[WG-P3] P3-PF Agenda: May 12, 2011

Mark Lizar mark at smartspecies.com
Wed May 11 15:40:26 EDT 2011


The Privacy Framework Sub-Committee of the Privacy and Public Policy  
working group of the Kantara Initiative will hold its next telecom  
this Thursday (Friday in Asia/Pacific)
08:00 PT / 11:00 ET / 16:00 UTC/GMT / 01:00 +1 day Japan / 05:00 + 1  
day New Zealand

Skype: +9900827043671716 - Room Code: 3671716

Agenda

1. Roll Call
2. F2F Meeting
3. Privacy Framework Scope
4. AOB

Below is a summary of PF going forward, scope and F2F topic ideas.


Privacy Framework Going Forward

P3 and Kantara, are clearly at a privacy cross-roads. Kantara is  
ideally poised to benefit from bold initiatives to provide internet  
scale privacy assurance and to bridge the gap in diverse communities  
between legal-privacy policy and federated identity management with a  
Kantara certification.

UMA and the ISWG propose radically different approaches to the current  
management of personal and sensitive information.  The IAF provides  
the pioneering infrastructure for Identity Assurance on the Internet.   
A privacy framework that can provide a method of assurance and an  
understanding of the privacy benefits of Kantara efforts is clearly  
required by ICAM and NSTIC as well as the international policy and  
regulatory communities.  Furthermore a certification can be developed  
to provide an anchor for existing privacy efforts to extend privacy  
and trust online.  An anchor created by producing a certification that  
can be designed to have the full legal weight of the international and  
regulatory policy communities behind it.

The TFMM-WG effort provides impetus for this collaboration as to  
provide a central picture of effort inside and out of Kantara.  P3  
Scope is to underline that need and requirement for a privacy approach  
and how this approach provides us with a clear opportunity.  This is  
an opportunity to rally a collaborative Kantara Initiative that can co- 
ordinate and educate a better framework of Trust.

Of course there are significant challenges that need to be faced, this  
is not the easiest activity to undertake, but as Colin has very aptly  
pointed out these are green fields that are now accessible to us as a  
community to collaborate in.

In line with these challenges here is an update to the scope already  
presented.

Privacy Framework Scope

Produce a Privacy Framework (comprised of privacy principles) for  
Kantara that provides a Privacy Assurance Framework/Profiles for  
integration with IAF and that can be used to assert the privacy  
assurance of efforts in the ISWG and UMA.

The PF is exploring the development of privacy profiles that can  
anchor credentials and attributes as to integrate technical privacy  
rules for the recipient and privacy assurance in the use of the  
credential from the provider.

In order to facilitate this Scope and the P3 rallying call to action  
at the imminent face to face meeting in Berlin please review this PF  
Scope.

Below is the schedule for the F2F meeting, In which we have a list of  
topics and suggestion that we can discuss in the F2F Tuesday meetings.

Topics:

1. Socialise the PF effort with UMA, ISWG, IAF and others WG's
2. P3 to discuss the privacy aspects from IAF, UMA, ISWG as to provide  
a description of the privacy components and to outline initial  
understanding of privacy service assessment criteria
3. Discuss a re-write of the IAF into a PAF with the IAWG with a goal  
of encorporating the IAF infrastructure as the core foundation for the  
development of PAF
4. Extrapolate from these two efforts an outline of a Privacy Profile  
Requirements for input into the P3 Privacy Framework Process
5. Submit these assurance requirements in to the analysis of a Privacy  
Principles and discovery at P3
6. Develop a draft of a privacy profile from the Privacy Assurance  
Framework for the use of Attributes using a use case. (HIPPA was  
mentioned again as the first use case)  (Note: Interesting observation  
that health data across the internet has no privacy or regulatory  
protection, )



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/wg-p3/attachments/20110511/110f1bb5/attachment.html 


More information about the WG-P3 mailing list