests destruction of their PII, that the CSP will do so, unless otherwise precluded from doing so by law."
Â
There was a discussion regarding the Clear trusted traveler program and how the PII were "escrowed" in that case by the US government.  No further details were available on the call, but it appeared that it would be interesting to understand more about this process.
It was stated that Tom would likely have some good input on the proposed text above.
Â
Changes in the Service
Suggested language from the group
"At the time of accreditation, the CSP must provide to the accreditor the process that it would use to notify Changes of Services, along with an example.  The notification should include the following: indication that the changes should be clearly highlighted; and the Subject is given the option to continue participation or to terminate, in which case the Subject’s PII are deleted."
Â
Transfer of ownership was also discussed, as a specific Change in Service.
Does accreditation automatically flow with an acquired organization - or does it need to be re-accredited.
It was proposed that in order to maintain the accreditation – notice must be provided by the CSP to Kantara, who may then chose to have all or parts of the Service re-accredited.
Action
Colin to seek clarification from the ARB, copying IAWG.
Â
3. AOB
Face to face meeting in Washington DC
In addition to the items that were included in the August face to face agenda, the group considered that it would be useful to provide a Powerpoint overview of the progress to date on the PAC. Â
Â
4. Adjourn
Call closed @ 12:06 EDT
Â