Page Comparison

Kanban board + Action points from last week

skipped

• Consent BB Spec 2.0 scoping (to be cont’d)

General update (5 min)

skipped

Acknowledge the progress of DDX solution

Ain Aaviksoo

From the working group’s point of view, we observe great progress in the solution and our only main concern is around testing (see next agenda item)

Testing

We need more resources in order to implement Gherkin scenarios for the test harness. The group cannot solve this task on a voluntary basis. However, the work is straight-forward and non-blocked. It requires work hours.

2024 - known and not known

GovStack’s roadmap in 2024 hasn’t been presented, there are uncertainties and ongoing discussions.

Important discussions before end-of-year

• Finishing the definition discussion from last week’s meeting

  • Outcomes: Ain can update the specification text. We want to be clear about what kind of “consent” that the BB is targeting. Is it a general fits-all model or GDPR, and if not fully GDPR, then how does it comply.

  • Discussions and decisions need to be archived.

• Current DDX consent solution:

  • Philippe: How can the context in which the consent is made be recorded?

  • We need to know more from use-cases about what data is used for.

  • Can we list out gaps in endpoints and schemas related to the way the DDX UI works?

  • How does current Consent UX guidelines align with DDX UI?

• Working group resources with respect to some larger topics should be put into question.

Jira backlog tidying

Offline consent

postponed to next meeting

We had to postpone this. Note that we’re trying to figure out a terminology here. “On-demand” consent was used to emphasize the risks of this kind of thinking, but “offline consent” will help us capture the broader nature. Everyone is encouraged to think about terminology

UI/UX feature in DDX Spec

Should we add this to Consent BB spec too?

Consent delegation

skipped

• Jira Legacy
  server System JIRA serverId f5c6bdaf-d23e-347d-a1e8-579e20a81dda key CON-52

• Where is the relationship between individuals stored?

  • The application is aware of it?

  • Another BB is aware of it?

  • Auditing should be able to verify it

Review necessary Gherkin scenarios to implement

Benjamin Balder Bach Skipped

Spec 2.0: Unfolding new roadmap items

Skipped

New issues

sasi

parked for future meeting

• What do we expect other BBs that call Consent-BB to store?

• When do we like to use Consent-BB and when do we not expect this? (This should also be know to the auditor.)

Discussion: How shall we address such matters, which do not fit into specification format?