RE: Another agenda item for Boston


While I agree that we should have some time to discuss the Global Considerations document and Rigo's efforts in that area, I don't believe it's worthwhile for the group to review a suggestion to align with a draft regulation that is already undergoing significant change since your original proposal (trying to hit a moving target prematurely).  Let's save that conversation for mailing list and/or a call to sort through the details (especially as we see the draft regulation slow its rate of material change).  Fair?

- Shane

From: Mike O'Neill []
Sent: Wednesday, February 06, 2013 10:13 AM
To: Peter Swire; 'Matthias Schunter (Intel Corporation)'
Subject: Another agenda item for Boston

Hi Peter, Matthias

Can we have an item on the agenda for Boston to discuss European compliance issues and the suggestions in the API I submitted on 29th (action-346 also attached to this).

I think this is very relevant to the compliance debate on de-identification in view of the requirement for an "automatic mechanism" for signalling consent for pseudonymous identifiers called for in the draft GDPR. It is also important to address issues arising from third-parties operating in different jurisdictions from the first-party data controller, which will occur often. This is especially important for us in Europe because the compliance spec. may have different descriptions of such things as permitted use and differentiate between first and third parties in a way incompatible with European data protection law.



Received on Wednesday, 6 February 2013 17:20:21 UTC