ANSI seeks comments on proposal for ISO task force.

Press Release Summary:



ANSI is seeking comments by May 9, 2008 on an SCC proposal to the ISO Technical Management Board (TMB) to reexamine the possibility of preparing standards on the general topic of privacy. According to the proposal, there are issues in the privacy arena that extend beyond the mandate of JTC 1/SC 27, and the SCC has requested that the TMB form a Task Force to address them. The SCC has also prepared a list of topics for potential Task Force exploration.



Original Press Release:



Prioritizing Privacy: ANSI Seeks Comments on Proposal for New ISO Task Force



The Standards Council of Canada (SCC) has submitted a proposal to the International Organization for Standardization (ISO) Technical Management Board (TMB) to reexamine the possibility of preparing standards on the general topic of privacy. The American National Standards Institute (ANSI) is seeking comments on this proposal by May 9, 2008.

The issue of privacy as it relates to information technology is currently being examined within the international standardization community by Joint Technical Committee 1 (JTC1) of ISO and the International Electrotechnical Commission (IEC). In particular, Sub Committee 27 (SC 27), IT Security Techniques, has progressed such projects as ISO/IEC WD 29100, Privacy Framework; ISO/IEC WD 29101, Privacy Reference Architecture; and ISO/IEC WD 24760, A Framework for Identity Management.

According to the SCC proposal, there are issues in the privacy arena that extend beyond the mandate of JTC 1/SC 27. As a result, the SCC would like to reopen this discussion to update the situation, identify potential gaps, and assess whether these gaps would benefit from a standards-based approach. The SCC has requested that the TMB form a Task Force to address these issues. In the late 1990s, the TMB convened a Task Force which was unable to come to a consensus on the need for an international standard on the protection of personal data and privacy.

As a starting point for discussion, the SCC has prepared a list of topics for potential Task Force exploration, including breach notification, the safety of children online, credential and identity management, privacy taxonomy and information, privacy impacts of new technology, the implementation of privacy laws and best practices, and protection of sensitive data.

As the official U.S. member of ISO, ANSI is requesting comments on the SCC proposal. Submissions will be used to develop ANSI's recommendation on the proposal, which will be presented to the ANSI ISO Council (AIC) for approval prior to the June 2008 ISO/TMB meeting.

To submit a comment, please review the proposal and send all feedback to Steven Cornish, ANSI director for international policy, by the close of business on Friday, May 9, 2008.

All Topics