General update (5 min)

@Ain Aaviksoo

Kanban board + Action points from last week

Update from iGrant about the Consent BB Implementation

WP5 has been delivered.

iGrant will focus on developing educational material, aiming to deliver ahead of schedule (by the end of February).

https://github.com/decentralised-dataexchange/bb-consent-docs/wiki/WPs-and-Deliverables

Ain had a presentation from a group that will be involved in the overall training materials development for GovStack, which iGrant needs to receive further specifications from in order to develop the part of the GovStack training that relates to the Consent BB.

The “Consent Agreement => Data Agreement” switch isn’t fully incorporated and is important for the training materials.

Training:

• Philippe only has time next week, is on vacation the week after.

Mini-update on state of API compliance testing (2 min)

@Benjamin Balder Bach

Good news: The iGrant solution has been delivered in a dockerized version which runs our compliance tests.

This means that our setup, including mock application, is mature for continued Gherkin scenario delivery and implementation. However, we need more resources to complete this work.

More WG members

A letter is open for input. Once our goals are established, it can be used to invite more members to the group.

Offline consent

in preparation for next meeting

Notes from previous meeting:

• on-demand consent is perhaps less of a “practical” need for Government use-cases, since government usecases often have a legal basis (legitimate interest/obligation etc)

• Ain notes that it’s the role of the application (not the Consent BB) to produce “on-demand” consent, so the Consent BB supports this scenario, however it does not directly facilitate it.

• We can think of our specification text with the reader in mind. In this case, we can support readers looking to “plug in” the Consent BB in a data transaction in order to guide their understanding towards best-practice consent design and app architecture.

To summarize this, we believe that it’s possible to include “on-demand” consent by describing how an application can use the Consent BB for this scenario. This can be a section in the specification. [immediately after the meeting, this has been captured as a candidate for the FAQ section]

We’ll continue this discussion in the next meeting to cover other aspects of offline consent that are relevant to our immediate roadmap.

Note from original meeting: We had to postpone this. Note that we’re trying to figure out a terminology here. “On-demand” consent was used to emphasize the risks of this kind of thinking, but “offline consent” will help us capture the broader nature. Everyone is encouraged to think about terminology

Consent delegation

skipped

• CON-52: Consent delegationIn Progress

• Where is the relationship between individuals stored?

  • The application is aware of it?

  • Another BB is aware of it?

  • Auditing should be able to verify it

Review necessary Gherkin scenarios to implement

@Benjamin Balder Bach Skipped

CON-15: Create test configuration for Consent Configuration APIsIn Progress