-
Notifications
You must be signed in to change notification settings - Fork 57
Meeting minutes
Code committers and Data curators meet once a month, usually on the second Wednesday of the month, to discuss various work items for the Data Protection Mapping Project. All meetings are recorded. Below are meeting minutes and meeting recordings in sequential order.
Meeting started wed. 3/4 from 9AM to 10AM CET Attendance: Alex Li; Benjamin Wong; Jieying Chng; Lanx Goh; Eric Lachaud
1.Submisssion acceptance 1.1 Accepted by default:
Laws and public regulation Internationally recognized rules (OECD privacty guidelines) 1.2 Acceptance to be discussed depending on the content
codes of conduct International and national standards Internal rules an certification requirements 1.3 Rejected by default
Standards, rules or regulation refering to personal certification requirements Standards, rules or regulation not refering to privacy matters IAPP submission The submission is rejected unanimously
NIST submission The submission is accepted unanimously
Other submissions to come CSA, PLA and TBD in the following months
Minors technical changes All the minors changes presented by Alex Li have been accepted
Purposes of the project
This topic has to be clarified in the following weeks/months Alex Li works on it and comes back with proposals Eric Lachaud suggests to open contributions to different mapping for the same reglations/standards to improve accuracy of the tool Next meeting 8th April 2020 at 9AM PST
Data Protection Mapping Project Meeting #2 Date: April 8th, 2020 Time: 0900 Pacific Time Attendance: Lanx Goh, Eric Lachaud, Benjamin Wong, Alex Li
NIST Privacy Framework: To be discussed in detail at next meeting; all data currators will review mapping posted on Teams NIST Cybersecurity Framework: Data curators agreed to use the existing mapping between NIST Cybersecurity Framework and ISO/IEC 27001 from NIST without modification CSA PLA: To be discussed at next meeting Encouraging additional Mapping: all agreed to use their network in privacy community to encourage more mappings to be posted Technical updates to the tool: several intended improvement including accessibility for users with disabilities, language localization, improve display sizing flexibility, visual appeal, and adding annotation to lines between regulations and ISO 27701; will prompt Linkedin community for input. Resignation of Jieying: No additional code committer is needed at the moment. Meeting concluded at 09:47 Pacific Time Next meeting: May 13, 2020 0900 Singapore Time
Minutes meeting #4 6/10/2020
- Alex Li
- Lanx Goh
- Eric Lachaud
A. UI/Functionality improvement
- Improvements presented by Alex are adopted
- Lanx stressed maybe too much colours on the screen -> colour scheme should be simplified
- Eric proposed to offer additional capacities to the end users
- Hide ISO's sections and subsections in the mapping result
- Export the cross-reference done on the screen in Excel format
- Alex will study feasibility with the technical team -> The topic will be re-discussed during the next meeting
B. Mapping Indian regulation
- The mapping review will be split in 3 equal sets between Alex Lanx and Eric
- Alex sends the article range to review by Lanx and Eric
- The review is due by the end of June
- Another week will be used beginning of July to check colleagues' review -> assignments have still to be done
C. GDPR national variations
- The proposal is not acceptable as such
- It requires a direct mapping with ISO's provisions
- Lanx comes back to his contact (who introduced the request) with the committee's feedback and proposal
Attendance: Eric Lachaud, Lanx Goh, Benjamin Wong, Alex Li
Date/Time: July 22nd, 0900 Pacific Time
PDPB submission review. All disputes resolved over the call. Alex will reconcile all comments and create a single spreadsheet within 7 days. Lanx will correspond with the submitter. Lesson learnt from the exercise: Triage future submissions into equitable workload between curators instead of simplistic division in sequential order.
NIST Cybersecurity Framework, ISO/IEC 27001 and 27002 update into the tool.
Date/Time: Aug 19th, 2020; 0900 Singapore Time Attendance: Lanx Goh, Alex Li
PDPB submission review: Attached is the final comment on PDPB. Lanx, please send it to Sandhya and thank her for the hard work. Please also let her know that we will use the new notation feature to explain the nuance. I will clean up the data and upload it to the tool shortly and create a Linkedin post to acknowledge Sandhya’s contribution.
Other businesses: We talked a bit about where we should try to get more data contribution. We agreed to make a short list of regulations that we want to add and reach out to the corresponding local chapters of IAPP to solicit volunteers. We also talked a bit about mapping with trust marks, such as the one from Singapore. There is no objection against such submission. But regulations remains our primary focus.
Meeting on wed.9/8 from 9AM to 10AM CET Attendance: Alex Li, Benjamin Wong, Lanx Goh, Eric Lachaud
- Additional regulations 1.1 Accepted one
- Thailand
- New Zealand
- Philippines
-> Alex reach out local IAPP correspondent if any
1.2 Possible candidates
- Texas
- Florida
- Japan -> Alex checks whether an english version is available -> to be discussed next meeting
- Indonesia
- Argentina
- Colombia -> Lanx checks whether an english version is available -> to be discussed next meeting
- Morocco
- Tunisia
- Egypt -> Eric checks whether an english version is available -> to be discussed next meeting
- Survey
- Add optional field to leave contact email to be involved in the project
- Add optional field to leave free comments
- Once updated -> the questionnaire will be deployed in Linkedin -> First feedbacks to be discussed during next meeting
- Improvements
- Export mapping result in Excel Format -> Benjamin assesses feasability
- Hide section and subsection titles in mapping result -> Benjamin assesses feasability
-
To be discussed during next meeting