...

• I have read and understand this privacy policy 
• I agree to these terms and conditions 

Introduction

Online when interacting with service providers there is often a checkbox to policy and terms that people have not read, and if they did read, the information is not standard, or relevant to the individual and their context. 

Policy and technical permissions for access and data control are divorced and not connected revealing a lack of contextual integrity between what people expected and the surveillance that occurs.   This has a been a long time challenge and is the output to research development and iteration from over a decade of input into  notice and consent standards to address the original use case which the Consent Receipt specification was specified for.  

Generating a Consent Receipt

2FN is a recommended best practice for presenting an alternative to the checkbox online and for opting into, or out of privacy controls. 

...

The options for a 2FN Must include access to privacy rights information and children's right to be heard, adults right to complain (not a link to privacy policy).  Terms and Conditions can then be entered into to scale the AuthC in identity management for a consistent and interoperable rights management and exchange protocol.  (like PaECG)

Preference and Permission Exchange

In some context both parties can exchange receipts, in which the PII Principal can provide a-receipt with consent preferences, and the controller with required permissions and terms.   

...

This consent token can then be used to streamline the PII Principals experience and help administrate the relationship.  Capturing the preferences, monitoring the valid state of the consented or informed identifier and data processing surveillance. 

Proof (legal evidence) of Notice

As an alternative to the checkbox (opt in and out) policy links found in software, defined by contract, a 2FN provides a notice which contains the legally required notice information presented from a standardized record format, using standardized privacy legal semantics, and data control vocabulary. 

...

The first is a notice for any type of personal data processing, surveillance.  The second is consent, in which data rights are used to control who benefits form personal data, and to collect this data in an interoperable standard format called a consent receipt. 

2 Factor Notice (2FN)

(two factor notice for proof of notice)  

• Uses at least 2 factors for proof of knowledge.  
• A Two Factor Notice is used to produce a notice receipt, which stipulates what type of legal justification is for processing and is used to produce a privacy/surveillance notice receipt, for proof of notice.   Two factor is designed to provide an alternative method to check box policies online that people tick without reading a policy. (without proof)  
•  for the governance of digital identifiers and personal data processing.  

2 Factor Consent (2FC)

(two factor notice for proof of Notice and evidence of eConsent) 

...

 If the information is not provided, the identity management system/tech,  is not in compliance with privacy legal requirements like the GDPR and why proof of notice for consent is so important. 

How it works

The anchor receipt is created when a proof of online notice is generated  from the page (and context) to include legally required elements of notice, this is captured in the receipt. This ANCR receipt then can be measured for its conformance to this v1,2 for ISO + legal requirements (and is a separate sub-use case) 

The anchor receipt is used to provide an active state of relationship for the human, conceptually a reverse cookie, required to start a digital identity relationship.

The second factor

The second factor of the receipt contains the legal justification and purpose of the service.  Once added this completes the anchor consent receipt, which is then linked to all future receipts to be able to generate a Consent Lifecycle to frame the governance of the relationship. 

PaE:CG - Website Use Case Example

In the use case example from the Privacy as Expected project, A Consent Receipt wallet is added as a browser feature or add-on, for website.

1. a 2FN is presented for the existing privacy state as indicated by the implied action which resulted in calling the website to the browser
2. if this is the first time (with 2FN active) an anchor record is automatically created and the ANCR ID and URL is stored in the add-on
3. the add-on to generate ANCR records is used to generate a 2FN independent of the website (and technology), for the individual to confirm controller credential and purpose / consent type for this context. and uses this record to generate a receipt to capture the notice upon use.
4. if both parties use 2FN, a 2FN-C receipt exchange occurs and a Privacy as Expected Signal is generated to indicate if consensus and consent is valid.
5. A dual signed consent receipt becomes a micro-credential which can then be used as factor for Authentication, further streamlining the digital privacy experience to what people expect from the purpose of use and their own physical context. 
6. The receipt from the add-on, captures the notice provide by the controller, and up on first use, with a non-participating (unknown) controller - a capture of all the relevant policy information, and operational privacy elements are captured as evidence or proof of the notice.  So the PII Principal can use it for evidence for applying rights or changing preferences.
   1.  This capture includes the meta-data for extending (or combining) the digital identity service relationship(s) that are also present at the time Into the lifecycle. All of this can be  attached as apart of the  receipt payload (and even be made into a requirement for the capture of active relationship state to extend a consent lifecycle. 

A Short History of Work Leading to 2FN (&C)

• 2007 - Identity Trust WG @ Identity Commons: based on two publications 
  • ISTPA - Operational Analysis of International Privacy Requirements,  for 'Operational Privacy Requirements' 
  • The Royal Academy of Engineering : Dilemmas of Privacy and Surveillance; Challenges of Technological Change
    •  Where the design principle for compliant identity management evolved from - called 'Proportional Transparency and Reciprocal Access Controls'
• 2009 - Research into Surveillance Codes of Practice: Compliance and Integrity of Public CCTV in London Hammersmith 
• 2010 - Campaign Surveillance not Sharing:  the danger of the Facebook Like Button 
• 2011 - Kantara - Information and Sharing WG Started - on the sharing of digital exhaust and the information sharing label
• 2012 - Open Notice, Common Terms, TOS:DR joined together with the "Biggest Lie on the Internet' campaign. 
• 2012 - Presented a Call for Standards at W3C : Do Not Track & Beyond Conference 
• 2014 - Kantara Update - Consent & Information Sharing WG - First Draft of the Minimum Viable Consent Label and then Receipt 
• 2015 - Schrems 
• 2016 - GDPR Draft release, with a regulation that provides a consent by default framework for  personal data protection  
• 2017 - Kantara Initiative: Consent Receipt v1.1 adopted by ISO/IEC SC as 27569 
• 2018 - GDPR Enforced Notice & Consent Regulation (biggest fines for lack of compliant notice and consent) 
• 2019 - Meaningful Consent Law  Passed
• 2019 - Supreme Court Cnd- Right to Privacy in Public 
• 2020 - Schrems II
• 2020 - ANCR WG - started 

...