[KI-LC] GDPR and Kantara approach question

Mark OCG m.lizar at openconsentgroup.com
Tue Feb 28 16:55:45 CST 2017


Hi Andrew, 

This is all bit vague. Not clear from what perspective Kantara should be inclined to ‘do something’ for the GDPR. 

As you may or may not be aware Data Protection and Data Control mitigate each other in terms of risk and liability.  GDPR is fundamentally about data protection. Standards address risk and liability in different ways. 

It is conceivable that Kantara could have a program that spans this space - but not sure if a GDPR centric approach would achieve such a result.   Perhaps evaluating how Kantara efforts relate to GDPR might be fruitful?  A little survey perhaps? 

Is there a deeper insight/motivation missing from this email ? 

Mark Lizar
CEO Open Consent Group


> On 28 Feb 2017, at 21:53, Andrew Hughes <andrewhughes3000 at gmail.com> wrote:
> 
> I'm not sure if we need a DG or not - there are some very specific things about GDPR (and lots of analysis everywhere)
> 
> I'm also hoping that this will bring new faces to the table. 
> On Tue, Feb 28, 2017 at 1:52 PM Ken Dagg <kendaggtbs at gmail.com <mailto:kendaggtbs at gmail.com>> wrote:
> As much as I don't want to spread Kantara's thin participative resources thinner I think that your suggestion of a new WG makes sense. A new WG would enable a keen focus on GDPR without the distraction of what the other WG's are attempting to achieve. Does it make sense to start with a DG to identify what things need to be done and in what order or is that the first task of the WG?
> 
> Ken
> 
> 
> On Tue, Feb 28, 2017 at 4:14 PM Andrew Hughes <andrewhughes3000 at gmail.com <mailto:andrewhughes3000 at gmail.com>> wrote:
> Hi LC and (some) Board of Directors...
> 
> I've been wrestling with how Kantara would best serve the community with respect to GDPR.
> 
> Many of the WGs have work products and knowledge that is relevant to GDPR topics. But whenever I try to think about what it would mean to ask for GDPR-specific work inside any particular WG I hit mental roadblocks.
> 
> So, how does this different approach sound to you all:
> 
> Start a WG whose goal is to build a 'Kantara GDPR Toolkit' comprised of guidance, profiles of selected standards, pointers to useful analysis reports (inside and outside of Kantara), and other technical or recommendation stuff.
> 
> It would help ease the tension between addressing the near term demands to 'do something' for GDPR and help to harness the bits and pieces of work inside and near Kantara. It would possibly avoid distracting the WGs from their main work products that are for the longer term.
> 
> Looking for opinions and alternative views on this please
> 
> andrew.
> _______________________________________________
> LC mailing list
> LC at kantarainitiative.org <mailto:LC at kantarainitiative.org>
> http://kantarainitiative.org/mailman/listinfo/lc <http://kantarainitiative.org/mailman/listinfo/lc>
> -- 
> Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091kendaggtbs at gmail.com <mailto:kendaggtbs at gmail.com>
> -- 
> Andrew Hughes CISM CISSP 
> Independent Consultant
> In Turn Information Management Consulting
> 
> o  +1 650.209.7542
> m +1 250.888.9474
> 1249 Palmer Road,
> Victoria, BC V8P 2H8
>  <>AndrewHughes3000 at gmail.com <mailto:AndrewHughes3000 at gmail.com> 
>  <>ca.linkedin.com/pub/andrew-hughes/a/58/682/ <http://ca.linkedin.com/pub/andrew-hughes/a/58/682/>
> Identity Management | IT Governance | Information Security 
> 
> _______________________________________________
> LC mailing list
> LC at kantarainitiative.org <mailto:LC at kantarainitiative.org>
> http://kantarainitiative.org/mailman/listinfo/lc <http://kantarainitiative.org/mailman/listinfo/lc>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/lc/attachments/20170228/e7607e7f/attachment.html>


More information about the LC mailing list