Why are we doing this?

Objectives

The Consent Receipt v1.1 from Kantara was frozen in 2017 and has seen enormous success as seen, e.g., in adoption across organizations, as it brings efficiency, compliance and user control. The original receipt was primarily aimed at personal information and, to a large extent, driven by upcoming regulations (at the time) such as EU's GDPR. Adaptations to different contexts such as Healthcare or Financial are now common but, as expected, the current specification is often limiting and requires modifications to specific use-cases.

The aim of this project is to create a framework specification that describes the requirements for Data Use Receipts. The framework specification will include mandatory and optional requirements. Communities of interest will create specialized profiles of the framework specification that are customized for their use cases and scenarios.

The framework specification will allow implementers from any community to be assured that their profiled specifications contain the essential element of Data Use Receipts. Different profiles are not expected to be automatically semantically interoperable or technically intereoperable between domains.

How do we judge success?

A published framework specification that describes the requirement for Data Use Receipts and guidelines for creation of profile specifications.

It should be compatible with the current specfication (v1.1).

What are the possible solutions?