Fwd: dpvcg-ACTION-68: consent elements from Harshvardhan J. Pandit on 2019-04-04 (public-dpvcg@w3.org from April 2019)

From: Harshvardhan J. Pandit <me@harshp.com>
Date: Thu, 4 Apr 2019 10:29:11 +0100
To: public-dpvcg <public-dpvcg@w3.org>
Message-ID: <2a7f7c0f-ebf6-a85d-b591-6a2c81f47d66@harshp.com>

File did not get attached in previous email

-------- Forwarded Message --------
Subject: 	dpvcg-ACTION-68: consent elements
Resent-Date: 	Tue, 12 Mar 2019 05:47:03 +0000
Resent-From: 	public-dpvcg@w3.org
Date: 	Tue, 12 Mar 2019 05:45:26 +0000
From: 	Mark@OC-2 <mark@openconsent.com>
To: 	public-dpvcg <public-dpvcg@w3.org>
CC: 	Bud Bruegger <uld613@datenschutzzentrum.de>, Harshvardhan J. Pandit 
<harshvardhan.pandit@adaptcentre.ie>

HI DPVC (and Rigo),

We have produced a set of consent elements, and have them attached here 
in a document that needs a bit of introduction/guidance before reading. 
   A part of this task has been working though process and I bring the 
additional goal of interoperability, which we defer as a topic for the 
future.

As a result, Harsh, Bud and I have worked on a little bit of  guidance 
as well as suggestions for moving discussion and review forward. This is 
as follows;

*Guidance*

1. First, the document attached can be confusing if we do not explain 
that this document uses another specification that provides a base set 
of consent fields (minimum consent receipt) that are common to most/all 
jurisdictions. As a result, a  part of the document attached is not 
relevant for review.  For this reason -  we have highlighted the 
sections that are *not required to be reviewed* by the CG at this time.

2. The minimum  consent receipt specification was generated in an 
identity management (IdM)  community, this is important because IdM is a 
required component to consent and its management. This is why in this 
GDPR specification we have focused on being very clear about the 
identities of the parties involved in the recorded consent interaction 
and the delegation of consent to another party.

3. The minimum spec, has place/fields for Vocabulary Categories being 
worked on in DPVC, this means we can use this format to test the 
vocabulary, appended to the spec is a schema example

*Suggestions to progress this work: *

-  We Suggest - progressing this work using GitHub - putting only the 
relevant fields in the GitHub wiki, and then to track issues or 
questions about consent elements using Github - where we can all discuss 
a single issue in a single thread, related to a single consent element. 
(Note: we already have a couple of issues to add - once we get going, 
and perhaps this would make a review easier )
- add a task, once review has happened, for feeding back to the Kantara 
WG, and to include the difference between definitions and taxonomy of 
GDPR consent elements and minimum viable specification - with the view 
that Kantara WG would update the specification.

Best Regards,

Mark, Bud & Harsh

Attachments

application/vnd.openxmlformats-officedocument.wordprocessingml.document attachment: DPVC-Draft_GDPR_Consent_Spec_v.1.docx
text/html attachment: Attached_Message_Part

Received on Thursday, 4 April 2019 09:30:07 UTC