[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Fwd: [pbd-se] Summary of NIST - PRIPARE confcall July 16th, 2015
From: Ann Cavoukian <ann.cavoukian@ryerson.ca>
Date: July 21, 2015 at 9:15:27 AM EDT
To: Antonio kung <antonio.kung@trialog.com>
Cc: "pmrm@lists.oasis-open.org" <pmrm@lists.oasis-open.org>, "pbd-se@lists.oasis-open.org" <pbd-se@lists.oasis-open.org>
Subject: Re: [pbd-se] Summary of NIST - PRIPARE confcall July 16th, 2015
Hi Antonio,Many thanks for this, and great work!Please let me know if I can facilitate your proposed discussion between NIST and France's CNIL -- I know Naomi very well, as well as my colleague Isabelle (head of the CNIL).Kind regards,Ann
Ann Cavoukian, Ph.D.Executive Director,The Privacy and Big Data InstituteRyerson UniversityDear all,
PRIPARE had a conference call on July 16th, 2015 with NIST to present NISTIR 8062 and PRIPARE work (slides attached). The slides fomr NIST were presented by Naomi Lefkovitz. We pointed out that some of PRIPARE comments on NISTIR8062 were integrated in the feedback document prepared by John.
See below the summary I sent to NIST. My feeling is that NIST is rather open to collaborate on improvements of their report.
Cheers
Antonio
Le 21/07/2015 12:28, Antonio kung a écrit :
Dear all,
Thanks for a very informative confcall. It was interesting to understand the rationale behind the NIST work. I guess the risk focus of the NIST work is complementary to the design focus on the PRIPARE work.
Some remarks made during the confcall:
- Terms such as predictability, manageability, dissassociability are quite important. I hope that some convergence will take place in the future (for instance compared to unlinkability, transparency, intervenability in another proposal)
- In a privacy-by-design process, these three privacy engineering objectives would be refined into operational requirements (using for instance OASIS PMRM)
- Impact in the privacy risk equation is actually business impact. Bur business impact factors results from problematic data actions which can cause potential problems for individuals (slide 17 from NIST presentation)
- UPM has proposed a contribution in PRIPARE to operationalise requirements (from principles, to guidelines, to criteria)
ISO/IEC JTC1/SC27/WG5 has started a study period on privacy engineering of one year. Results will be presented in October 2015 in Jaipur, India and then in May 2016 in Tampa. NIST slides perhaps with some comments could be submitted to ISO. PRIPARE will also prepare a contribution.
I also suggested to organise a discussion between CNIL and NIST. I will contact them.
Cheers
Antonio Kung
Coordinator PRIPARE
-----Original Appointment-----
From:
Sent: Thursday, July 09, 2015 10:36 AM
To: Brooks, Sean W.; Lefkovitz, Naomi B.; Notario McDonnell, Nico; "José M. del Álamo"; Yod Samuel Martin; Christophe Jouvray; Antonio kung; Lightman, Suzanne
Cc: Dever, James (US - Arlington); Soutar, Colin (US - Arlington)
Subject: IPEN wiki on privacy standards
When: Thursday, July 16, 2015 10:00 AM-11:30 AM (UTC-05:00) Eastern Time (US & Canada).
-- _________________________________________________________________________ TRIALOG 25 rue du general Foy F-75008 Paris http://www.trialog.com Tel : 33 (0) 1 44 70 61 00 Direct : 33 (0) 1 44 70 61 03 Fax : 33 (0) 1 44 70 05 91 mailto:antonio.kung@trialog.com _________________________________________________________________________ -- Software Engineering Focused on Embedded Systems Technology -- -- Connectivity Solutions for Embedded Systems -- _____________________________________________________________________ The information contained in this transmission, which may be confidential and proprietary, is only for the intended recipients. Unauthorized use is strictly prohibited. If you receive this transmission in error, please notify me immediately by telephone or electronic mail and confirm that you deleted this transmission and the reply from your electronic mail system. _____________________________________________________________________<NIST PrivEng Presentation 7.6.15.pdf><PRIPARE_Slides_Discussion_NIST.pdf>
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]