2024-01-12 - Weekly Update

About this document: Agenda and notes are kept in the same document, a separate copy of the document is maintained for each meeting. Please add agenda points before the meeting. Action items created in previous meeting and all other unresolved action items are kept in the document. Please tick off any completed items.

Meeting link: https://meet.google.com/rsf-cqaq-eyq ordinary starting time at 07:45 UTC / 09:45 CET / 13:15 IST

Attendees

  • @Ain Aaviksoo (meeting facilitator) (present)

  • @Benjamin Balder Bach (note keeper) (present)

  • @Lal Chandran (present)

  • @PSRAMKUMAR (present)

  • @Philippe Page (present)

Meeting Notes

Agenda

Presenter

Discussion

Agenda

Presenter

Discussion

General update (5 min)

@Ain Aaviksoo

Ain has presented to the TC that we can contribute on a voluntary basis, but we need more clarity about the future of the BB and Govstack.

Ramkumar shares that some structures will accommodate to smaller team sizes. Ramkumar reflected on the general situation with lots of global conversations coming together shouldn’t stall development of the BB.

Kanban board + Action points from last week

 

Ain proposes that we keep the current structure of the Kanban board. There are certain items marked as “in progress” and the group agrees that they are all in progress.

Update from iGrant

 

Sandbox integration WP3 is ongoing, and the Sandbox integration is ready. Only the documentation is needed.

Test compliance is being worked on now, too.

WPs and Deliverables

UI/UX and specification

@Lal Chandran

Lal: We should define key UI components and make comments to this proposal.

We need the UI/UX guidelines to be factually correct and introducing consent at the right level. Readers (application designers, architects etc) will understand the Consent BB often with this entrypoint.

We can supply sequence diagrams of API calls to support UI/UX diagrams. Govstack’s value will be quite obvious if the user can move easily from UI/UX wireframes to API implementation.

Requirements for DDX has included UI. It seems unclear if UI/UX is part of the Consent BB.

A “Data Agreement” is very specific about what the UI should do, as well as the Privacy Dashboard.

Noting a clear consensus in the meeting around having a Privacy Dashboard

Spec 2.0

@Ain Aaviksoo

Ain motivated the changes and we agreed to continue discussing the text in writing.

Offline consent

in preparation for next meeting

Notes from previous meeting:

  • on-demand consent is perhaps less of a “practical” need for Government use-cases, since government usecases often have a legal basis (legitimate interest/obligation etc)

  • Ain notes that it’s the role of the application (not the Consent BB) to produce “on-demand” consent, so the Consent BB supports this scenario, however it does not directly facilitate it.

  • We can think of our specification text with the reader in mind. In this case, we can support readers looking to “plug in” the Consent BB in a data transaction in order to guide their understanding towards best-practice consent design and app architecture.

To summarize this, we believe that it’s possible to include “on-demand” consent by describing how an application can use the Consent BB for this scenario. This can be a section in the specification. [immediately after the meeting, this has been captured as a candidate for the FAQ section]

We’ll continue this discussion in the next meeting to cover other aspects of offline consent that are relevant to our immediate roadmap.

Note from original meeting: We had to postpone this. Note that we’re trying to figure out a terminology here. “On-demand” consent was used to emphasize the risks of this kind of thinking, but “offline consent” will help us capture the broader nature. Everyone is encouraged to think about terminology

Consent delegation

skipped

Review necessary Gherkin scenarios to implement

@Benjamin Balder Bach Skipped

CON-15: Create test configuration for Consent Configuration APIsIn Progress

New Action Items

@Benjamin Balder Bach sync up with Steve about writing/implementing test scenarios (happens after this meeting)
@Ain Aaviksoo will move forward with a suggestion for how to add Privacy Dashboard in the spec

Action Items from previous meetings

@Ain Aaviksoo consider if the decision to have “external ID” and “external ID type” referencing Individuals is relevant for the Key Desicion Log (if it’s not already there)
@Benjamin Balder Bach Prepare fixtures review for Lal

 

Decision