<div dir="ltr">
<h2 id="markdown-header-roll-call-stats"><font size="4">Roll call stats</font></h2>
<p><a href="https://bitbucket.org/openid/heart/wiki/Roll_Call" rel="nofollow">https://bitbucket.org/openid/heart/wiki/Roll_Call</a></p>
<p>21 in attendance - 10 members</p>
<p>Listserv count :93</p>
<h2 id="markdown-header-himss-f2f-details"><font size="4">HIMSS F2F details</font></h2>
<p>We will meet in room N138 in the Convention Center on Wednesday,
April 15 from 9am – 12pm (Central). The room is set up in a U shape for
25 with perimeter seating for 15. There should be a podium, screen,
projector, and microphone available.</p>
<h2 id="markdown-header-privo-demonstratediscuss-delegationparental-consent-flows-for-coppa"><font size="4">PRIVO - demonstrate/discuss Delegation/Parental consent flows for COPPA</font></h2>
<p>Debbie introduced the topic. At IDESG about a month ago, PRIVO
(“PRY-vo”, for privacy) gave a great demo on their work in this area.</p>
<p>Steve Greenberg has been working with Denise Tayloe at PRIVO since
the beginning of the NSTIC project. He’s glossing over “identity is
hard” and “consent is hard” topics, assuming we get it.</p>
<p>PRIVO came out of the COPPA (Children’s Online Privacy Protection
Act) market, putting parents in control of information about their kids
online -- not enterprise, and not self-consent. It’s a delegated consent
model. A kid might not have an email address and so on, which an adult
would be expected to have. Consent interactions make an assumption that
the operator is allowed to consent, which don’t hold in the COPPA
market. You don’t want to induce kids to lie or get around the system.
You want to make it easy for them to do the right thing. There’s a
sliding scale of verification, proportional to the privacy risk. Higher
risk means demonstrating control of a financial credential, for example.</p>
<p>If you have a web or mobile property and someone just tried to “do
something”, are they allowed to do it? They key question is “how old you
are” -- COPPA makes that cutoff be “under 13”. PRIVO finds the person
who needs to grant consent for it.</p>
<p>PRIVO has an NSTIC grant. As part of this, there is a Minors Trust
Framework (MTF), a PRIVO iD (a federated identity based on OIDC, and
also supports SAML), which is a free service for consenting to
MTF-approved and COPPA-compliant services, and an educational
initiative, Online Privacy Matters/Privacy on Patrol Squad (POPS).</p>
<p>The tough part is finding parents, having them prove they are who
they say they are, etc. PRIVO handles this part, making it easy to
obtain “verifiable consent” and providing widgets for parent login etc.
This lets their customers concentrate on their core competency. PRIVO
also pseudonymizes across services.</p>
<p>When a new underage user provides a parent email address, there’s a
“parent with me” path where the kid goes and gets the parent, the kid
can print a form that the parent can fill out or follow a URL, or the
kid can provide an email address so that the parent gets a message. A
“shadow account” option provisions a parent account that essentially
tracks the kid’s account if created on a mobile device or something.
This is good when there are many, many accounts already extant.</p>
<p>The kid’s account is activated as soon as the request to the parent
is sent. But the kid doesn’t have the ability to share PII publicly. The
PRIVO customer doesn’t want to lose the kid’s business, so there’s the
ability to do a limited number of things in the meantime.</p>
<p>Data attributes associated with the site features have a notion of
low or full verification. There are also standard and optional features.
Standard features have to be agreed to in order to use the service at
all, whereas optional features can be denied consent.</p>
<p>MyPRIVO is a central location that helps you manage consent across
all of the locations, for multiple kids and multiple services.</p>
<p><strong>AI:</strong> Debbie ask for slides</p>
<p><strong>AI:</strong> Debbie to poll group to see if they would like to hear more about their multi generational TF</p>
<h2 id="markdown-header-eve-maler-handling-custodianship-options-in-and-around-uma"><font size="4">Eve Maler - handling Custodianship options in and around UMA</font></h2>
<p><a href="http://openid.net/wordpress-content/uploads/2015/03/UMA-custodian-thoughts-2015-03-09.pdf" rel="nofollow">http://openid.net/wordpress-content/uploads/2015/03/UMA-custodian-thoughts-2015-03-09.pdf</a></p>
<p>Eve presented a slide deck with three potential architectural
options, two “in” and one “outside of” UMA, that try and bring the
benefits of user-managed access (lowercase and uppercase) to those who
aren’t entirely competent to consent. The two “in” UMA are fairly
complementary with the PRIVO demos, and seem to benefit from
standardized scopes and trust frameworks.</p>
<p>Justin comments that the flipping around of who is the resource owner
and who is the requesting party in this analysis is a really important
concept to play around with.</p>
</div>