Privacy Level Agreement

Back to discussions
Expand all | Collapse all

PLA WG call - September 15th [Meeting Minutes]

  • 1.  PLA WG call - September 15th [Meeting Minutes]

    Posted Sep 22, 2020 02:44:00 AM
    Dear members,
                               hereby the minutes of our recent call.

    Agenda Items (AIs):

    1. Progress status check on CCPA-GDPR mapping validation exercise and reviewers' findings.
    2. Update on the PLA CoC and its submission to CNIL.
    3. AoB

     

    Participants (6):
    Martim T. Barata
    Paul Benedek
    Lefteris Skoutaris (PM)
    Linda Strick
    Mariusz Trajfacki
    Mark Vinkovits

     

    Meeting Minutes (MMs):

    1. Progress status check on CCPA-GDPR mapping validation exercise and reviewers' findings.
    • Many thanks to Paul, Angell, and Lilian for having completed their validation review since our last call. Pending reviews and new assignments are scheduled for completion by our next call on September 29th.
    • Status of new assignments to the team:
      • Angell Duran: 132 – 138,
      • Paul Benedek: 156 – 167,
      • Mariusz Trajfacki: 188 – 202,
      • Mark Vinkovits: 203 – 217,
      • Parveen Arora: 218-226,
      • Lilian Meyer-Janzek: 227-242.
    • Please notice that the primary objective of the exercise is to validate if the GDPR provisions are to some extend "meeting" the CCPA ones. That is, if some or full portion of a GDPR provision is semantically equivalent within the full or some portion of the CCPA one.
    • During the next 2nd phase of gap analysis -following the current validation exercise-, the teams will be investigating which CCPA portions, in full or partially, are not met by the mapped GDPR provisions. The identified gaps, will signify and the requirements from CCPA that are missing in the PLA CoC.
    • The team is kindly asked to complete their review by our next meeting on September the 29th (AP1).

     

    1. Update on the PLA CoC and its submission to CNIL.
    • Martim provided a status update on the latest developments with respect to the submission of PLA CoC to CNIL for approval.
    • The CNIL published a list of requirements for monitoring bodies that should be addressed by privacy code of conducts, including CSA's PLA CoC.
    • CSA has been working in the past weeks on aligning the PLA CoC with these requirements (specifically within the Governance section of the code). The code has been updated to meet such requirements and will soon be formally submitted.

     

    1. AoB
    • Next call is scheduled for September 29th , 6 pm EEST (5 pm CET / 8 am PST / 11 am EST).

     

    Actions Points (APs)

    AP1: The team is kindly asked to complete their review by our next meeting on September the 29th .

    ----------------------

    Please let me know if anything essential is missed above.

    Looking forward to your findings and discussing those at our next call.

    Best,

    Lefteris


    Important Notice:

    • PLA WG meetings are to be recorded and audio made available to the rest of the group. Please visit the "Data Protection Notice" document, which includes the purposes of use, retention period of audio files, etc.

     

     


     



    ------------------------------
    Eleftherios Skoutaris
    Program Manager
    Cloud Security Alliance
    ------------------------------