Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

Use Case: Kantara v0.8 Implementation

Authors: Mark & Oliver

 

Log Of Activities

ActivitiesDateStatusNotes
Converted Api to Plugin Finished 
Updating JSON to v0.816/Jun/2016in progress 
Adding 2 conformance modes to this doc   

 

Brief Description

This is a continuation of the  Consent & Information Sharing WG reference implementation, updating to v0.8 draft of the Consent Receipt specification. 

The v0.7 implementation included a consent receipt view displayed on the website, but without capacity to  -  in order to make a consent receipt notice that would be downloaded.  

https://kantarainitiative.org/beta-signup/

In this use case; Work Group - General Participation Agreement and Kantara Work Group enrolment

  1. Assessment  Kantara Consent Policy Notice and Disclosure Assessment 
  2. Review Purpose of Consent collection in the General Participation Agreement 
  3. Scope of Consent for PII use, disclosure and collection
  4. Design of Receipt - (completed once comments and UX considerations created (see ISO SC/JT Input)

1. Assessment

Kantara has a trusted and unique brand in trusted services, in that it is a community of people invested in standards development, developing trusted technology, policy, protocols around identity and policy. As a result, it is important to Kantara to be transparent around the collection use and disclosure of PII as Kantara Initiative is comprised of open and transparent Work Groups, where members agree to participate in a WG by consenting to a workgroup participation agreement.

In the current CISWG Participation Agreement sign up form there are 4 active options.

  1. Consent to Join WG
  2. Authority to consent on behalf of organisation (requires link to withdraw authority)
  3. Consent Preference - voting or non-voting (link to policy for changing voting status)
  4. Kantara PII Disclosure

 

To create a consent receipt the privacy policy (or existing consent notice) was reviewed for collection, use and disclosure practices, and these were collected in order to implemenet a base consent receipt template for the Kantara WG GPA sign-up form. 

Review recommendations:

  • In the privacy policy there is a reference to an implied consent to transfer personal information across jurisdictional borders which is not compliant with current Privacy Shield practices
    • Recommend adding an explicit consent to the WPA form
  • Member data shared on WG WIKI in participation roster (link to participant roster)
  • All post to mailing list are captured in a public achieved (link to mailing list for m)

WG PI Sharing practices

  • Disclosure 
    • Virtual
    • Emma Inc

Scopes

 

  • No labels