Privacy Engineering in Context + Relational Integrity
From IIW
Privacy Engineering In Context + Relational Integrity
Wednesday 9L
Convener: Cameron Boozarjomehri (@cboozar) & John Wunderlich (@PrivacyCDN)
Notes-taker(s): Doug Hawake
Tags for the session - technology discussed/ideas considered:
- - Interesection of Relationship & Identity
- - Expectations & Limits of Sharing
- - Role Context plays in sharing & identity
P7002 Functional & Non-Functional Reg for Privacy
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
- - Problems:
- - Privacy is hard to tack down
- - Want to understand context when looking at identity
- - Relationship declared on Blockchain Agnostically
- - How to define software relationship that implement constraints of real-world relationships
- - Discussion:
- - Delegation on limited context
- - Data should include reference of “ownership”
- - Data schemas are often mixed/adhoc
- - Notice and choice are critical to context
- - What is consent in a given context?
- - Open Question: How do you define scope of authorization?
- - “Just In Time” Notifications: improve transparency by only requesting permissions in the context of the purpose that defines the need for the authority
- - What is the context for enabling others to act on behalf of a data subject in a limited context?
- - Context for privacy and sharing is understood through the perspective of the endpoint/consumer
- - Purpose od use should be as clear as possible
- - Norms that define context are often implicit, meaning communicating them to consumers can cause confusion
- - Historically it was understood we only get 1 chance to give notice and get consent for privacy expectations in the context of a product or piece of software.
- - This won’t be valid in the future
- - Consider the “Just in Time” model where consent is given only when that feature desmans a specific (not yet provided) permission
- - Misc:
- - For more on John’s work with P7002 go to: http://sites.ieee.org/sagroups-7002/
- - Cameron hosts a podcast on unexpected implications of technology (among other things) found at http://smallstuff.show/
Notes transcribed by Cameron Boozarjomehri on John’s Computer