2021-06-28 Meeting

Call Details

Bi-Weekly on Monday from 09:00-10:00 US PT, 12:00-13:00 US ET, 18-19:00 UTC

Calendar Invitation

Zoom Link

Agenda

This was the agenda of the TF meeting. The notes from the meeting will be updated to the initial agenda.

  1. Welcome (Jan - 5 mins)
  2. Newcomer Introduction
  3. Topics
    1. Overview of the ISO privacy related standards

    2. Discussion how DLT maps to ISO standards

  4. Summary (Jan—5 mins)
    1. Meeting schedule

Meeting Notes

These are the notes from the meeting.



Privacy has a close association on security in ISO standards. The risk assessments are basically built on top of the information security management system, code of practice and assessment. During the call an overview of the different standards was presented by Jan.

In the open discussion a number of questions were raised how standardization in ISO and ToIP could help identify the controls that are required to adopt DLT.

DLT is emphasised for SSI and Digital Identity technology regarding storage and transfer of personal data will be based on or associated with DLT (block chain) whether the data is stored “on-chain” or “off-chain”. This includes PII that is stored and shared (to authorized actors) via “data sharing hubs”, which may be implemented with non DLT storage.Communication in a transaction graph is largely on consent to use of data, data minimization and trust including trust chains/graphs preserving privacy.
Need metadata to govern data minimization, sensitive data, etc. – handled by OCA transforms where required. Will be an issue on provenance.
Provenance ontology definition needed (Christoph)
GDPR – data transfer is a big issue. A major question is privacy compliance when transferring data across parties/ actors that are NOT same jurisdiction. Do they have the same level of assurances, governance, etc.?
A problem with the ISO approach (?) to compliance, is can you demonstrate there is an actual (data) mis-use problem by another jurisdiction vs. a risk.

Participants

Participants (Name / Location / Time zone / Affiliation):


@Jan Lindquist /Stockholm / CET / Linaltec

Burak Serdar/ Denver, CO / MDT
@ Christoph Fabianek / Vienna / CET / OwnYourData
@ Neil Thomson /Ottawa / EST / QueryVision
@ Jim St.Clair