...
The receipt is further defined and fields broken down for use by privacy framework for conformance assessment, which is based on the lifecycle of a specific notice for processing personal data and a specified purpose, the purpose is used to define the consent grant which provide the scope of permissions for a digital identity identifier management system.
Core PasE-Protocol Flow -→ PII Principal generates an Anchor Record for Receipt Generation is generated for the PII Principle
- a self-asserted PII Controller ANCR record provides a tier 0 privacy assurance,
- if held by PII Controller, on behalf of the PII Subject then this is not compliant
- must be witnessed by 3rd Party Privacy Assurance Provider
- a self-asserted PII Principle ANCR Record
- is held by PII Principle, used to generate consent notice receipts
- a self-asserted PII Controller ANCR record provides a tier 0 privacy assurance,
Conformance assessment use cases for 27560 for the PII Principal:
- use of receipt as evidence for user proof of notice and consent.
- use of receipts as proof of awareness for identity management system
- use of receipt to see the state of privacy / consent lifecycle - so that people can automatically see what to expect without reading a privacy policy or terms - with access directly to digital use of privacy rights .Consent Grant Roadmap - Scope protocol for Identity management system permissioning
- Consent Grant (human scope) - Identity Management = technoal permission and access controls
...