Talk:Summit 2011 Working Sessions/Session073

Thank you for attending! This page is for the session participants to add their ideas and comments.

Please also take a look at the draft FTC response http://www.owasp.org/index.php/Industry:FTC_Protecting_Consumer_Privacy#Draft_Text_version_2 - your input would be very welcome!

Thank you

colin.watson(at)owasp.org

Accomplishments
I was asked to provide the top 3 accomplishments from our session to the summit team. I have suggested:

1) A recognition that OWASP MUST (not should) be active in this space

2) Direct input into OWASP's response to the FTC staff report on consumer privacy

3) A consensus to try to document the drivers, issues, resources and relevant technical approaches

Ideas...
Some suggested headings, but please feel free to add more:

Government policies
Legislation:


 * EU:
 * UK:

Primary data protection authorities:


 * US
 * FTC
 * UK
 * Information Commissioner's Office
 * Information Commissioner's Office

Issues

 * Fair processing
 * Acceptable use/specified purpose
 * Avoid collecting excessive information
 * Data accuracy
 * Data retention period enforcement (& disposal)
 * Protection of data
 * Transfers (inter department, company, country)
 * Tracking consent and withdrawal of consent
 * Provision of consent
 * Use of cookies