Versions Compared

Old Version 9

changes.mady.by.user Mark Lizar

Saved on

compared with

New Version 10

changes.mady.by.user Mark Lizar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Receipt use cases and updates for the Notice & Consent Receipt Community. 

Fist Update, Re:  the Consent Receipt v1.1 is representative of the 2016 MVCR (Minimum Viable Consent Receipt),  when it was clear that the MVCR had some significant challenges, which have recently been addressed.  

  1. The receipt needed enforceable law, 
  2. The receipt needed standardized components; to be a recognized legal tool,  standardized personal data categories (not our appendix),  standard legal ontology / semantics, which could also be machine readable, 
  3. The receipt itself would need to be a usable legal standard for people and requires a UI as well as legal and technical framework

Since 2016, the receipt has been contributed to community and regulatory efforts where  this work has been pursued, meaningful consent in Canada,  the GDPR NOTICE and consent enforcement fully, in 2020, and the ISO 29184 (July 2020).   Now the work from this WG group is focused on the update to the Notice & Consent Receipt v1.2, and the V2.

To achieve an MVCR update, use cases have been suggested: 

  1. What was unfinished in v1.1. (update to v.1.2 ) 
  2. legal notice as an identity governance framework: a consent notice receipt and consent withdraw (v1.2)
    1. Life Cycle of a Consent Notice Receipt : creating an anchor notice receipt
    2. Delegation of liability and risk between stakeholders
    3. A notice and notification requirements doc for the V2
  3. Privacy as Expected: Active state UI  - 2FC (two factor notice for identity management permission grants)
  4. Binding: UMA Protocol in a Consent Notice Receipt

Unfinished in the Consent Receipt - V1.1 

...

  1. GDPR provided needed updates and requirements for consent record structure and specification: (see GDPR extension)
    1. Delegation of risk and liability between stakeholders,

...

Case Studies

  • Cookies/Records for preferences 
    • replacing cookies 
  • Children Rights Online 
    • Parental Consent and Childrens access to privacy rights
  • Micro-Credential 
    • Consented use of university certificate 
  • Video Surveillance 
    • Consented Facial Recognition

Legal Use Cases for Receipts 

  • Proof of Notice 
  • Evidence of Consent

Technical Use Cases

  • Cookies 
    • capturing policy, form and screen with a receipt - 


Note

  • Case Study is topic 
  • Use case is a component of a topic