smartopian
commented
9 years ago As a result this text was added to the edit.
"Privacy and Consent Terminology are mapped to the ISO 29100 which provides a basis for privacy standardizations for:
technical reference architectures;
the implementation and use of specific privacy technologies and overall privacy management;
privacy controls for outsourced data processes;
privacy risk assessments; or
for specific engineering specifications.There are terms in this specification that are not referenced in 29100 and these are listed here: (NOTE: Terms to be formalised v.0.9)
Purpose Specification - [definition needed] Personal Information - all attributes that are collected about the individual and the consent session can be deemed personal. Information Sharing - [definition needed] Sensitive Personal Information Categories - refer to the legal categories defined in some jurisdictions like the EU and the US, which have additional notice and consent requirements. Individual - this is referred to in this document and maps to existing terms, Data Subject in ISO 29100 this Principal, Person. Bind - "
Does this close this task, are their requirements for submitting this to ISO SG? Do we need to reference this correctly before submitting to ISO?
[AQ1: Is this list of terms necessary, or should this section be narrowed down to indicate that the privacy and consent terminology used are derived from ISO 29100?](Note: Made by heather when editing.)