Hi Ridwan,
As mentioned the PLA WG is working on a new initiative that includes reviewing of the CCPA (The California Consumer Privacy Act) provisions as amended by the CPRA (The California PrivacyRights Act) and at the same time performing a gap analysis with the GDPR and the CSA Code of Conduct.
Here the CCPA provisions are separated and marked in different colours.
- The green cells mark the CCPA provisions that didn't change after the CPRA amendments,
- The yellow ones are the controls that have slightly changed and been updated,
- The red cells mark the new provisions that have been added and are in the need of a mapping exercise with the GDPR.
As a first step we need to:
1. To review and vote whether (agree or disagree) the red cells marked as 'Out-of-Scope' (for GDPR) are indeed so, or offer the opposite argument (Column G).
2. For the red cells that are in-scope, to perform a gap analysis for columns D and E.
- E.g. Row 203: For 'Adv+Marketing', find the corresponding provision under GDPR, and fill it in column D, (use as another example to this one of the green cells that have the GDPR provision already filled in there). If there is no correspondence with GDPR, mark it as N/A.
- In column E include the 'Type of the provision', e.g. Definition and Procedures.
- In order to avoid double work in the same row, each reviewer includes their name next to the row they are working on, in column C. (e.g. Mark Vinkovits, one of the volunteers, has done for the controls he has chosen)
We have a bi-weekly call where we meet and discuss shortly any questions and feedback, and everything else is shared in our Circle community space.
To sum up: Are points 1 and 2 something you could help us with? If yes, you can start right away and I can help you along the way.
Anything else you might need, please let me know.
Kind regards,
Marina
------------------------------
Marina Bregkou,
Senior Research Analyst,
CSA
------------------------------
Original Message:
Sent: Jun 12, 2023 04:40:48 AM
From: Marina Bregkou
Subject: CSA is calling for Privacy Contributors!
Hi Ridwan,
Thank you for your text and interest.
I always post a reminder the day before of the call here in Circle or at the latest, some hours before the WG call.
Depending on the setting you have, you may either get the messages immediately as they are posted or the next day as daily digest, etc.
I am adding you to the google invites so that you get the placeholder in your calendar.
I always also send a Google Calendar reminder a day before the meetings too.
You should receive the calendar notification and I am sending you (in a personal email) and a post here (for others who might be interested), the action item that we need help with in the PLA WG.
Any other question, or concerns you might have, please don't hesitate to let me know.
Kind regards,
Marina
--
Marina BregkouSenior Research Analyst
Cloud Security Alliance
This e-mail account is used only for work-related purposes; it is not guaranteed that any correspondence sent to this address will be read by the addressee only, as it may be necessary, under certain circumstances, for third parties appointed by the Cloud Security Alliance to access this e-mail account. Please do not send any messages of a personal nature to this address.
Original Message:
Sent: 6/11/2023 3:13:00 PM
From: Ridwan Badmus
Subject: RE: CSA is calling for Privacy Contributors!
Hello Marina,
I am interested in contributing to this task.
I also wanted to confirm if you sent reminders for the Privacy Level Agreement meetings. If not, is it possible to set up a Google Calendar reminder a day before the meetings? I can volunteer to do this if that's feasible. I only see the updates here a day after the sessions.
I look forward to your helpful response.
Thank you.
Best,
Ridwan
------------------------------
Ridwan Badmus
Legal Associate/Privacy Specialist and CTO
Oguntoye & Oguntoye LP
Original Message:
Sent: Jun 06, 2023 08:46:56 AM
From: Marina Bregkou
Subject: CSA is calling for Privacy Contributors!
CSA is looking for additional help for our new initiative, from privacy experts.
The task is to review the CCPA (The California Consumer Privacy Act) as amended by the CPRA (The California Privacy Rights Act ) and perform a gap analysis with the GDPR and the CSA Code of Conduct.
If interested in helping out, please reach out to me, or [email protected]
Kind regards,
Marina
------------------------------
Marina Bregkou,
Senior Research Analyst,
CSA
------------------------------