|Call to Order|
Check for a quorum.
Reminder about attendance policy for voting status.
|A reminder of IPR policy for the WG|
|Approval of Agenda|
Approval of Minutes
Actions arising: None
Project Updates (Month-end Updates) (not required this meeting)
Personal Data Use Receipt Framework
Jim Pasquale Provided an overview
Continued the walk-through of the PDURF
Discussion of how we might gain external input from the marketplace to obtain feedback on the data model.
Group discussion on a number of issues (if you are reading this, please email Kate Downing or make changes to reflect your actual comments located in the v0.2 Word document
Please enter your availability on the following link so that we might find a better time for the group:
|Last Meeting Discussions||All|
Discussion of Kenneth Klingenstein's document submitted on 12/17/20: group was generally positive, however suggested that some of the characteristics listed might better describe a specific profile; not necessarily a framework.
We should develop a list of the understood Purposes of Use.
Next steps: accept/reject the comments on the existing DRAFT v2.0
Kenneth Klingenstein No new trust frameworks until a comparison of existing trust frameworks have been conducted. Privacy frameworks are likely embedded within these trust frameworks, and consent frameworks within these privacy frameworks. Consent mechanisms such as duration, collection, usage, disclosure etc. should be rationalized. Suggestion to create a comparison prior to moving forwards. High-level analysis prior to a deeper dive? Places where consent is defined TODAY (in legislation, regs, etc.)
Motion to consider this when we next achieve a quorum.
John Wunderlich Suggestion to rephrase consent as an authority so that legal agreements and other appropriate bases for authorization are captured. Do 'you' have the authority to collect? Is this legitimate interest? If this is consent how is this determined? We are not looking to understand the legal basis, we are instead looking to scope this as an understanding of the MECHANISM for consent (purpose of use).
IAB framework is upstream of the PDURF - we instead might want to understand if this is an allowable use based upon the mechanism itself?
(perhaps this is a deeper-dive?) is the usage consistent w/ purpose of use?
(e.g. publish individual's data on company newsletter – I have the data; is this purpose allowed under the basis that I hold this data?)
Mary Hodder View https://www.thetradedesk.com to see concerns with 'absolutely verifiable' identity all the time... (privacy minimization); pseudonyms are part of our reality & the need for companies/individuals to categorically & definitively identify an individual at every juncture is disturbing
|New Business Proposals||All|
*** Next call 2021-01-21 10:30 am Eastern DAYLIGHT Time
- Type your task here, using "@" to assign to a user and "//" to select a due date
- Please enter your availability here: https://www.when2meet.com/?10710726-4WtpV so that we might better accommodate the group's schedule
- Consider https://slite.com/features for spec / data model generation
- Kate Downing to merge changes & send to team for review
- Kenneth Klingenstein to share a checklist of touch-points for the next meeting