ISO/IEC 29184 is published

Dear All,

ISO/IEC 29184 concerns "content and the structure of online privacy 
notices as well as the process of asking for consent to collect and 
process personally identifiable information (PII) from PII Principals"

Some preliminary observations:
1) It uses ISO/IEC terminology, specifically that from ISO/IEC 24760
2) It concerns notices shown during consent interactions online
3) Involves terminology regarding purposes, processing, etc. without 
specification to any individual laws/regulations
4) Provides a description of workflow/dataflow/processes involved in the 
online notice-and-consent mechanism ; including changes to it
5) Annex A contains examples of interfaces
6) Annex B provides example of consent receipt

I *strongly* propose incorporating the standard and its implications 
within the DPVCG - in particular for DPV and establishing how it can 
best provide vocabularies compatible with the standard.


Harshvardhan Pandit, Ph.D
Researcher at ADAPT Centre, Trinity College Dublin

Received on Tuesday, 9 June 2020 14:40:35 UTC