Meeting minutes
Presentation of DPV at SEMANTiCS
See email https://
Harsh will be presented DPV at SEMANTiCS conference industry track on SEP-14 10:30
Review of updated consent and documentation
See email https://
Concepts and documentation has been updated for existing DPV modules as well as new modules and extensions - rights, consent, risk
Regarding consequences, the concept `ImpactToRights` will have two specialisations regarding Preventing Exercising of Right and Violation of Right.
Adding standards and guidelines for DPV concepts
See email https://
The group agrees that such provision of standards and guidelines associated with DPV's concepts would be useful
The focus would be on ISO standards and relevant guidelines e.g. DPAs, EDPB, etc.
For starting this work, the scope would be to provide a simple listing as proposed in the email and enable contribution e.g. provide some fields that can be populated in a spreadsheet and automated to generate documentation.
The use of these collected information would be to generate different views or documentations, e.g. for a given DPV concepts - what standards and guidelines are relevant; or list of standards and guidelines and what DPV concepts they relate to
Exercising Rights
georg: There is a need for specifying how rights are exercised, where to exercise them, what is provided and what is required. The DPAs would also like to see this implemented.
These can include information about how Subject Access Requests are provided, responded to, etc. The necessary information needed for this is in addition to descriptions of processing - which existing DPV concepts are related to.
One way to implement these is to provide a rights specific vocabulary within the `rights` extension that currently provides EU fundamental rights. This vocabulary can relate to describing how a right is to be exercised or availed of, what information is needed to do so, what information is provided in a response.
The implementation of specific rights, e.g. GDPR's data portability - will be in specific extensions - in this case dpv-gdpr
This can be additional concepts within dpv-gdpr, or guidance on how to implement rights through dedicated pages such as the one to be provided for DPIA
georg: GDPR's Art.10 related to legal basis for public institutions should be added to dpv-gdpr
The concept A10 has been proposed to be added to dpv-gdpr
Next Meeting
We will meet again in one week, AUG-24 13:00 WEST / 14:00 CEST