Ted: apologies for not sending reminder and with daylight savings it will probably just be us
Armin: I have been working to
confirming that LPL conforms to GDPR
... we have worked on anonymization, pseudonymization and
privacy models and workflow for these elements
... the sampling problem could be expressed similarly
... my idea is we might collect some sampling methodologies and
derive a common data model for it
... for each data+purpose we can define sampling that was
applied
... some data is aggregated for example
... I have been thinking about the access control parts based
on your (Ted) and my conversation on how to apply within
vehicle on Linux head unit
... handling who can use the data, we can accomodate without
modifying LPL
... we can have different services defined with different
recipients
... the research I'm doing also includes the UI part
... we are using real data privacy policies and so far it is
working out. LPL requirements are being built out
... we can do this in a web interface and created a library in
JSP
... next goal would be to write down some of the new
requirements coming from the group and show you how I would
integrate them into LPL
Ted missed part asks clarification
Armin: pseudonymization is
replacing name with a token
... unsure if there are some privacy descriptions we can
analyze better
Ted: we can reach out to our OEMs as they probably have some even publicly available
Armin: the public ones are a bit vague, we would want the more internally used ones
Glenn: we have identified some
streams of use cases that would be preselected for example, eg
the driver might authorize a garage to have some data
access
... there may be new cases to evolve over time and wonder how
we can handle them
Armin: there will be two cases we
would need to look at
... one would require full consent and purpose would need to be
defined, added to the policy policy and user would need to be
notified and asked to provide consent
... asking them for additional consent does not have to be
integrated within policy language framework, it could be
handled out of bounds over email for example
... the other would be a new use case that is part of an
existing model, a sub-use case...
... LPL has the functionality to layer policies, you would
define this subpurpose and if the use agreed to the higher
purpose the consent will convey over
Glenn: in automotive application environment, I am unsure how that would be handled
Armin: you can trust a notification on the app itself. within an infotainment system you would present the user with the new purpose you want them to consent to
Ted: a third party application when installed on the car would explain data usage and prompt owner/operator to provide conssent
Glenn: can LPL accomodate this?
Benjamin: we need concrete examples even if with fake data on how we create, update and manage the consent
Ted: I have a question on my new vocabulary word pseudonymization, how does GDOR apply with this since it is non-attributable to an individual?
Armin: you do this by having a
mapping of the token and the original identifier, the trusted
person can be reidentified and assert theirs rights
... you can also destroy the data about that identity
Ted: GDPR presumably doesn't provide revokation for anonymized data, does it for pseudonymizated?
Armin: there is no revokation requirements on anonymized data, pseudonymization is still connectible based on this mapping so rights and claims still apply
Ted: we should see if one of our OEM would consider providing us with a more detailed policy to play with LPL
Ted provides a rambling overview on workshops at W3C, program committee, timeframe (September), reviews potential scope which includes topics this task force has been exploring, requests feedback, suggestions on who to engage and how people can participate
Ted: goal of the workshop would be to see if there is interest in forming a new Working Group on Transportation Data. Some of the issues we have been exploring would make sense there while this task force would likely continue to convene on automotive centric aspects
Glenn: Dr. Dan Massey from
University of Colorado and I spoke and he is interested and
will follow up by email
... there is a great deal of interest on intermodal trip
profiles from SmartCities and it might be useful for looping in
smart phones for that data, CCC
Ted: very open to collaboration and
avoiding competing efforts in favor of ones that could
compliment
... it has been some time since I have spoken with anyone from
CCC
... forget the earlier topic (see F2F minutes?) but recall Patrick
who used to be involved with them reached out to see if it was
just a problem statement or work actually taking place and it was
the former at the time
Glenn: context them came up in
was with Irdeto (former W3C member as well but not involved in
Automotive) who is a member of CCC but unsure if it has
progressed
... we have a street scooter project, in addition to other
vehicles, and might be able to come up with use cases for
intermodal trips
... there is no attachment of individuals as they move from one
mode of transportation to another
Ted: this has me thinking back to Armin's pseudonymization tokens. That identifier can potentially be shared with other data collection services along with consent to cross reference
Armin: you would need some trusted partner to handle the mapping
Ted: what if I as the user gets the token back themselves and then able to provide consent to another party to be able to deem it their identifier with additional parties either for storing information or dereferencing it?
Armin: that is a possibility...
Glenn: that would make sense with especially with a smart phone
action Ted to reach out to OEM for policy
<trackbot> Created ACTION-29 - Reach out to oem for policy [on Ted Guild - due 2019-03-28].
Next steps:
Armin: please put me on the mailing list for this workshop as I'm interested from privacy part
Ted: will do, I have list name in mind but haven't created it yet nor scheduled the next brainstorming sesssion