Notes from 2015-12-4 Legal Subgroup Call

Expectations:

Understanding the intent and structure as relates to protocol so I can translate into business needs and real world policy. The Binding Obs assumes you understand the protocol.

From the C&IS WG perspective, wanted to understand what the roles are going to look like to ensure that there's no accidental blockages between Consent and UMA.

Doing the first draft of User-Submitted Terms on C&IS WG - both human and machine readable-terms. Set up for an App / Browser to assert terms. Meant to be very simple as opposed to W3C DNT. Users may not understand the difference between terms determine access vs. determine use so want to coordinate with UMA. If a resource is PII many jurisdictions would not understand the difference.

Model Clauses layout is a reasonable approach for the deliverables. Jurisdiction matters (Canada, Europe, US). Common Accord: like the idea, but some can't do "experimental".

Parties in the model clauses could / would be combined in most practical cases.

The call adjourned at 11:30.

Attending:

Andrew

Thomas

Mary

John

Ann

On Fri, Dec 4, 2015 at 12:23 AM, Adrian Gropper <agropper@healthurl.com> wrote:

Fri Dec 4 8-9am PT
Voice: Skype: +99051000000481 or US +1-805-309-2350 (international dial-in lines), room code 178-2540#
Screen sharing: http://join.me/findthomas - NOTE: IGNORE the join.me dial-in line shown here in favor of the dial-in info above (Kantara "line C" and the Skype line)
UMA calendar: http://kantarainitiative.org/confluence/display/uma/Calendar

Limits of delegation: Breach liability "safe harbor", audit, and notice when resource servers accept dynamic registration of a resource-owner specified authorization server.
AOB

--

Adrian

Adrian Gropper MD

PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/