Versions Compared

Old Version 13

changes.mady.by.user Mark Lizar

Saved on

compared with

New Version 14

changes.mady.by.user Salvatore D'Agostino

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Implementation or use of certain elements of this document may require licenses under third party intellectual property rights, including without limitation, patent rights. The Participants and any other contributors to the Specification are not and shall not be held responsible in any manner for identifying or failing to identify any or all such third-party intellectual property rights. This Specification is provided "AS IS," and no Participant in Kantara Initiative makes any warranty of any kind, expressed or implied, including any implied warranties of merchantability, non-infringement of third-party intellectual property rights, or fitness for a particular purpose. Implementers of this Specification are advised to review Kantara Initiative’s website (http://www.kantarainitiative.org ) for information concerning any Necessary Claims Disclosure Notices that have been received by the Kantara Initiative Board of Directors.

Dear reader,

Thank you for downloading this publication prepared by the international community of experts that comprise the Kantara Initiative. Kantara is a global non-profit ‘commons’ dedicated to improving trustworthy use of digital identity and personal data through innovation, standardization and good practice.

...

This ANCR WG Transparency Performance Indicator’s specifications assess the digital privacy transaprency transparency of online services.

The capture is with an ANCR Notice Record, the record is captured using ISO/IEC 29100 Security and Privacy (international framework). It’s captured can be compared agains the ISO/IEC 29184 Online privacy notice and consent receipt standard format, controls and conditions, to demonstrate conformance, and is mapped to CoE 108 + and the GDPR in the Notice Record Framework.

...

TPI’s are generated through the capture of a notice, and its assessment for the time of notice presentation(1) in relations to first data capture, the contents of the notification (2), the accessibility of the notice access for use (3), and the digital trust/security of the notice (4), all of which are required for digital privacy interiperability interoperability utilizing a standard consentric concentric notice transparency franeworkframework, whereby proof of notice and evidence of consent is required for permissions to process and disclose personal and identifying digital identifier’s.

These (aforementioned 4) transparency performance indicators (TPIs) are used together to automate a digital privacy transparency performance baseline, The notice records created through interaction with standardized online notifications demonstrate next generation digital privacy.

Utilizing standard informations The indicators and associated report utilize a standard information structure, notice and consent record format, and controls , for digital privacy rules and regulations ,

Notice Record Generation

The notice record format is used to create a record that the PII Principal holds, controls, and manages to control their personal information:

The ANCR Notice Record is specified for PII Principals, using terms, semantics and laws that champion the legal utility of data control and its management. As such, representing a shift in the architecture of digital identity semantics to legal semantics specific to human centric transparency, usability, and control.

For this purpose, the ANCR record is first specified as a single use record, that the Individual controls with 4 transparency performance indicators.

Specified here as.a single use record to generate a record the Individual can own, control and trust. The TPI’s provided here are specified to cover vectors of digital privacy, by providing a consistent transparency for data control and governance.

...

The Notice Record is first specified as a static, one-time use notice record that is created by the PII Principal and used to initiate a state of operational transparency in context measured by access to, and performance of, rights.

Diagram 1: Notice Record

...

Field Name

...

Field Description

...

Requirement: Must, Shall, May

...

Field Data Example

...

Notice Location

...

Location the notice was read/observed

...

MUST

...

www.walmart.com

...

PII Controller Name

...

Name of presented business

...

MUST

...

Walmart

...

Controller Address

...

The physical address of controller and/or accountable person

...

MUST

...

1940 Argentina Road Mississauga, Ontario L5N 1P9

...

PII Controller Contact Type

...

Contact method for correspondence with PII Controller

...

MUST

...

Email, phone

...

PII Controller-Correspondence Contact

...

General contact point

...

SHALL

...

Privacy@org.com

...

Privacy Contact Type

...

The Contact method provided for access to privacy contact

...

MUST

...

email

...

Privacy Contact Point

...

Location/address of Contact Point

...

MUST

...

Org.com/privacy.html

...

Session Certificate

...

A certificate for monitored practice

...

Optional

...

SSL Certificate Security (TLS) and Transparency

...

The record identifier, when added to each record, provides an anchor for the notice record in the first instance. The Anchored Notice Record can be extended for use as a ‘trust anchor’ for the PII Principal by adding an ANCR Record ID that the PII Principal can use to track the PII Controller and the data processing and digital identity relationship over time. In this way an Anchored Notice Record is a gateway to scale consent online and internationally.1

...

and their performance measurement.

Transparency Performance Indicators

There are 4 TPI’s that are used to asses public service data at an assurance level 0 (self asserted) of 4 privacy assurance levels identified in the ANCR Framework. (ref)

These 4 indicators are bundled together as analogue assessment type, which people can do quickly to understand the transparency state, and that can then be used to measure how dynamic the performance of transparency is, for higher interoperability assurance levels.

  1. TPI for when Notice is Provided vs when data is collected

  2. TPI for transparency over required PII Controller digital identity and privacy access contact point

  3. TPI for how accessible the transparency is (transparency of digital transparency)

  4. TPI for checking the integrity of digital privacy security

Image Modified

The first two (2) performance indicators measure the transparency of the ‘provided’ PII Controller Identity information. Required to measure how accessible the provided PII Controller Identity information is, before or at the time of data processing, which is a condition of governance adequacy and privacy compliance for all digital identifier-based processing activities, used to develop data profiles. An ANCR Record of data processing activity in this way provides evidence to demonstrate security and privacy compliance.

Once the capacity for digital privacy is ascertained, the third performance indicator can be used to measure the security certificate (or key) for its contextual integrity for the specific session and processing context.

TPI 1: Timing of Notice vs Data Collection Transparency

TPI: 2 PII Controller: Required PII Controller

...

Data Transparency

Assess if the required information for transparency over who is in control of notice is ‘provided’

The MUST fields identify elements that are required in legislation that MUST be present.

TPI

...

3: Transparency Accessibility

How accessible is the PII Controller and Privacy Contact information?

For example, in the context of a website or a mobile device, how difficult was it to access the ‘provided’ information. How many clicks, or screens, away is the required information?

TPI

...

3–Example — Accessibility Measurement Rating

This transparency accessibility rating score of [1,0, -1 or –3] reflects the number of steps, screens, or clicks required to find the ‘provided’ information within a mobile application or webpage providing the client user interface.

...

Rating

Description

Instruction

+1

Controller identity is embedded as a credential linked to authoritative registries.

PII Controller credential is displayed, using a standard format with machine readable language and linked, for example, in an http header in a browser

0

PII Controller Identity prominently displayed on first view – prior to processing first page of viewing, the assessment question would be

PII Controller Identity or credential is provided in first notice

-1

Privacy signal Is not first presented – but is linked and one click and screen away

The Controller Identity, or screen with the Controller Identity is one screen and click away. For example, the privacy policy link in the footer of a webpage

- 3

Identity or credential is two or more screens of view away

PII Controller Identity is not accessible enough to be considered ‘provided’

TPI

...

4: Certificate (and/or Key) Security Transparency

This security performance indicator requires that the notice record session certificate is collected and used to check if the PII Controller Identity information is the same or linked to the controlling entity in the associated security certificate. For example, does the SSL (secure software layer) certificate identify the Controller, and is it secured for the DNS and localization expectation and corresponding jurisdictional information (a ZPN required digital security for privacy measure to implement the international governance interoperability with legal adequacy with eConsent)

...