Kantara Initiative : ANCR WG
...
The ANCR specification provides a mechanism to implement legal and technical standards for transparency that supersede ‘terms and conditions’, ‘user licenses’, ‘privacy policies’ and ‘data sharing agreements’. Specifying an active technical object for managing the rules of data and its consented exchange in accordance to international data governance convention.
NOTES TO READER
This Kantara Initiative work effort began when Liberty Alliance became the Kantara Initiative, and the Consent and Information Sharing Working Group formally began in 2015. That Working Group’s activities carried on through the ANCR Working Group.
...
Notice Record Credential fields are added to the notice record schema and used to bind and generate an Open Notice PII Controller Credential
Notice Record Credential Fields added to Schema
adds the technical attributes
...
In this document the keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", “NOT RECOMMENDED”, "MAY", and "OPTIONAL" are to be interpreted as described in [RFC 2119].
ABBREVIATIONS
The following abbreviations and set of stakeholders are used to frame a mutually exclusive and collectively exhaustive set of terms for providing transparency over what organization controls the processing of personal information, and who is accountable for enforcement.
...
[Source: Conv 108+ Rec.20]
Digital Privacy [Proposed]
The reference to digital privacy specifies the not only the data category for a specific element, but also the field format, record structure, the attributes that populate the field elements, the attributes used in those fields, the ontology and vocabulary used to specify the attributes.
...
Digital Privacy Transparency (DPT) [Proposed]
The transparency over digital representation of active state of privacy in a specific context
...
[ANCR Notice Record Annex B]
Privacy by Design [Proposed]
In reference to privacy design methodologies in which privacy is considered and integrated into the initial design stage and throughout the complete lifecycle of products, processes or services (3.3) that involve processing of personally identifiable information (3.2), including product retirement (3.15) and the eventual deletion (3.26) of any associated personally identifiable information (3.2)
Note 1 to entry: The lifecycle also includes changes or updates.
...
[Source: Conv 108+ Art 3(8)]
PII Sub-Controller [Proposed]
in IoT use case of a smart building, in which the building controller leases a space to a bank, the building Controller delegates PII Controller Credential to the bank for that space and defined geo-location for data governance of security and privacy.
...