Versions Compared

Old Version 18

changes.mady.by.user Mark Lizar

Saved on

compared with

New Version 19

changes.mady.by.user Mark Lizar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Kantara Initiative : ANCR WG V. Status Draft v0.5 (WiP)Kantara Initiative : ANCR WG

V. Status Draft v0.5 (WiP)

Abstract:

At the present time, when online services are involved, Individuals have no way of seeing or knowing who is in control of collecting, using, processing, or disclosing their personal information before the collection, use, processing, or disclosure takes place. Individuals are powerless to resist or object to the one-size-fits-all contracts presented on websites that are called ‘terms and conditions’, ‘user licenses’, ‘privacy policies’ or ‘data sharing agreements’, that do not implement privacy people expect.

No mechanism is currently available for Individuals to assert authority in advance of disclosing their personal information; and no way for them to determine, control, or negotiate the conditions or sources under which data about them may be processed, used, managed, or associated with other data consent.

Lack of transparency and consent defaults prevent Individuals from knowing or seeing (therefore trusting or controlling) when digital identifiers and related metadata about themselves are created, used, or disclosed, for additional purposes

Systemically prohibiting interaction, access and participation required for individuals to see how information about themselves is used, when, by whom, and for what purposes.

Enabling individuals to see how information about themselves is used, when, by whom, and for what purposes, requires a standardized transparency mechanism as a way to provide data governance that scales when decentralized.

The Anchored Notice and Consent Record implements a standard of transparency to enable Individuals to see if PII about them is being used in ways that are private and whether, when, where, and to whom it is disclosed — locally, domestically, or internationally.

The ability to direct and control the collection, use and disclosure of information about themselves is essential for Individuals to have technical capacity to trust the management of surveillance, personal identity, and advanced digital data analysis technologies.

The ANCR specification provides a mechanism to implement legal and technical standards for transparency that supersede ‘terms and conditions’, ‘user licenses’, ‘privacy policies’ and ‘data sharing agreements’. Specifying an active technical object for managing the rules of data and its consented exchange.

NOTES TO READER

This Kantara Initiative work effort began when Liberty Alliance became the Kantara Initiative, and the Consent and Information Sharing Working Group formally began in 2015. That Working Group’s activities carried on through the ANCR Working Group.

In this specification and proposed standard the term “PII Principal” is used interchangeably with Data Subject and “Individual”.

Introduction

This documents specifies the core credential schema using the ANCR Notice record schema to generate a digital record which acts as a digital envelop for the digital privacy information, attributes, identifiers and notice text it is used with.

...

  • ANCR Record — means the Anchored Notice Record and Consent Receipt Record

  • ANCR WG — means the Advanced Notice and Consent Receipt Work Group

  • Array — means an array of field objects

  • Conv. 108+ — means the Council of Europe Convention 108+

  • FIPP — means Fair Information Practice Principles

  • IRM — means Identifier Relationship Management

  • ISO/IEC — means International Organization for Standardization/International Electrotechnical Commission

  • Object — means a field object

  • PII — means Personally Identifiable InformationPOMME — means Privacy Operationalization Model and Method for Engineering

  • PbD- Privacy by Design

  • TPI - Transparency Performance Indicators -

  • ZPN – Zero Public Network – a network in which each processor of personal information has a controller credential and the PII Principal has a private record of the credential

...

[Source: Conv 108+ Rec.20]


Digital Privacy [Proposed]

The reference to digital privacy specifies the not only the data category for a specific element, but also the field format, record structure, the attributes that populate the field elements, the attributes used in those fields, the ontology and vocabulary used to specify the attributes.

...

Digital Privacy Transparency (DPT) [Proposed]

The transparency over digital representation of active state of privacy in a specific context

...

[ANCR Notice Record Annex B]

Privacy by Design [Proposed]

In reference to privacy design methodologies in which privacy is considered and integrated into the initial design stage and throughout the complete lifecycle of products, processes or services (3.3) that involve processing of personally identifiable information (3.2), including product retirement (3.15) and the eventual deletion (3.26) of any associated personally identifiable information (3.2)

...

[Source: Conv 108+ Art 3(8)]

PII Sub-Controller [Proposed]

in IoT use case of a smart building, in which the building controller leases a space to a bank, the building Controller delegates PII Controller Credential to the bank for that space and defined geo-location for data governance of security and privacy.

...