- From: Harshvardhan J. Pandit <me@harshp.com>
- Date: Tue, 9 Jun 2020 15:40:20 +0100
- To: Data Privacy Vocabularies and Controls Community Group <public-dpvcg@w3.org>
Dear All, ISO/IEC 29184 concerns "content and the structure of online privacy notices as well as the process of asking for consent to collect and process personally identifiable information (PII) from PII Principals" https://www.iso.org/standard/70331.html Some preliminary observations: 1) It uses ISO/IEC terminology, specifically that from ISO/IEC 24760 2) It concerns notices shown during consent interactions online 3) Involves terminology regarding purposes, processing, etc. without specification to any individual laws/regulations 4) Provides a description of workflow/dataflow/processes involved in the online notice-and-consent mechanism ; including changes to it 5) Annex A contains examples of interfaces 6) Annex B provides example of consent receipt I *strongly* propose incorporating the standard and its implications within the DPVCG - in particular for DPV and establishing how it can best provide vocabularies compatible with the standard. Regards, -- --- Harshvardhan Pandit, Ph.D Researcher at ADAPT Centre, Trinity College Dublin https://harshp.com/research/
Received on Tuesday, 9 June 2020 14:40:35 UTC