Skip to end of metadata
Go to start of metadata



Status of Minutes


Approved at: 2019-12-12 Meeting notes (CR) DRAFT




  • Robert Mitwicki
  • David Turner
  • Jan Lindquist
  • Colin Wallis


Quorum Status

Meeting was <<<>>> quorate

Voting participants

Participant Roster (2016) - Quorum is 6 of 11 as of 2018-11-19

Iain Henderson, Mary Hodder, Harri Honko, Mark Lizar, Jim Pasquale (C), John Wunderlich (VC), Andrew Hughes (VC), Oscar Santolalla, Richard Gomer, Paul Knowles, Samantha Zirkin

Discussion Items





4 mins
  • Roll call
  • Agenda bashing
  • Discuss approach to specification updates

5 min
  • Organization updates

Please review these blogs offline for current status on Kantara and all the DG/WG:

There is a wiki page that will hold all the known implementations of Consent Receipts - Please update the page or inform Andrew of your implementation.

  • TIIME, Vienna, February
  • EIC, Munich, May
  • Identiverse, Washington, June
10 minProduct roadmap for the demoAll
  • Target is EIC May 2019
  • Decisions needed:
  • The specific set of user stories we want to showcase
30 minSpecification update approachAll
  • Discovery approach leading to backlog leading to prioritization?
  • How do we decide what changes we must do in this round versus deferrable changes?
  • Support for implementation functions
    • x
  • Structural changes for ease of receipt processing
    • Note that because the receipt specification is net new - so 'breaking changes' probably means that is not backwards-compatible with v1.1
    • x
  • Direct support for interoperable exchange of receipt data
    • Data integrity features, etc
    • Note: this category shares many topics and issues with the Schemas/Overlays work
    • x
  • Recommendations and guidance for specific fields/values
    • x
  • Document family structure for extensions
    • x

See a flowchart version of this here:


Paul - next SSI task is to build a 'consent schema' - 20 attributes so far - will circulate for review

  • Issues about Purpose for data processing are not included at this time - the schema is more about the mechanical aspects of description of the data e.g. aspects of revocation

Mark - liaison work

  • Lots of progress at W3C on vocabulary - GDPR-specific profile/extensions
  • EU government group working on Taxonomy for people and businesses
  • NIST "xpress rules", Healthcare IT, FHIR
  • Should establish a bi-monthly or quarterly liaison information sharing call in 2019

Next meeting

*** Next call 2019-01-10 10:30 am Eastern Standard Time / 15:30 GMT

NO CALLS December 27 or January 3

From earlier calls:

  • Andrew has set up a github repo for next-version specification backlog items, including use cases:
  • Some possible items for next versions:
    • Structural changes to the spec including a hierarchy of objects that should improve high transaction volume
    • Integration/association of the new Blinding Identity Taxonomy into the CR Spec family (to inform implementers of potential data categories of interest)
    • Recommendations for Customer Journey / UX / UI features
    • Library of industry-specific or case-specific Purpose categories and example Purpose statements
    • Expansion of Consent Types to allow for more than just Explicit Consent situations
    • (idea) Optional receipt metadata to assist privacy dashboards in organizing and processing 'bring forward' items (e.g. "remind me to check this share in 3 months")
    • product and management have identified six areas for development
      • consent over period of time (rather than instantaneous consent)
      • termination/modification of consent from either side
      • high transaction volume & low per-instance cost
      • how the 'receipt' fits into accounting systems infrastructures
      • receipt as the basis for legal matters and actions
      • UX/UI concerns
    • for Clinical Trials uses, data holder is required to keep data for 10 years - need to consider longevity of the receipts to go alongside data holdings