Privacy Level Agreement

Back to discussions
Expand all | Collapse all

PLA WG call - June 22nd [Meeting Minutes]

  • 1.  PLA WG call - June 22nd [Meeting Minutes]

    Posted Jun 25, 2021 06:31:00 AM

    Dear members,
                               please find below a summary of the discussions that took place during our recent meeting.

    Agenda Items (AIs):

    1. Specify gap descriptions for CCPA-GDPR mapping & gap analysis exercise
    2. Update on the submission of the Code to CNIL for approval
    3. AoB


    Participants (3):

    Martim T. Barata
    Jorg Rubben
    Lefteris Skoutaris (PM)


    Meeting Minutes (MMs)

    1. Specify gap descriptions for CCPA-GDPR mapping & gap analysis exercise
    • The action point 1 of previous meeting was not met and there are still open pending actions for the group of professionals participating in the exercise,
    • During that call there were two cases identified pertaining to partial gaps and which require further investigation:
      • Case 1: The co-chair team will investigate which 'partial gaps' need to be changed to full gaps, when the full CCPA provision is not explicitly met in GDPR,
      • Case 2: Professionals participating in the exercise are kindly invited to determine the 'partial gaps' in need to be maintained as such, and to document the portion of the CCPA provision not met in GDPR (objective is to copy that CCPA portion under column 'F').
    • Jorg joined the WG call and is interested in contributing to the gap analysis exercise. Lefteris (PM) will contact Jorg and suggest ways of contribution to the CCPA-GDPR mapping exercise (AP1),
    • Professionals (Mark, Paul, Rishabh, Mariusz) that have been working on the mapped CCPA-GDPR provisions highlighted in 'orange' are invited to revisit the exercise and apply either of cases 1 or 2 to the corresponding cells.
    2. Update on the submission of the Code to CNIL for approval
    • CSA received very positive feedback from CNIL with regards to the Code, with an exception of 'data transfers' and few additional requirements that were recommended to be added to the Code. Next step after these requirements integration, there will be a review from the rest of the European DPAs, who will provide their feedback, if any.
    3. AoB
    • Next call is scheduled on July 6th, 6 pm EEST (5 pm CET / 8 am PST / 11 pm EST). 


    Action Points (APs)

    AP1: Lefteris (PM) will contact Jorg and suggest ways of contribution to the CCPA-GDPR mapping exercise.

    Please reach out to me if there are any questions or if you think that something essential is missed above.
    Thank you again for your attendance and support.
    Best regards,
    Lefteris

    ------------------------------
    Eleftherios Skoutaris
    Program Manager
    Cloud Security Alliance
    ------------------------------