-
Notifications
You must be signed in to change notification settings - Fork 27
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ec80997
commit 7fa3251
Showing
3 changed files
with
143 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| 20:08:55 <RRSAgent> RRSAgent has joined #dpvcg | ||
| 20:09:03 <harsh> Scribe: harsh | ||
| 20:09:10 <harsh> Meeting: DPVCG Meeting Call | ||
| 20:09:13 <harsh> Chair: harsh | ||
| 20:09:23 <harsh> Present: harsh, delaram, ted georg, beatriz | ||
| 20:10:04 <harsh> Regrets: iain, tytti | ||
| 20:09:37 <harsh> Date: 21 FEB 2024 | ||
| 20:09:50 <harsh> Agenda: https://www.w3.org/events/meetings/31f00434-f01b-431d-a9d9-4ef690dd7c6d/20240221T150000/ | ||
| 20:09:57 <harsh> Meeting minutes: https://w3id.org/dpv/meetings | ||
| 20:10:04 <harsh> purl for this meeting: https://w3id.org/dpv/meetings/meeting-2024-02-21 | ||
| 20:10:04 <harsh> Topic: Age Verification | ||
| 20:10:04 <ghurlbot> https://github.com/w3c/dpv/issues/128 -> Issue 128 Add dpv:AgeVerification as a purpose concept (by besteves4) | ||
| 20:10:04 <harsh> accepted concept | ||
| 20:10:04 <harsh> Topic: GDPR Rights Justifications | ||
| 20:10:04 <ghurlbot> https://github.com/w3c/dpv/issues/63 -> Issue 63 Add Right Non-fulfilment Justifications for GDPR’s rights (by besteves4) | ||
| 20:10:04 <harsh> beatriz: okay with the structure, but more rights and justifications - discussion on whether/how we model them. | ||
| 20:10:04 <harsh> beatriz: (email FEB-16) going through the mentioned rights to see justifications, going through GDPR for more justifications. Article 34 - some justifications there as well for Communication of a personal data breach to the data subject. Article 23 - right to be informed about restrictions. Article 27. We don't have anything from Article 78 and 79 - judicial rememdies. Article 22-3 “the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision. | ||
| 20:10:04 <harsh> georg: Article 34(3) has justifications for why the breach was not communicated. These are justifications used in compliance but do not need to be communicated. So we should | ||
| 20:10:04 <harsh> georg: Article 23(3-h) - what is the justification here? | ||
| 20:10:04 <harsh> beatriz: Should we model the 'right' mentioned here? | ||
| 20:10:04 <harsh> \ discussion - no, this is a right as in the implementing act in national law | ||
| 20:10:04 <harsh> beatriz: Adding Art. 77-79 as 3 three additional rights to GDPR extension. | ||
| 20:10:04 <harsh> georg: Art.22.3 “the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision”? | ||
| 20:10:04 <harsh> harsh: 22-1 is the right, 22-3 refers to the same right | ||
| 20:10:04 <harsh> georg: 22-2 is the three justifications for 22-1 | ||
| 20:10:04 <harsh> harsh: 22-3 and 22-4 are specific restrictions on the justifications in 22-2, so we don't necessarily need them as separate justifications - we can wait for case law and AG opinions to evaluate our interpreations are correct before we model them e.g. 22-4 can be justifications for use of special categories | ||
| 20:10:04 <harsh> Topic: AI Act | ||
| 20:10:04 <ghurlbot> https://github.com/w3c/dpv/issues/106 -> Issue 106 Propose concepts from the AI Act (by coolharsh55) | ||
| 20:10:04 <harsh> delaram: these are concepts from Article 3, the rest of the Act is to be modeled | ||
| 20:10:04 <harsh> georg: post from Dr. Laura who is Senior Policy Advisor at EU Parliament comparing AI Act and GDPR in terms of no of articles and recitals https://www.linkedin.com/posts/dr-laura-caroli-0a96a8a_aiact-activity-7166016973645037568-pA4A?utm_source=share&utm_medium=member_desktop | ||
| 20:10:04 <harsh> delaram: definitions are not expected to change, clause numbering may change. Working on AIRO and VAIR at the moment, to be added here (AI Act extension) once that is done. | ||
| 20:10:04 <harsh> harsh: where do we put them in DPV vocabularies? How do we proceed? Do we take AI Act? Or go through specific topics e.g. putting AI in deployment? | ||
| 20:10:04 <harsh> delaram: would be better to look at all related concepts together in one place | ||
| 20:10:04 <harsh> beatriz: does AI system go in tech? | ||
| 20:10:04 <harsh> delaram: yes, the general concept will go in tech and the AI Act specific definition will go into the AI Act extension | ||
| 20:10:04 <harsh> harsh: interested in Annex III high-risk clause analysis, and connecting it with GDPR's DPIA. Tytti is also doing this kind of work and would be interested in this. | ||
| 20:10:04 <harsh> Topic: Next Meeting | ||
| 20:10:04 <harsh> \ Next meeting will be in 1 week, on WED FEB-28 15:00 WET / 16:00 CET. | ||
| 20:10:04 <harsh> \ Topics for discussion are updates on DPV v2, github repo and issues, rights exercise, discussion on AI Act, and Tech/AI vocabulary. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,103 @@ | ||
| <!DOCTYPE html> | ||
| <html lang=en> | ||
| <head> | ||
| <meta charset=utf-8> | ||
| <title>DPVCG Meeting Call – 21 FEB 2024</title> | ||
| <meta name=viewport content="width=device-width"> | ||
| <link rel="stylesheet" type="text/css" title="2018" href="https://www.w3.org/StyleSheets/scribe2/public.css"> | ||
| <link rel="alternate stylesheet" type="text/css" title="2004" href="https://www.w3.org/StyleSheets/base.css"> | ||
| <link rel="alternate stylesheet" type="text/css" title="2004" href="https://www.w3.org/StyleSheets/public.css"> | ||
| <link rel="alternate stylesheet" type="text/css" title="2004" href="https://www.w3.org/2004/02/minutes-style.css"> | ||
| <link rel="alternate stylesheet" type="text/css" title="Fancy" href="https://www.w3.org/StyleSheets/scribe2/fancy.css"> | ||
| <link rel="alternate stylesheet" type="text/css" title="Typewriter" href="https://www.w3.org/StyleSheets/scribe2/tt-member.css"> | ||
| </head> | ||
|
|
||
| <body> | ||
| <header> | ||
| <p><a href="https://www.w3.org/"><img src="https://www.w3.org/StyleSheets/TR/2016/logos/W3C" alt=W3C border=0 height=48 width=72></a></p> | ||
|
|
||
| <h1>DPVCG Meeting Call</h1> | ||
| <h2>21 FEB 2024</h2> | ||
|
|
||
| <nav id=links> | ||
| <a href="https://www.w3.org/events/meetings/31f00434-f01b-431d-a9d9-4ef690dd7c6d/20240221T150000/"><img alt="Agenda." title="Agenda" src="https://www.w3.org/StyleSheets/scribe2/chronometer.png"></a> | ||
| </nav> | ||
| </header> | ||
|
|
||
| <div id=prelims> | ||
| <div id=attendees> | ||
| <h2>Attendees</h2> | ||
| <dl class=intro> | ||
| <dt>Present</dt><dd>beatriz, delaram, harsh, ted georg</dd> | ||
| <dt>Regrets</dt><dd>iain, tytti</dd> | ||
| <dt>Chair</dt><dd>harsh</dd> | ||
| <dt>Scribe</dt><dd>harsh</dd> | ||
| </dl> | ||
| </div> | ||
|
|
||
| <nav id=toc> | ||
| <h2>Contents</h2> | ||
| <ol> | ||
| <li><a href="#t01">Age Verification</a></li> | ||
| <li><a href="#t02">GDPR Rights Justifications</a></li> | ||
| <li><a href="#t03">AI Act</a></li> | ||
| <li><a href="#t04">Next Meeting</a></li> | ||
| </ol> | ||
| </nav> | ||
| </div> | ||
|
|
||
| <main id=meeting class=meeting> | ||
| <h2>Meeting minutes</h2> | ||
| <section><p id=x008 class=summary>Meeting minutes: <a href="https://w3id.org/dpv/meetings">https://<wbr>w3id.org/<wbr>dpv/<wbr>meetings</a></p> | ||
| <p id=x009 class=summary>purl for this meeting: <a href="https://w3id.org/dpv/meetings/meeting-2024-02-21">https://<wbr>w3id.org/<wbr>dpv/<wbr>meetings/<wbr>meeting-2024-02-21</a></p> | ||
| </section> | ||
|
|
||
| <section> | ||
| <h3 id=t01>Age Verification</h3> | ||
| <p id=x011 class=bot><cite><ghurlbot></cite> <strong><a href="https://github.com/w3c/dpv/issues/128">Issue 128</a></strong> Add dpv:AgeVerification as a purpose concept (by besteves4)</p> | ||
| <p id=x012 class=summary>accepted concept</p> | ||
| </section> | ||
|
|
||
| <section> | ||
| <h3 id=t02>GDPR Rights Justifications</h3> | ||
| <p id=x014 class=bot><cite><ghurlbot></cite> <strong><a href="https://github.com/w3c/dpv/issues/63">Issue 63</a></strong> Add Right Non-fulfilment Justifications for GDPR’s rights (by besteves4)</p> | ||
| <p id=x015 class="phone s01"><cite>beatriz:</cite> okay with the structure, but more rights and justifications - discussion on whether/how we model them.</p> | ||
| <p id=x016 class="phone s01"><cite>beatriz:</cite> (email FEB-16) going through the mentioned rights to see justifications, going through GDPR for more justifications. Article 34 - some justifications there as well for Communication of a personal data breach to the data subject. Article 23 - right to be informed about restrictions. Article 27. We don't have anything from Article 78 and 79 - judicial rememdies. Article 22-3 “the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.</p> | ||
| <p id=x017 class="phone s02"><cite>georg:</cite> Article 34(3) has justifications for why the breach was not communicated. These are justifications used in compliance but do not need to be communicated. So we should </p> | ||
| <p id=x018 class="phone s02"><cite>georg:</cite> Article 23(3-h) - what is the justification here? </p> | ||
| <p id=x019 class="phone s01"><cite>beatriz:</cite> Should we model the 'right' mentioned here?</p> | ||
| <p id=x020 class=summary> discussion - no, this is a right as in the implementing act in national law</p> | ||
| <p id=x021 class="phone s01"><cite>beatriz:</cite> Adding Art. 77-79 as 3 three additional rights to GDPR extension. </p> | ||
| <p id=x022 class="phone s02"><cite>georg:</cite> Art.22.3 “the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision”? </p> | ||
| <p id=x023 class="phone s03"><cite>harsh:</cite> 22-1 is the right, 22-3 refers to the same right</p> | ||
| <p id=x024 class="phone s02"><cite>georg:</cite> 22-2 is the three justifications for 22-1</p> | ||
| <p id=x025 class="phone s03"><cite>harsh:</cite> 22-3 and 22-4 are specific restrictions on the justifications in 22-2, so we don't necessarily need them as separate justifications - we can wait for case law and AG opinions to evaluate our interpreations are correct before we model them e.g. 22-4 can be justifications for use of special categories</p> | ||
| </section> | ||
|
|
||
| <section> | ||
| <h3 id=t03>AI Act</h3> | ||
| <p id=x027 class=bot><cite><ghurlbot></cite> <strong><a href="https://github.com/w3c/dpv/issues/106">Issue 106</a></strong> Propose concepts from the AI Act (by coolharsh55)</p> | ||
| <p id=x028 class="phone s04"><cite>delaram:</cite> these are concepts from Article 3, the rest of the Act is to be modeled </p> | ||
| <p id=x029 class="phone s02"><cite>georg:</cite> post from Dr. Laura who is Senior Policy Advisor at EU Parliament comparing AI Act and GDPR in terms of no of articles and recitals <a href="https://www.linkedin.com/posts/dr-laura-caroli-0a96a8a_aiact-activity-7166016973645037568-pA4A?utm_source=share&utm_medium=member_desktop">https://<wbr>www.linkedin.com/<wbr>posts/<wbr>dr-laura-caroli-0a96a8a_aiact-activity-7166016973645037568-pA4A?utm_source=share&utm_medium=member_desktop</a></p> | ||
| <p id=x030 class="phone s04"><cite>delaram:</cite> definitions are not expected to change, clause numbering may change. Working on AIRO and VAIR at the moment, to be added here (AI Act extension) once that is done.</p> | ||
| <p id=x031 class="phone s03"><cite>harsh:</cite> where do we put them in DPV vocabularies? How do we proceed? Do we take AI Act? Or go through specific topics e.g. putting AI in deployment?</p> | ||
| <p id=x032 class="phone s04"><cite>delaram:</cite> would be better to look at all related concepts together in one place</p> | ||
| <p id=x033 class="phone s01"><cite>beatriz:</cite> does AI system go in tech?</p> | ||
| <p id=x034 class="phone s04"><cite>delaram:</cite> yes, the general concept will go in tech and the AI Act specific definition will go into the AI Act extension</p> | ||
| <p id=x035 class="phone s03"><cite>harsh:</cite> interested in Annex III high-risk clause analysis, and connecting it with GDPR's DPIA. Tytti is also doing this kind of work and would be interested in this.</p> | ||
| </section> | ||
|
|
||
| <section> | ||
| <h3 id=t04>Next Meeting</h3> | ||
| <p id=x037 class=summary> Next meeting will be in 1 week, on WED FEB-28 15:00 WET / 16:00 CET.</p> | ||
| <p id=x038 class=summary> Topics for discussion are updates on DPV v2, github repo and issues, rights exercise, discussion on AI Act, and Tech/AI vocabulary.</p> | ||
| </section> | ||
| </main> | ||
|
|
||
|
|
||
| <address>Minutes manually created (not a transcript), formatted by <a | ||
| href="https://w3c.github.io/scribe2/scribedoc.html" | ||
| >scribe.perl</a> version 217 (Fri Apr 7 17:23:01 2023 UTC).</address> | ||
|
|
||
| </body> | ||
| </html> |