Consortium outlines framework for privacy audits