Meeting Notes

Roll Call

• Mark Lizar / Toronto, Canada / EDT / Open Consent Group  
• Salvatore D'Agostino / Boston, MA, USA / EDT / Open Consent Group  
• Ken Adler (Deactivated)  / Oakland, CA, USA / PDT / ThoughtWorks   
• Paul Knowles / Basel, Switzerland / CET / Human Colossus Foundation    
• Jim StClair / Biloxi, MS, USA / CDT / Lumedic  
• Former user (Deleted) / Stockholm, Sweden /CET / Linaltec
• Ken Adler (Deactivated) / Oakland, CA, USA / PST / ThoughtWorks  
• John Walker / Bay Area, CA, USA / PST / SemanticClarity, CCI  
• Scott Whitmire / Scottsdale, AZ, USA / MST / Mayo Clinic  

Topics

• Verified Credential Mapping 
• AdvCIS 1.2 Update  (focussed specifically on GDPR)
  • Consent Notice
    • Types of Notice Receipt (each type is tied to a GDPR Legal Justification)
      1. Directed Explicit Consent Notice Receipt
         • pre-defined consent
      2. Explicit Consent Notice Receipt
         • opt-in
      3. Implicit Consent Notice Receipt
         • consent based on action like walking through a door or filling a form
      4. Initial Consent Notice Receipt
         • based on PII principals and consent to use and automated decision making
         • include risks
      5. Legitimate Interest Notice Receipt
         • regular legitimate interest
      6. Not a Legal Notice
         • lack information for a legitimate notice receipt
      7. Contract Notice Receipt
         • needed for legal compliance to data subject
      8. Legal Notice Receipt
         • legal obligations to government
      9. Emergency Notice Receipt
         • vital interest of a data subject
      10. Public Notice Receipt
          • public interest for official authority
      11. Code of Conduct
          • operational risks

Use Case Form - iterate - 

• List of Cases 

Non-Use Case  TF Planning -Tasks

• Starting here ( to Frame  Roadmap & Tasks Deliverables )
  • Minimum - Utility Conformance Use Case - for OCA to test assumptions in schema application 
• Assumptions List: (for Unified Data Control Vocabulary:
• Open Notice Schema Creation Assumptions - 
  • what does open source mean? 
• OCA - Trans-Domain Overlaying -
  • translating notice with OCA with legal information overlay comparison - does Legal field and meaning translate with OCA - (basic legal semantics - what is the quality of legal translation ) 
  • Does - legal to genetic to legal work best ?  is there an alternative ?  e.g. legal to legal? 
  •  ontology profiles - (separate from overlay profiles) ? 
• • Glossary for OCA for doing OPN schema work 
    •  
• Test Assumptions / Use Cases with a generic  template for identifying the Receipt Type Profile for the use case

• Planning Roadmap 
  • OCA- Generic Notice Schema
    • Base PII - Overlay as default - 
  • Flows
•  Profile Types -
  • GDPR Notice to Base PII to (another Legal Jursidiction - CCPA) 
  • CoE 108+ 
• Topics
  • Ontology / Legal Semantic Vocab Types

• Data subject rights 
  • profiling them 

Chat from the call

From Me to Everyone: (5:35 PM)

Hello

From Mark Lizar to Everyone: (5:35 PM)

https://lf-toip.atlassian.net/wiki/pages/viewpage.action?pageId=22972053

From Me to Everyone: (5:36 PM)

https://lf-toip.atlassian.net/wiki/pages/viewpage.action?pageId=22972053

From Jim StClair to Everyone: (5:40 PM)

"catastrophic consent" :)

From Scott Whitmire to Everyone: (5:43 PM)

@Jim: That sounds ominous :-)

From Jim StClair to Everyone: (5:44 PM)

LOL +1

Sorry, which Confluence site is this?

From Mark Lizar to Everyone: (5:47 PM)

This is the AdvCIS - Wiki - which is the OpenConsent Workgroup — focused just on this spec work — this specification is contributed to Kantara

We are working n this wiki to become a resource

From Jim StClair to Everyone: (5:48 PM)

Thanks Mark! Open to join?

From Mark Lizar to Everyone: (5:48 PM)

Yep -

From Sal D'Agostino to Everyone: (5:50 PM)

transparency enabling as well

From Jim StClair to Everyone: (5:50 PM)

Could you throw the link in chat? Google took me to the Kantara wiki

From Mark Lizar to Everyone: (5:50 PM)

Sure.

From Scott Whitmire to Everyone: (5:51 PM)

We’re just a tiny step away from generic virtual contracts, with all of the legal frameworks that come with them.

From Jim StClair to Everyone: (5:59 PM)

Hey, we're not recording :(

From Mark Lizar to Everyone: (6:00 PM)

https://openconsent.atlassian.net/wiki/spaces/AD/overview?homepageId=791150670

From Jim StClair to Everyone: (6:08 PM)

Would the receipt ID have a DID?

From Mark Lizar to Everyone: (6:13 PM)

Yes this is what we are specifiying here

From Jim StClair to Everyone: (6:15 PM)

+1

This could support a TSS I think

From Me to Everyone: (6:33 PM)

https://lf-toip.atlassian.net/wiki/display/HOME/Identity+and+Verifiable+Credential+Risks

From Jim StClair to Everyone: (6:35 PM)

Is anybody else here besides me in the Governance WG or Trust Assurance TFs

From Sal D'Agostino to Everyone: (6:36 PM)

no here

From Me to Everyone: (6:36 PM)

Not me

From Scott Whitmire to Everyone: (6:36 PM)

I am in the Governance WG.

From Jim StClair to Everyone: (6:37 PM)

yes you are!

Scott, this is good input/guidance to coordinate with "other" Scott

From Scott Whitmire to Everyone: (6:38 PM)

Yes, it is.

From Jim StClair to Everyone: (6:43 PM)

Love this, but gotta drop