Versions Compared

Old Version 22

changes.mady.by.user Mark Lizar

Saved on

compared with

New Version 23

changes.mady.by.user Mark Lizar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Kantara Initiative : ANCR WG

V. Status Draft v0.5 (WiP)

Author: Mark Lizar

Editor: Sharon Polsky

Contributors: Sal D’Agostino

Abstract:

At the present time, when online services are involved, Individuals have no way of seeing or knowing who is in control of collecting, using, processing, or disclosing their personal information before the collection, use, processing, or disclosure takes place. Individuals are powerless to resist or object to the one-size-fits-all contracts presented on websites that are called ‘terms and conditions’, ‘user licenses’, ‘privacy policies’ or ‘data sharing agreements’, that do not implement privacy people expect.

...

Notice Record Credential fields are added to the notice record schema and used to bind and generate an Open Notice PII Controller Credential

Notice Record Credential Fields added to Schema

  1. adds the technical attributes

...

In this document the keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", “NOT RECOMMENDED”, "MAY", and "OPTIONAL" are to be interpreted as described in [RFC 2119].

ABBREVIATIONS

The following abbreviations and set of stakeholders are used to frame a mutually exclusive and collectively exhaustive set of terms for providing transparency over what organization controls the processing of personal information, and who is accountable for enforcement.

...

[Source: Conv 108+ Rec.20]


Digital Privacy [Proposed]

The reference to digital privacy specifies the not only the data category for a specific element, but also the field format, record structure, the attributes that populate the field elements, the attributes used in those fields, the ontology and vocabulary used to specify the attributes.

...

Digital Privacy Transparency (DPT) [Proposed]

The transparency over digital representation of active state of privacy in a specific context

...

[ANCR Notice Record Annex B]

Privacy by Design [Proposed]

In reference to privacy design methodologies in which privacy is considered and integrated into the initial design stage and throughout the complete lifecycle of products, processes or services (3.3) that involve processing of personally identifiable information (3.2), including product retirement (3.15) and the eventual deletion (3.26) of any associated personally identifiable information (3.2)

Note 1 to entry: The lifecycle also includes changes or updates.

...

[Source: Conv 108+ Art 3(8)]

PII Sub-Controller [Proposed]

in IoT use case of a smart building, in which the building controller leases a space to a bank, the building Controller delegates PII Controller Credential to the bank for that space and defined geo-location for data governance of security and privacy.

...