Meeting minutes
Purpose Refinements
We discussed the purposes and refinements to descriptions.
All descriptions have been prefixed with the phrase "Purposes associated with ..." to indicate that the description is that of a broad category rather than a rigid, fixed, specific criteria that must be satisfied.
The accompanying text will clarify this, and also indicate how to select the appropriate purposes - multiple where necessary - to accurately indicate the intended purposes for an use-case.
We discussed proposed purposes. Starting with `IdentityAuthentication`, we discussed how this is distinct from `IdentityVerification` and whether it falls under `EnforceSecurity` along with specific technical measures. This is also to avoid replicating lots of technical measures as purposes.
We discussed `FulfilmentOfObligation` as a purpose, of which the existing `LegalCompliance` is a subtype.
Other subtypes are `FulfilmentOfContractualObligation` and `EstablishContractualAgreement`. These have been accepted to indicate whether a purpose is necessary or required by some obligation mechanism i.e. legal compliance or contractual obligations.
Right Exercise
We discussed the resolution of rights exercise concepts from previous meeting. There were no issues or new discussions, therefore we accept the proposed concepts.
One change made to the proposal was regarding the term `RightExercise` which was used to provide information about how to exercise a right. Instead, this has been renamed to `RightExerciseNotice` to make clear its role in providing information, and distinguish it from `RightExerciseActivity` and `RightExerciseRecord` as other concepts.
DPV v1 release
We had originally planned for DPV to be released around NOV-15, which is next week.
Therefore all concepts that have been accepted till today are included in v1, with everything else put as proposed for continued development.
This means DPV, DPV-PD, and DPV-GDPR will be published as v1 as they are deemed to be stable with no outstanding major issues.
DPV-TECH and DPV-LEGAL are not going to be published as v1, but will be continued to improve until a stable v1 is reached.
For the rest of concepts which have not been included in DPV (e.g. Data Breach), we will insert a note to the effect of their future consideration to show awareness.
Volunteers to assist in the release process should help with providing diagrams (see DPV spec), contribute writing (see sections in DPV specs), and review existing writing for correctness and completeness (see DPV specs). Any other form of assistance is also welcome.
Next Meeting
We will meet again in 1 week, on NOV-16 WED 13:00 WET / 14:00 CET.
The topic will be finalising DPV v1 release.