This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Summit 2011 Working Sessions/Session073

From OWASP
Revision as of 19:42, 10 February 2011 by Clerkendweller (talk | contribs) (New page)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Thank you for attending! This page is for the session participants to add their ideas and comments.

Please also take a look at the draft FTC response http://www.owasp.org/index.php/Industry:FTC_Protecting_Consumer_Privacy#Draft_Text_version_2 - your input would be very welcome!

Thank you

colin.watson(at)owasp.org


Accomplishments

I was asked to provide the top 3 accomplishments from our session to the summit team. I have suggested:

1) A recognition that OWASP MUST (not should) be active in this space

2) Direct input into OWASP's response to the FTC staff report on consumer privacy

3) A consensus to try to document the drivers, issues, resources and relevant technical approaches

Ideas...

Some suggested headings, but please feel free to add more:

Government policies

Legislation:

  • EU:
  • UK:

Primary data protection authorities:


Issues

  • Fair processing
  • Acceptable use/specified purpose
  • Avoid collecting excessive information
  • Data accuracy
  • Data retention period enforcement (& disposal)
  • Protection of data
  • Transfers (inter department, company, country)
  • Tracking consent and withdrawal of consent
  • Provision of consent
  • Use of cookies

Privacy vulnerabilities

Technical approaches

Tools

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:Summit_2011_Working_Sessions/Session073&oldid=104888"