CR v1.2 Framework
the receipt is further defined and fields and broken down for use by privacy framework for conformance assessment, which is based on the lifecycle of a specific notice for processing personal data and a specified consent grant for digital identity management system.
Core Flow -→ PII Principal generates an Anchor Record for Receipt Generation
Conformance assessment for 27560 for the PII Principal:
- use of receipt as evidence for user
- use of receipts as proof of awareness for identity management system
- use of receipt to see the state of privacy / consent lifecycle - so that people can automatically see what to expect without reading a privacy policy or terms - with access directly to digital use of privacy rights .Consent Grants - Scope protocol for Identity management system permissioning
- Consent Grant (human scope) - Identity Management = technoal permission and access controls
Human Centric - user centric - semantic standards stack -
- usage of the ISO 29100 - roles and definitions for transborder flow of personal data
- stakeholders -
- usage of ISO 29184 - notice controls and record structure
- ISO 27560 - to. generate consent record structure for rights receipt
- W3C DPV - legal semantic ontology for notice and notification .
- ** In review - 27710
- requirements against privacy by design and default.
- 27550 - Privacy Engineering - C.4 - and C.5 - \
Updating from v1.1 - represented by submission to ISO 27560
- delegation
- jurisdictions
- personal data categories
- consent record structions
- purpose finger print
- purpose
V1.2 : Consent Receipt Framework Conformance Framework
- Legal Use Case for inter-domain consent grant framework
- Privacy as Expected - Signalling Conformance Protocol
- comparing two receipts - generated by the human user agent - provide independent transparency over the state of control of personal data
- people can control their own data - so that it doesn't need protection
- using DPV for notice and notifications
- human interaction with notice creates records and receipts
- comparing two receipts - generated by the human user agent - provide independent transparency over the state of control of personal data
- IP Contribution
- From NGI-Trust PasE:CG Project
- applies conformance criteria to consent record structure
- From NGI-Trust PasE:CG Project
- HLT Field Requirements to Required Notice of Control & Accountability Record Fields - the capture of the identity of the controller, and the physical context of the notice for processing provided by the controller
- Privacy as Expected - Signalling Conformance Protocol
- PasE - signalling/ communication Protocol
- Contribution as apart of the NGI project : Sal, Vitor, Mark & Harsh
- comparing 2 receipts to see active state provide and active state fore more dynamic controls in identity management systems
- part of the NGI funded project condition was on the contribution of the protocol to the ANCR WG which would then be reflected in comments to ISO 27560
- Description for this contribution
- PaE includes a stack of semantic standards
- 29100 is open -
- CR v1.1 written with 29184
- PaE protocol includes these control sets and through its contribution opens this work in application
- Dynamic Protocol for the control of personal data
- standardized the presentation of rights
- PaE includes a stack of semantic standards
- Creating a Consent Receipt framework to implement a communication protocol PasE communication protocol
- Legal Justification and what privacy rights apply for each
- Purpose Specified with data privacy control vocabulary
- record format specified with ISO 29100
- notice controls and record specification format ISO 29184
- Notice of Control for Online Services Implementing 2DC2FC
- 2FC
- First Factor - Generated standards
- Second Factor (link) - existing Factor - the sign or notice or notification form the provider
- 2FC
- Linked Data - Semantics
- Legal Justification and what privacy rights apply for each
- Flow 3rd party - Network Facilitator for Notice and Consent Processors
V1.2.1 : Anchor Receipt
...
- Privacy as Expected Protocol
- comparing two receipts - generated by the human user agent
- using DPV for notice and notifications
- human interaction with notice creates records and receipts
- IP Contribution
- From NGI-Trust PasE:CG Project
- applies conformance criteria to consent record structure
- From NGI-Trust PasE:CG Project
...
Semantic Standards Stack for Human Centric - user centric - control semantics
- usage of the ISO 29100 - roles and definitions for transborder flow of personal data
- stakeholders -
- usage of ISO 29184 - notice controls and record structure
- ISO 27560 - to. generate consent record structure for rights receipt
- W3C DPV - legal semantic ontology for notice and notification .
- ** In review - 27710
- requirements against privacy by design and default.
- 27550 - Privacy Engineering - C.4 - and C.5 - \
- Linked Data - Semantics - Human, Legal and Machine Readable framework for expectation management
- Core Record - or Credential Record for a legal entity
- Receipt of. notice of credential record
- core record id - linked reference id - PII Controller Credential
- Consent Receipt generated for each purpose specification and linked to anchor record
- each purpose is specifies by legal justification
- each purpose specification uses the DPV
- Security considerations
- PII Principal controls the ANCR Record
- 3rd Party N&C Processor - Network Facilitator
- Consent Grant Validation
- Status of the PII Controller
- Status of the Consent
- Scope of Consent Grant Permissions
- Privacy Framework Governance
- required notice, timing, formats, parties according to Privacy Law
- each, PII Controller shared, identifiers or attributes of the PII Principal is a separate risk factor
- impacted by the amount of PII - (digital identifiers and attributes) Disclosed by the Controller and under what legal frameworks
- usage of the ISO 29100 - roles and definitions for transborder flow of personal data
V1.2.1 : ANCR Record Conformance
- First Factor Notice for PII Principal
- Fields for DS location require a verifier
- verifying (or synthetic) attribute
- a specified legal jurisdiction
- quality of notice of control receipt
- quality of service purpose specification receipt
- PII Controller
- notice location
- legal jurisdiction
- governing framework - e.g. t&c's?
V1.2.2 : Consent (Notice) Receipt:27560
- Extend with Legal justification to specify purpose for a service
- Specifying the Legal Justification for data processing in a notification
- Specifying Data Categories
- Specifying Data Treatment
- Specifying Security
V 1.2.3 : Rights Access & Automation
- rights with ANCR Record
- universal context right
- right to information about privacy and security
- right to see contoller and purpose(s)
- legal requirement for presenting risk
- right to information about privacy and security
- universal context right
V 1.2.4 : Consent Validation - The Life cycle of a consent
...
- Delegation
- Jurisdiction (physical location proof)
- Consent Types Defined in v1.2
- explicit
- implied
- directed
- altruistic
WKD ISSUES
The CR v1,1 as published known challenges have been addressed and are specified here in the v1.2 update.
...
- Notice field object
- Location & Time
- Location – twin -
- Physical Device -
- PII Controller object
- Jurisdictions,
- Link to physical notice
- Extend it (Legal Justification)
- Privacy Stakeholders
- Categories of controllers
- Consent Purpose Specification (v.1.1)
- Purpose Category
- Purpose Descriptions
- Purpose Sensitive Categories of Data
- Sensitive data category
- Personal Data Category
- Personal Data Types/attributes etc
- Personal Data Processing Treatment
- Storage
- Security (cert/sighed key)
- Extensions –Requirements (according to Context)
Notice & Notifications
A Notice can itself be extended with a Notification for the maintenance of a consent record, and consent based relationship. Notice Receipts facilitate a Semantic Governance Framework
...