Thanks Johann for the feedback... Yes, the consent management feature needs improvement and will work on them..
It would be much helpful, if you can create git issues - so we won't miss anything. Thanks & Regards, -Prabath On Mon, Mar 25, 2019 at 5:18 AM Johann Nallathamby <[email protected]> wrote: > IAM Team, > > I recently had to do a presentation/demo to a customer on GDPR support in > WSO2 IS. Following are the usability problems I've come across in the > latest version. Would like to get your feedback on this. > > 1. In all the webinars we've done on GDPR, we talk about IS as a consent > repository that can do consent management of applications through Restful > APIs. However, when looking at the APIs it looks like we can't really do > application wise consent management and it is global consent management > model we have. What am I missing here? > > 2. Consent purpose descriptions are not shown to the user, when (s)he > needs to provide consent to share user claims to the application. It looks > like the user has to provide a *"bundled"* consent. This *violates* basic > GDPR consent design guideline of *"unbundled consent"*. > > 3. The consent purpose descriptions do not support internationalization. > This *violates* another one of the basic GDPR consent design guideline of > *"informed > consent".* Ideally we should be using the same design we've implemented > for challenge question internationalization. > > 4. When a user does self sign-up, we are collecting consent for all > consent purposes and PII categories. It looks like user cannot sign-up > without providing consent for at least one consent purpose or PII category. > For example, even if first_name is optional and I don't fill the value for > first_name, I need to provide consent to store first_name which doesn't > make any sense. > > Thanks & Regards, > Johann. > > -- > *Johann Dilantha Nallathamby* | Associate Director/Solutions Architect | > WSO2 Inc. > (m) +94 (77) 7776950 | (w) +94 (11) 2145345 | (e) [email protected] > [image: Signature.jpg] > -- Thanks & Regards, Prabath
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
