OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pbd-se message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [pbd-se] Comment on 2.1 in updated draft

Frederick, +1
There could be a parallel (deliberate, if we wished) with Levels of Assurance (LOA) in the world of trust and authentication - once the specific LOA of a particular service or partner is known, it leaves the service user to choose whether to interact at that level or not. Similarly, different levels of privacy assurance might provide transparency and something more than a simple binary choice of whether a piece of  PbD software is compliant or not.

Sent from a Phone. Apologies for brevity - it's not easy writing on a moving planet.

From: frederick.hirsch@nokia.com
Sent: ‎19/‎06/‎2014 13:06
To: dawn.jutla@gmail.com
Cc: frederick.hirsch@nokia.com; pbd-se@lists.oasis-open.org
Subject: [pbd-se] Comment on 2.1 in updated draft


I took a look at the  "Privacy by Design Documentation for Software Engineers Version 1.0” Working Draft 05 that you distributed (pbd-se-v1_0-wd05.docx).

My primary concern, which I noted on the call and in an earlier email, is how to make this specification practical and useful in cases where it is possible to comply with some but not all of the normative statements.

I believe you addressed my concern by suggesting we might develop a profile or conformance levels as a next step. This is a reasonable approach.

For others who might not easily see it, I quote your Word comment:


In a next version (in Fall perhaps as people break for summer), I am suggesting that the TC does work to provide levels of conformance
so that software organizations can select what subset of PbD principles it reasonably seeks to demonstrate compliance to.  We may
place language in this section to signal such intent.


I also have some nit suggestions that I mentioned earlier that we remove the bullets on future possible work (delete last two bullets in 1.4) and coalesce definitions that are the same in the document (Personal Data/ Personally Identifiable Information (PII)).

Frank may have more to add, but I believe he may be traveling. I am not aware of any other specific concerns, but seeing the document before a vote is helpful.


regards, Frederick

Frederick Hirsch, Nokia

On Jun 18, 2014, at 8:45 PM, ext Dawn Jutla <dawn.jutla@gmail.com> wrote:

> Submitter's message
> The PbD-SE Annex Version 1 is attached as a Committee Note. As a reminder, the slimmed down specification is currently available in Kavi as Working Document Revision 5. Together these two documents form our TC work to date.
> Looking forward to receiving Frank and Frederick's input on Table 2.1 in the Working Draft and to its Conformance Section in upcoming days.
> Cheers, Dawn.
> -- Dr. Dawn Jutla
> Document Name: PbD-SE-Annex Version 1.0
> No description provided.
> Download Latest Revision
> Public Download Link
> Submitter: Dr. Dawn Jutla
> Group: OASIS Privacy by Design Documentation for Software Engineers (PbD-SE) TC
> Folder: Documents
> Date submitted: 2014-06-18 17:45:06

To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]