Kantara Initiative : ANCR WG
...
At the present time, when online services are involved, Individuals have no way of seeing or knowing who is in control of collecting, using, processing, or disclosing their personal information before the collection, use, processing, or disclosure takes place. Individuals are powerless to resist or object to the one-size-fits-all contracts presented on websites that are called ‘terms and conditions’, ‘user licenses’, with corresponding ‘privacy policies’ or ‘data sharing agreements’, that do not implement or provide privacy rights or data control people expect. No mechanism is currently available for Individuals to assert authority in advance of disclosing their personal information; and no way for them to determine, control, or negotiate the Expectation which don’t scale online.
ANCR, Anchored notice and consent receipt, is a record and receipt protocol that is used to twin the state of security and digital privacy, in a format that is designed to be human understandable by default. A simple solution to trust, a receipt, advances assurances for personal data control and transparency while being inclusive of everyone.
Extending an exigent public trust mechanism for high risk, confidentiality and the assertion of authority in advance of disclosing their personal information; as without a receipt (a record of our own) there is no way to determine, control, or negotiate the conditions or sources under which data about them may be processed, used, managed, or associated with other data consent.
Lack of transparency and consent defaults prevent our own digital transparency prevents tracking the states of our own consent, preventing Individuals from knowing or seeing (therefore trusting or controlling), when digital identifiers and related metadata micro-meta data about themselves are created, used, or disclosed, for additional purposesSystemically prohibiting .
Services today. systemically control the records of interaction, choosing when to make records often with no records at all. As a result, restricting user side interaction, access and participation required for individuals, to see how information about themselves is used, when, by whom, and for what purposes. Which in effect requires a systematic approach to addressing digital transparency to enable people online.
The consent receipt is used to twin the security and privacy state relative to the individual. Enabling individuals to see how information about themselves is used, when, by whom, and for what purposes, requires a standardized transparency mechanism as a way to provide data governance that scales when decentralized.
The Anchored Notice and Consent Receipt Record (ANCR-R) is normalized here as notice record credential, used to provide and consent receipt flow, where a notice receipt is received by the individual and consent receipt is a grant provided by the Individual. credential used to enable transparency for Individuals to see if data governance, in online contexts. To visualize PII about that is being processed in ways that are private and weather, when, where, and to whom it is disclosed — locally, domestically, or internationally.
The A record ability to direct and control the collection, use and disclosure of information about themselves is essential for Individuals to have technical capacity to trust the management of surveillance, personal identity, and advanced digital data analysis technologies.
...
[Source: Conv 108+ Rec.20]
Digital Privacy [Proposed]
The reference to digital privacy specifies the not only the data category for a specific element, but also the field format, record structure, the attributes that populate the field elements, the attributes used in those fields, the ontology and vocabulary used to specify the attributes.
...
Digital Privacy Transparency (DPT) [Proposed]
The transparency over digital representation of active state of privacy in a specific context
...
[ANCR Notice Record Annex B]
Privacy by Design [Proposed]
In reference to privacy design methodologies in which privacy is considered and integrated into the initial design stage and throughout the complete lifecycle of products, processes or services (3.3) that involve processing of personally identifiable information (3.2), including product retirement (3.15) and the eventual deletion (3.26) of any associated personally identifiable information (3.2)
...
[Source: Conv 108+ Art 3(8)]
PII Sub-Controller [Proposed]
in IoT use case of a smart building, in which the building controller leases a space to a bank, the building Controller delegates PII Controller Credential to the bank for that space and defined geo-location for data governance of security and privacy.
...