Define PrimaryPurpose field #89
Comments
|
I disagree. There is a hierarchy of purposes. Some data is collected inevitably because of the technology (browser header info for example). This is collected on landing. Some data will be collected because it is necessary to provide a service or because of regulation (booking a flight requires the collect of PNR data for ticket issuance & international security requirements, credit card info for payment and so on). This is collected, presumably after notice. Finally, there is data collection or use that is optional (can we send your marketing, or do you want to fill out a survey. This last will require an opt-in or affirmative button click. That's at least three tiers of collection with differing notice/consent expectations. I note that all of this is a separate issue with the phrase (secondary use). In health for example that often refers to health data used for health research that may be collected regardless of initial consent and notice for research purposes. |
|
@PrivacyCDN any suggestions on a path forward to resolve the issue? |
|
My first inclination is to suggest that a data model would provide a toolset for specifying purposes and their characteristics. If the articulation of a data model is put off to v2, we may be able to do it another way, in prose and diagrams. If we weren't virtual and had access to a room I'd suggest an old fashioned affinity diagram bashing session. |
|
Seems that guidance is needed here, but we purposely kept this a bit vague so we had room to define how to specify purpose. The shining is that if its not a core purpose/primary purpose then its a secondary purpose. This is important because there is a requirement for people to be able to withdraw secondary purposes in context but not withdraw the entire consent.
But, we haven’t thought through what that means for multiple purposes. (Not sure we need to) arguably to know if this works we need to nail down the receipt taxonomy. i.e. each service can have multiple purpose categories and then does the primary purpose (or not) field sit at the category level (which we have now) - personally I think its correct as is -but - maybe an affinity diagram will help?
… On 1 Jun 2017, at 03:28, John Wunderlich ***@***.***> wrote:
My first inclination is to suggest that a data model would provide a toolset for specifying purposes and their characteristics. If the articulation of a data model is put off to v2, we may be able to do it another way, in prose and diagrams. If we weren't virtual and had access to a room I'd suggest an old fashioned affinity diagram bashing session.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub <#89 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AGPq58EusTXXivWSNG9KiyRcdMdXgHOQks5r_iHBgaJpZM4Nr-Eh>.
|
|
We use the PrimaryPurpose field to separate between consent that is to given up front (login, account creation) and consent that is given contextually. Just my two cents :) |
|
@linnhege - can you elaborate on what you mean by "consent that is given contextually". Specifically, what does this look like in practice? |
|
And one last thing to remind people. That is the term 'Secondary Use'. In my experience, this is NOT related to secondary purposes. It is most usually used in a medical setting to access and use data for research that was not collected with a research purpose. My suggested buckets of purposes are:
Bucket 1: Technical necessity. The sole purpose here is to collect/user information for the necessary functioning of a system. e.g. Browser Header Information
Bucket 2: Primary service. The purpose(s) that identify the minimum information that can be collected/used to fulfill the requirements of the service on offer. e.g. User name and password to register on a site
Bucket 3: Other services (to avoid the confusing 'secondary'). The purpose(s) that identify information requested but not required for the service on offer. e.g. a consent directive to allow secondary marketing to the user.
Each of the above buckets could contain a list of 'standard' purposes.
John Wunderlich,
Sent frum a mobile device,
Pleez 4give speling erurz
"...a world of near-total surveillance and endless record-keeping is likely to be one with less liberty, less experimentation, and certainly far less joy..." A. Michael Froomkin
…________________________________
From: dturnerx <[email protected]>
Sent: Friday, June 2, 2017 3:21:37 PM
To: KantaraInitiative/CISWG
Cc: John Wunderlich; Mention
Subject: Re: [KantaraInitiative/CISWG] Define PrimaryPurpose field (#89)
@linnhege<https://github.com/linnhege> - can you elaborate on what you mean by "consent that is given contextually". Specifically, what does this look like in practice?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#89 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ADTJ9n5ZGWGgp0s8npaZfWSfue3UPKF2ks5sAGDBgaJpZM4Nr-Eh>.
--
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager.
This message contains confidential information and is intended only for the
individual named. If you are not the named addressee you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system. If you are not the intended recipient
you are notified that disclosing, copying, distributing or taking any
action in reliance on the contents of this information is strictly
prohibited.
|
|
Bucket 3 should also include 'derived' data which is part of the gdpr
requirements and if a company derives something for a purpose or to a
conclusion, depending, it can have consequences for purposes as well as
other categories such as whether something is sensitive personal data.
…On Fri, Jun 2, 2017 at 1:41 PM, John Wunderlich ***@***.***> wrote:
And one last thing to remind people. That is the term 'Secondary Use'. In
my experience, this is NOT related to secondary purposes. It is most
usually used in a medical setting to access and use data for research that
was not collected with a research purpose. My suggested buckets of purposes
are:
Bucket 1: Technical necessity. The sole purpose here is to collect/user
information for the necessary functioning of a system. e.g. Browser Header
Information
Bucket 2: Primary service. The purpose(s) that identify the minimum
information that can be collected/used to fulfill the requirements of the
service on offer. e.g. User name and password to register on a site
Bucket 3: Other services (to avoid the confusing 'secondary'). The
purpose(s) that identify information requested but not required for the
service on offer. e.g. a consent directive to allow secondary marketing to
the user.
Each of the above buckets could contain a list of 'standard' purposes.
John Wunderlich,
Sent frum a mobile device,
Pleez 4give speling erurz
"...a world of near-total surveillance and endless record-keeping is
likely to be one with less liberty, less experimentation, and certainly far
less joy..." A. Michael Froomkin
________________________________
From: dturnerx ***@***.***>
Sent: Friday, June 2, 2017 3:21:37 PM
To: KantaraInitiative/CISWG
Cc: John Wunderlich; Mention
Subject: Re: [KantaraInitiative/CISWG] Define PrimaryPurpose field (#89)
@linnhege<https://github.com/linnhege> - can you elaborate on what you
mean by "consent that is given contextually". Specifically, what does this
look like in practice?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<https://github.com/
KantaraInitiative/CISWG#89#issuecomment-305886465>, or mute the
thread<https://github.com/notifications/unsubscribe-auth/
ADTJ9n5ZGWGgp0s8npaZfWSfue3UPKF2ks5sAGDBgaJpZM4Nr-Eh>.
--
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager.
This message contains confidential information and is intended only for
the
individual named. If you are not the named addressee you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system. If you are not the intended recipient
you are notified that disclosing, copying, distributing or taking any
action in reliance on the contents of this information is strictly
prohibited.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#89 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ACGyUHt71VPsEDo8MI_fL6JqGT2zKA-dks5sAHNfgaJpZM4Nr-Eh>
.
|
|
See my recent comment on issue #96 included consent for core services vs optional consents. Is Primary Purpose functional equivalent to 'those purposes that are minimally required to deliver the core service'? |
|
If the service requires the purpose then it requires the purpose, whether it is minimally or not. Hence all purposes work in parallel (aside from some niche cases e.g. healthcare research). The underlying issue is whether purpose scope (intentionally) expands beyond what is necessary to provide the service, i.e. purpose creep. I would suggest that this can be tested normatively using ISO 29100 data privacy principles by considering whether a hypothesis definiton would change in different privacy contexts. |
PrimaryPurpose field: This is an undefined term. It is unclear how this field should be used. (On a legal point: under data minimisation principles, should data be collected for secondary purposes? I suspect that the concept of a hierarchy of purposes would not hold much water.)
The text was updated successfully, but these errors were encountered: