OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pbd-se message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [pbd-se] Summary of NIST - PRIPARE confcall July 16th, 2015


Hi Antonio,

Many thanks for this, and great work!

Please let me know if I can facilitate your proposed discussion between NIST and France's CNIL -- I know Naomi very well, as well as my colleague Isabelle (head of the CNIL).

Kind regards,
Ann

Ann Cavoukian, Ph.D.
Executive Director,
The Privacy and Big Data Institute
Ryerson University

On Jul 21, 2015, at 9:05 AM, Antonio kung <antonio.kung@trialog.com> wrote:

Dear all,

PRIPARE had a conference call on July 16th, 2015 with NIST to present NISTIR 8062 and PRIPARE work (slides attached). The slides fomr NIST were presented by Naomi Lefkovitz. We pointed out that some of PRIPARE comments on NISTIR8062 were integrated in the feedback document prepared by John.

See below the summary I sent to NIST.  My feeling is that NIST is rather open to collaborate on improvements of their report.

Cheers

Antonio

Le 21/07/2015 12:28, Antonio kung a écrit :
Dear all,

Thanks for a very informative confcall. It was interesting to understand the rationale behind the NIST work. I guess the risk focus of the NIST work is complementary to the design focus on the PRIPARE work.

Some remarks made during the confcall:
  • Terms such as predictability, manageability, dissassociability are quite important. I hope that some convergence will take place in the future (for instance compared to unlinkability, transparency, intervenability in another proposal)
  • In a privacy-by-design process, these three privacy engineering objectives would be refined into operational requirements (using for instance OASIS PMRM)
  • Impact in the privacy risk equation is actually business impact. Bur business impact factors results from problematic data actions which can cause potential problems for individuals (slide 17 from NIST presentation)
  • UPM has proposed a contribution in PRIPARE to operationalise requirements (from principles, to guidelines, to criteria)

ISO/IEC JTC1/SC27/WG5 has started a study period on privacy engineering of one year. Results will be presented in October 2015 in Jaipur, India and then in May 2016 in Tampa. NIST slides perhaps with some comments could be submitted to ISO. PRIPARE will also prepare a contribution.

I also suggested to organise a discussion between CNIL and NIST. I will contact them.

Cheers

Antonio Kung
Coordinator PRIPARE


-----Original Appointment-----
From:
Sent: Thursday, July 09, 2015 10:36 AM
To: Brooks, Sean W.; Lefkovitz, Naomi B.; Notario McDonnell, Nico; "José M. del Álamo"; Yod Samuel Martin; Christophe Jouvray; Antonio kung; Lightman, Suzanne
Cc: Dever, James (US - Arlington); Soutar, Colin (US - Arlington)
Subject: IPEN wiki on privacy standards
When: Thursday, July 16, 2015 10:00 AM-11:30 AM (UTC-05:00) Eastern Time (US & Canada).



--
_________________________________________________________________________

TRIALOG
25 rue du general Foy
F-75008 Paris
http://www.trialog.com

Tel   : 33 (0) 1 44 70 61 00  Direct : 33 (0) 1 44 70 61 03
Fax   : 33 (0) 1 44 70 05 91
mailto:antonio.kung@trialog.com
_________________________________________________________________________
    -- Software Engineering Focused on Embedded Systems Technology --
            -- Connectivity Solutions for Embedded Systems --
_____________________________________________________________________
The information contained in this transmission, which may be
confidential and proprietary, is only for the intended recipients.
Unauthorized use is strictly prohibited. If you receive this
transmission in error, please notify me immediately by telephone
or electronic mail and confirm that you deleted this transmission
and the reply from your electronic mail system.
_____________________________________________________________________
<NIST PrivEng Presentation 7.6.15.pdf>
<PRIPARE_Slides_Discussion_NIST.pdf>

---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]