Meeting notes from November 10, 2014: Difference between revisions

From IDESG Wiki
Jump to navigation Jump to search
m (1 revision imported: Initial Upload of old pages from IDESG Wiki)
 
(No difference)

Latest revision as of 04:02, 28 June 2018

11/10/14 Privacy Requirements Working Group Meeting Notes

Attendees

  • Jennifer Behrens
  • Doug Blough
  • Sean Brooks
  • Deb Deiner
  • Jessica Esparza
  • Jim Fenton
  • Ryan Galluzzo
  • Edmund Jay
  • Naomi Lefkovitz
  • Ellen Nadeau
  • Ann Racuya-Robbins
  • Stuart Shapiro
  • Jim Zok

Meeting Notes

Process

  • After completing registration column, PRWG will begin a horizontal progression (beginning on the credentialing column).
  • Sean will continue to develop sample text before each meeting.

Functional Requirements Edits

  • Requirement: “Where individuals make choices regarding the treatment of their information (such as to restrict particular uses), those choices shall be automatically applied to all parties downstream from the initial transaction.”
    • Registration: Organizations must provide a technical mechanism to bundle individuals' privacy choices along with attributes, and have mechanisms to ensure other parties who receive those attributes abide by those choices.
    • As a default, mechanism means both technical & policy. Clarification required if text is specifying one type of mechanism.
  • Requirement: “Organizations shall, where feasible, utilize identity solutions that enable transactions that are anonymous, anonymous with validated attributes, pseudonymous, and/or uniquely identified.”
    • Registration: Attributes should only be collected and verified to the extent necessary to make the relevant eligibility decision.

Provide the opportunity for attributes to be released as claims as well as the actual values of attributes.

    • Discussed including language around risk or level of confidence, but above text was chosen because it’s simpler. However, “eligibility decision” isn’t as explicit.
    • Second half of registration text is part of attribute control.
  • Requirement: “Organizations will request individuals’ credentials only when necessary for the transaction and then only as appropriate to the risk associated with the transaction or only as appropriate to the risks to the parties associated with the transaction.”
    • Registration: Not Applicable.
  • Requirement: “Participation in the Identity Ecosystem shall be voluntary.”
    • Registration: Individuals shall have the opportunity to decline registration or release of attributes.
    • Important to consider how this is presented to users; Ann will bring this to UXC.

Requirements for Discussion Next Meeting

  • Requirement: “Privacy controls should be situated as low in the technology stack as possible.”
    • Registration: Privacy controls are mechanisms that mitigate privacy risk. These may overlap with security controls.
  • Requirement: “Organizations shall clearly indicate to individuals what personal information is mandatory and what information is optional prior to the transaction.”
    • Registration: If information is requested from users during registration that is beyond the minimum necessary to complete the Eligibility Decision, that information should be clearly marked as optional. That optional designation should include a short and clear description justifying the request of that data.
    • If an organization requests to release attributes during a transaction that are the beyond the minimum necessary to complete that transaction, that release should be clearly presented as optional/a choice. That optional designation should include a short and clear description justifying the release of that data.
    • If information or attribute release is designated as mandatory, that designation should include a short and clear description of the consequences of declining to provide that information or allowing that release.
  • Requirement: “Controls on the processing or use of individuals' information shall be commensurate with the degree of risk of the processing or use.”
    • Registration: Thorough risk analysis must be conducted to establish what risks to exist to individuals' privacy. Controls implemented shall directly address, and be proportional to, the risks they are meant to mitigate.

Actions

  • Group will continue down registration column at next meeting (11/17).
    • Will begin discussion with above 3 requirements and drafted requirements sections.