This year ANCR WG and 0PN Digital Transparency Lab teamed up to present a report on Canada’s Bill C 27, extending the ANCR Transparency Performance Scheme, with a Canadian Bill C27, WHiSSPR Report, referring to a White Hat iDentity, Surveillance, Security, Privacy Risk Report. With a special Jan 28 podcast with Joni Brennan, Sharon Polsky, Gigi Agassani and myslef (Mark Lizar).
Incredibly, the report is quite short as Bill C27 failed basic digital privacy requirements of a) requiring the identity of the PII Controller Credential for surveillance and b) doesn’t required any records of processing activities.
The report highlights some of the implications of this to the Digital Identity Industry and the security of Canadian data. It delves deeper assessing the integrity of the law in contrast to the international data privacy law framework and standards that are coming into force in 2024 or 2025.
To find out more about what is going on check out the Digital Transparency Lab WHiSSPR Report News Letter.
May 24, 2024 ANCR (Jedi Privacy Day) WG Report : For International Digital Security and Privacy Community
There is a critical lack of transparency in the use of digital identity technologies and the governance of personal data. The lack of systemic transparency over who is processing your data, under what authority, to what purpose, to what benefit, and when is hidden. Current security and privacy engineering is for institutional and enterprise infrastructure, not for the individual. In the ANCR WG (Anchored Notice and Consent Receipt) we have worked to standardize transparency records and consent receipts.
Known as Records of Processing Activities (RoPA’s) which owned and kept by the individual, anchor the the state of security and privacy in the digital relationship. Standard records and receipts make it for the first time possible to overlay digital privacy over any notice, notification and sign, to enable consent based rights and controls. An individual can use digital transparency to see the state of privacy and consent for all service providers, independently of them.
ANCR’s record framework is Consent by design as it enables the PII Principle self-identify, by adding multiple verified receipt based credentials to a single credential, to provide assurance requied by a service, while still being anonymous.
Introduction
Digital Transparency refers to Record and Receipt specifications for Record of Processing Activities, (contributed as 27560 Consent Record Information Structure to JTC1/SC27/WG5 after 6 years of community group development @Identity Commons, called Identity Trust WG )
The study and specification of Consent by Design has been evolving at Kantara since 2012 Call for standards collaboration at W3C - Do not Track and Beyond conference. The transparency record and receipt model mimicks secure currency exchanges by prioritizing the privacy principle of transparency and accountability over choice and consent, placing this as the first privacy principle (as opposed to the 4th in 29100) for PII Principal centric data trust and governance.
The work is contributed to the commons governance framework, which in it’s latest Commonwealth iteration is the Council of Europe’s Convention 108+ as the international legal adequacy base line for transparency modalities required for security and privacy regulation. The foundation for internet based data governance technologies to interoperate, using the PII Controller Notice Record and Credential to specifically govern identity management technology.
Our focus in the Kantara Initiative and the Digital Transparency Lab has been records an receipts and to demonstrate how to govern mis-information, in digital identity management standards using an ISO/IEC 29100 specified record framework.
Consent by Design is specified in a number of ways,
Digital Privacy Transparency, referring to the presentation of notice, notifications and disclosures are presented in a way that mimics the physical how people, notice, permission and consent. In particular, humans manage consent while systems manage permission (an instance of a consented surveillance context)
The PII Controller notice record is standardized and used to generate a receipt, which is a verifiable credential. In this context the PII Controller automatically becomes the gatekeeper to PII (aka the relying party) to verify the digital relationship presented in the receipt.
Rather that identifying the individual up front and taking their meta data. The individual can define and present their own digital identity, identifiers, credentials according to context using receipts as verified credentials, for security, safety and trust when interacting online. (AuthC)
Very Canadian approach, in that permission is first required to introduce a new purpose for consent, and the individuals consent is implied by engagement and capture in a notice record.
Notification and disclosure can be capture with standard 29100 defined notice record and receipt.
Semantically standard with the W3C Data Privacy Legal Vocabulary, so as to be entirely machine readable legal semantics. Specified to GDPR which mirrors Chapter 1 of the Convention 108+ Transparency Modalities,
For and services ANCR’s Records and receipts can be used to demonstrate compliance with Article 30 Records of Processing activities, and in Convention 108+. Article 80 Logging.
For individuals a receipt can be used to directly consent (and withdraw consent) to the PII Controller service according to context.
Like in real life, in physical interactions, the individual is anonymous to begin with and the first interaction with a PII Controller/service, the sharing of data is through consensus and consent.
Standardised Digital Privacy Transparency(SDPT) is conceptualized much like bank accounts, in which every personal data processing activity is recorded, and where services provide a record to the bank and the receipt to the individual when interacting with currency.
SDPT, requires that all surveillance, data processing, capture, and inference be identified, notified, with the risks of secondary and extra-territorial disclosure, provided through notification just in time, prior to processing dynamically in context, to provide high assurance.
Notification, notification and disclosure requirements for technologies performance internet based governance functions are specified in Commonwealth International Privacy Convention 108+ and mirrored in the GDPR. These are legally specified to inform the individual about the identity of the PII Controller, if there is a DPO Delegate, for 1 of the 6 legal justifications for processing personal information, from the legal context of existing consent in common spaces. (known as consensus)
SDPT as specified in the ANCR WG, takes into account Data Control, Data Protection, and whether or not the data trust is co-regulated, in order to measure how operational digital transparency is, assess technical risk and capacity for liability mitigation in a specific context.
Dear Members of JTC 1/SC27/WG 5 - WG Mirror Committee: Introducing the Transparency Performance Scheme
ANCR (Anchored, Notice and Consent Receipts) Standard Digital Privacy Transparency Record Framework for Consent by Design.
The ANCR WG contributed to the last JTC 1/SC27/WG5 meeting a number of items:
ISO/IEC 27568 Security and privacy in Digital Twin - ANCR Report Submitted
ISO/IEC 27091 Security and privacy in Generative AI - A use case for Digital Privacy and Ethic Governance of generative AI
ISO/IEC 27566-2 Benchmarking Age Assurance Systems -ANCR Post
Attached here is the report presented in the 27568 sessions, and this be found here,. The 27568 PWI Report can be found at the link below (if you have credentials) with the TPS scheme posted on pg 69.
Project No. | Title | Due date | |||
27568 (1.27.163) | 2024-04-29 | ||||
The presentation of this work articulated how security and privacy can be digitally twinned for Age Assurance and Generative AI applications in order to enable governance through the use of digital identifier management technologies.
ANCR Transparency Performance Scheme (TPS)
This scheme (in draft on the ANCR wiki) is used to capture the presentation of required PII Controller Transparency information. This scheme is operated to capture information that is recorded into a conformant ISO/IEC 29100, 29184, 27560 record called the PII Controller Notice Record This is then used to measure compliance with privacy laws and provide a standardised digital privacy transparency report.
For the most part we found that most transparency requirements are not operational in context, they are analogue privay process that need to be back channelled externalizing form the context of service delivery, making it impossible for an individual to access and use their rights in a digital context.
The TPS uses a scale that assesses the notice for how dynamically usable in context, to provide a contextual integrity measure of reciprocal and proportionate digital privacy access is as indicator of risk. Addressed with the use of standard digital transparency privacy transparency (SDPT).
PII Controller Credential
Consent by design is enabled by using a PII Controller Notice Credential to decentralised the records, with a receipt. In that individual is provided with a receipt in order to mitigate the liability and risk in data processing. In the common context a digital transparency receipt is provided when engaging with any type of sign or notice, This specifies for a notice/sign enhancement for an inclusive record and receipt provisioning practice, that is a called a two factor notice (2FN). A 2FN uses an overlay capture architecture when interacting with a notice, notification and disclosure, to create a consent receipt, which can be used with consent to interact with the service autonomously.
In Summary
We submit the ANCR WG specifications as Consent by Design for Privacy by Default systems, which can be used to secure individual privacy, dramatically reduce risks, enable the dynamic transfer of liability with authentication from consent.
The record and receipt framework is driven by identifying the providence of personal data, and enabling PII Controller data processing transparency. Individuals who receive receipts for data processing are able to secure and manage the priavcy of their own data themselves.
The ANCR framework for Consent Receipt tokenisation address mis information, and uses ISO/IEC 29100 to define digital identity technologies using law and socially expected definitions. This enables the individual to interact with the privacy by default system, regardless of what legal justification is used to collect, process or access personal information.
The standard PII Controller record and its use as a consent receipt, is specified using ISO/IEC 29100 security and privacy framework, and further specified in 27560, consent record information structure, is also published in the appendix of ISO/IEC 29184 Online privacy notice and consent framework.
To address Generative AI risks of deep fake, as well as assurance against mis-information the consent receipt is produced with a registered controller record, (a digital trust registry) and is registered in order to secure the accountability, providence and transparency of personal identifiable information processing
ANCR Work Group Presentation
0PN-DTL - ANCR Transparency Record Framework - Global Age Assurance April 13 2024 Manchester, UK
This presentation on the use of this framework was provided in Manchester at the Global Age Assurance Conference held in conjunction with the WG5 Plenary. You can find this presentation here.
Presents on the risks of displacing human governance mechanism, the cause of those risks, and how standardized digital privacy transparency (SDPT) can address these risks for any privacy and surveillance context.
Introduces Standard Digital Privacy Transparency (SDPT) which is a standard PII Controller notice record and consent receipt practice for data governance. In the 0PN digital identity model security and privacy is digitally twinned (like in banking) and introudess a digital privacy framework where all data processing is recorded, logged and linked to a receipt which the individual keeps in their digital wallet.
Global Age Assurance Conference Presentation April 11
or here
Establishing the Commons Rule Book For Digital Identity:
ANCR will be presenting, the Digital Transparency at Think Digital @ Westminster in London UK, June 11. Covering the inclusive ANCR Record and Receipt Framework for the Digital Commons, International secure governance of digital identity and digital identity polkicy.
Presenting the Data Trust Commons Architecture for the PII Controller Notice Credential along with the Consent Receipt v2, Consent Tokens for Trustworthy Identity, and the ANCR Transparency Performance Scheme for scaling the data governance and regulation online, for regulators and policy makers.
Presenting a New Digital Privacy & Trust Paradigm for Consent
Covering Digital Transparency Stack: For legislators and regulators
PII Controller Credential, Addressing the inherent risks of un-regulated digital identity technology, wh
ANCR Transparency Performance Scheme A record and receipt specifications apart of the
Presented via this ANCR Contribution Report to ISO/IEC 27568 Digital Twins as a standard method to twin digital security and privacy state
The Use in Age Assurance, the Canadian Consent standards approach
Kantara ANCR Comments Submitted to 27568-2 Age Assurance Benchmarking, to add a transparency record, and provide ‘when appropriate’ a consent receipt.
ISO/IEC - 27091 - Security and Privacy in Gen AI with the Commons Data Trust Governance Model
The ANCR WG, submitted through the Kantara ISO/IEC liaison a use case for implementing ANCR to address security and privacy risks in generative AI. (link)
Consent as Distributed and Decentralised Data Governance
A new category of governance. in which the law record of notice and receipts for consent are standardised, fixing the semantics of security and identity which are deeply flawed with mis-information.
Technical Transparency is required to scale Digital Privacy, but it must be open and international framework to scale trust.
Open international law, and open free to access internationals standards are required for digital transparency to scale.
The ANCR WG, has been working on developing the technical specifications for the PII Controller notice record and consent receipt, which uses the ISO/IEC 29100 security and privacy framework standard, to specify digital transparency record and consent receipts for. Request to open the Consent Record Structure, 27560 Consent Record Information Structure, which is based on the Kantara Consent Receipt, and ISO/IEC 29184 Online Privacy notice and consent standard are currently being submitted and reviewed. The three standards, can then be openly used to scale ANCR Record and Receipt framework as the Commonwealth standard.