Dear members,
please find below a summary of the discussions that took place during our recent meeting.
Agenda Items (AIs):
- Progress status check on CCPA-GDPR mapping validation exercise and reviewers' findings.
- Discussion with Giulio and Yves for conducting a mapping between the Swiss data privacy law and the PLA CoC
- AoB
Participants (6):
Paul Benedek
Martim T. Barata
Giulio Faini
Yves Gogniat
Lefteris Skoutaris (PM)
Mariusz Trajfacki
Meeting Minutes (MMs):
1. Progress status check on CCPA-GDPR mapping validation exercise and reviewers' findings.
- The WG has completed the CCPA-GDPR mapping validation exercise and left its comments next to each pair of mapped articles/provisions,
- The co-chair's team that conducted the mapping exercise has read the comments and replied black (see highlighted text under column "I"),
- Provided feedback is highlighted using yellow and red colors, to denote agree/disagree to comment respectively,
- Professionals are kindly invited to revisit the highlighted cells and comment back to the input provided by the co-chair's team (AP1). Discussion will follow during the next PLA WG call.
- Each professional is kindly invited to reply under column "J" of the mapping tool, next to the corresponding highlighted cell.
2. Discussion with Giulio and Yves for conducting a mapping between the Swiss data privacy law and the PLA CoC
- Giulio and Yves shared with the group their interest in proceeding with conducting a mapping and gap analysis between the Swiss data privacy law and the PLA CoC and asked for possible means of collaboration with the PLA WG.
- The recommended approach proposed is similar to that of the CCPA-PLA CoC mapping. That is, to conduct a mapping between the Swiss law and the GDPR, and then substitute the GDPR-PLA CoC equivalent requirements.
- Martim proposed to the team to carry on with the mapping activity and in 2 months' time to touch base with the WG for further planning.
- Lefteris has shared with the team CSA's tool that is used in the mapping and gap analysis exercises.
3. AoB
- Martim informed the group that CSA is expecting to receive feedback from the DPAs to update the Code of Practice. The team is awaiting of such feedback, in order to infer the amount of changes that will need to be introduced to the PLA CoP (i.e., the main set of privacy controls).
- Martim and Lefteris agreed to schedule a meeting with Paolo to plan ahead for next year's activities of the PLA WG.
Actions Points (APs)
AP1: Professionals are kindly invited to revisit the highlighted cells and comment back to the input provided by the co-chair's team.
Please let me know if I have missed to include something essential from our meeting.
Looking forward to your contributions by our next meeting.
Best regards,
Lefteris
------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------