Versions Compared

Old Version 26

changes.mady.by.user Mark Lizar

Saved on

compared with

New Version 27

changes.mady.by.user Mark Lizar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

The ANCR WG specifications present a transparency framework for presents the us of notice and consent receipts as credentials for authorizing digital identity relationships and consenting to the use of surveillance technologies, . Operational transparency is defined by an international privacy law using an convention 108+ utilizing the open to access, ISO/IEC 21900 Privacy security and privacy framework, which specifies roles, realationshipsrelationships, for security and privacy to be used for governance interoperability online.

ANCR refers to an Anchored Notice and Consent Receipt, which are credentials anchored by human control, and they are used to enable digital security and privacy roles, to create records of processing (receipts) activities for digital identity and surveillance technologies.

The core concept for Anchored digital trust, is the use of a receipt to automatically verify the PII Controller and Privacy State, in order to see and make the choice of wether or not to trust the state of digital privacy. Digital Privacy referring to the technical representation of privacy using the ISO/IEC framework, to make transparent authority, and providence online.

Key ANCR Assurance Specification documents

  1. This introduction to Levels of Operational Transparency Risk Assurance,

  2. The Notice Receipt/Record and PII Controller Notice Credential format to identify the PII Controller (AP + Data Privacy Officer).

  3. Transparency Code of Conduct (International Convention 108+ for governance interoperability with ISO/IEC 29100 security and privacy framework for systems (as digital privacy is not valid without security)

    1. For Levels of Operational Transparency Assurance

  4. Consent Receipt v2 ANCR Credential Set (Consent Tokens)

Framework Component Specifications

  1. Differential Transparency (AuthC Protocol)

  2. Two Factor Concentric Notice

  3. Concentric Notice Labels

  4. Data Control Risk Assessment

...

  • Digital Privacy - Co-Regulatory Framework for all stakeholders

  • Consent for trans-boarder flows - with Consent Tokens for the individual to authorize trans-boarder flow and access control to PII Principals PII

Authoritative Law, Guidance and Standards Referenced

The core of the referencing can be found in the ANCR’D PII Controller Credential specification focused on legal authority for risk and liability governance. It is defined with reference to OECD Transborder Data Flow International and authoritative law (Convntion 108+) the EU GDPR, and ISO/IEC specifica the stakeholders are security framework is defined with the Open (not paid for) ISO/IEC 29100 security & privacy framework. International baseline for a Transparency Code of Conduct and a subsequent Digtial Privacy Code of Practice is derived in order to implement this framework for public benefits in public, privacy, people partnerships. (which this WG is looking to support)

...