Meeting notes from September 22, 2014
From IDESG Wiki
9/22/14 Privacy Requirements Working Group Meeting Notes
- Jennifer Behrens
- Jeff Brennan
- Sean Brooks
- David Bruggeman
- Jessica Esparza
- Edmund Jay
- Naomi Lefkovitz
- Ann Racuya-Robbins
- Stuart Shapiro
- M.A. Signorino
- Steve Stoporoff
- Jim Zok
FTC – New Requirement Discussion
- FTC (represented by Stoporoff) concerned with retroactive application of a new data use. Before material changes happen, consumers should have to opt-in.
- Difference between informed and affirmative consent. Often affirmative consent requires users to opt-in or lose access. What happens if they don’t agree?
- Will continue discussing via email for one more week. Will dedicate 10 min. of next meeting to closing discussion if necessary.
Functional Requirements Development
- From now on Sean will send bare bones language Friday before PRWG call.
- Should stick to language that is meaningful to the specific function. Can strike language that states the requirements with reference to that function.
- May add more specific requirement re: data aggregation if this issue comes up in use cases.
- Change text guidance to check marks if function does apply, NA if it doesn’t.
- May wish to clarify boundaries between attributes and personal information at some point. May add a statement to indicate attributes we’re discussing are personal info.
Functional Requirements Edits
- Requirement 1: All functions applicable.
- Requirement 2: All functions applicable.
- Requirement 5: Application NA, remaining 3 functions applicable.
- Requirement 6: Further explanation needed (text proposed but undecided) for attribute control, attribute verification, and eligibility decision.
- All will continue discussing FTC’s language via email
- Will dedicate 10 min of next week’s meeting to conclude.
- Next week will return to discussion of access and correction HL requirement for registration.
- Sean will post meeting notes and updated document to the wiki.