OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pmrm message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [pmrm] FW: Draft Summary Nov 17 ANSI VTAG privacy con call

You all know that I believe we should have a recommended list of privacy policy subjects for both CSPs and RPs, e.g., opt in, informed consent, default do-not-expose, protect data at rest and in motion, etc for CSPs and minimum data draw, protect data at rest and in motion, etc for RPs.
The Management part of PMRM needs a Policy part to hook on to.
Regards,
Peter
Sent from my mobile device. My cell phone # is 240-507-7107.

From: Michael Willett <mwillett@nc.rr.com>
To: pmrm@lists.oasis-open.org <pmrm@lists.oasis-open.org>
Sent: Fri Nov 26 16:26:50 2010
Subject: [pmrm] FW: Draft Summary Nov 17 ANSI VTAG privacy con call

FYI: Notice the important distinction in the paragraph below:

 

 “Distinction should be made between principles and methods for protecting privacy

 

That could be the ‘mantra’ of the PMRM TC, which focuses

on translating principles INTO “methods” (read: Services)!

 

In this context, “methods” may even be understood to mean the mechanisms

used to realize a given Service.

 

Michael

 

From: Saadat, Lauren [mailto:Lauren.Saadat@DHS.GOV]
Sent: Tuesday, November 23, 2010 12:44 PM
To: IDSPPRIVACY@MAILLIST.ANSI.ORG
Subject: Re: Draft Summary Nov 17 ANSI VTAG privacy con call

 

Our apologies that we were unable to make the call last week and that these comments are coming in a bit late.  If there is still room for consideration, we offer the following for ANSI Input for Draft Recommendations for current and potential future ISO work

(Document(s):  ISO/TMB/PSC N0051):

 

While we certainly support the implementation of PIAs as a best practice and in accordance with our laws, we’re concerned about the proposal to establish the PIA as a privacy standard.  Distinction should be made between principles and methods for protecting privacy.  PIAs, like privacy by design, which is mentioned later in the notes, are just one method of implementing privacy principles.  Principles should provide a concept to abide by and can be implemented through various means.  Including specific methods as principles might create precedence for other methods, (independent DPAs, for example) to be established as standards as well.   Additionally, we’re concerned that incorporating a specific method, such as PIAs or privacy by design, into a principle will limit possibilities for further innovation of future methods of privacy protection. 

 

Additionally, could you please add Nicole McGhee, copied here, to the listserv for this group? 

 

Thanks,

 

Lauren Saadat

Director, International Privacy Policy

DHS Privacy Office

703-235-0773

From: owner-idspprivacy@MAILLIST.ANSI.ORG [mailto:owner-idspprivacy@MAILLIST.ANSI.ORG] On Behalf Of James McCabe
Sent: Thursday, November 18, 2010 3:13 PM
To: IDSPPRIVACY@MAILLIST.ANSI.ORG
Subject: Draft Summary Nov 17 ANSI VTAG privacy con call

 

Dear ANSI virtual TAG privacy members,

 

Attached is a summary of our con call yesterday.

 

Best regards,

 

Jim McCabe
Senior Director, Consumer Relations and IDSP
American National Standards Institute
25 West 43rd Street, 4th Floor
New York, NY  10036  U.S.A.
1-212-642-8921; Fax: 1-212-840-2298
jmccabe@ansi.org

 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]