Versions Compared

Old Version 86

changes.mady.by.user Mark Lizar (Unlicensed)

Saved on

compared with

New Version 87

changes.mady.by.user Mark Lizar (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Contents

Table of Contents
outlinetrue
indent10px
absoluteUrltrue

...

...

  1. Consent notice details can be appended to the MVCR to accommodate different personal data sensitivity, data sharing and additional contextual compliance requirements.  
  2. A context field is a field in the MVCR indicating that there are contextual conditions and exceptions to consent that can be listed and applied by an organisation to the context of receiving consent (e.g. medical emergency overrides).  In the MVCR the context is a flag with yes or no. If yes, the provider is stating that they implement a check list of contextual consent requirements. Additional contexts can also be added to a consent receipt. 
  3. Organisations can append trusted services links/icons to the receipt and further extend the assurance provided to capture multiple consent notice types e.g. cookie, terms of use.

Specification by example (SBE) is a collaborative approach to defining requirements and business-oriented functional tests for software products based on capturing and illustrating requirements using realistic examples instead of abstract statements. It is applied in the context of agile software development methods, in particular behavior-driven development. This approach is particularly successful for managing requirements and functional tests on large-scale projects of significant domain and organisational complexity.[1] (https://en.wikipedia.org/wiki/Behavior-driven_development)

...

  1. An organisation can use the MVCR to self assert that they are providing notice and getting implied consent in compliance with their policies and applicable regulations
  2. A service user (individual) can save the  MVCR to a personal cloud data store and self assess if the receipt is compliant with the policies and practices of the organisation

...

  • Open Notice is currently working on an open source Open Consent Registry (OCR) which will be a customisable registry that can be use to automate  automates the functions required to provision, process, update and use consent receipts at scale.

...

Note: For the consent receipt to be auditable and verifiable the consent policy must be accessible by any entity with the URI for the policy. Subsequent changes to the policy should not invalidate the URI for the policy in effect with the CR was issued. 

MVCR enables organizations to self-assert compliance with legislation and their own policies. The open notice (URI) provides this assurance in a transparent manner. To be compliant a DC provides an auditable self-asserted MVCR which states that the DC will implement the contextual notice requirements listed in that MVCR. Most Data Controllers that identify the information that they collect, specify how it will be used, and that commit to not share personally identiable information with 3rd parties and to not collect sensitive personally identifiable information will be in compliant with most standards. If a DC does share personally identifiable information and/or collects asensitive personal information, trusted service providers , an org can develop a custom extension, use an existing standard or register their consent receipt with  trusted service providers. Trusted Service providers can provide assurances of to enable compliance with more stringent and complex obligations for sensitive information and/or disclosure.

A MVCR with that demonstrates compliance will assure a level of regulatory compliance because it is a digital record that both parties have. A human readable consent receipt should make sense at a glance, enable one click links or contacts with a data controller contact, and enable easy access to statements about purpose(s) and trust .  This visual (human readable) format and the machine readable versions of the consent receitp can be audited for these data points upon dispute.

MVCR: Consent Notice Fields

Field NameDescriptionPurpose/ExplanationReason Why This Field is Required

Cloud Receipt Capture & Sign: Format example in (XDI)

Note: following lines all prepended with ([=]!:uuid:1111/[+]!:uuid:9999)

Data Subject

Name or pseudonym of the user at minimum,

Data Subject is primary party to consent

Is the consent contributor and primary party of the consent, (which is why this is the first field of the MVCR)

if not signed by Data Subject then its use post consent may be limited.

Data Subject: Alice [=]!:uuid:1111

Address (and jurisdiction) of Data Controller

Name of the entity issuing the receipt

Should be the entity/organization that is in control of the personal data and is responsible for consent compliance.Is the Data Controller and is the primary party responsible for administration of the consent

Data Controller: Amazon [+]!:uuid:9999

PurposeThe purposes for which the personal information is being collected.this is a single purpose at minimum linked to the short purpose notice, or policy of purpose.

A purpose notice is a basic and common legal requirement and functionally a requirement of consent.

[#receipt]!:uuid:1234[<#purpose>]<@0>&/&/"We need to process your payment."

[#receipt]!:uuid:1234[<#purpose>]<@1>&/&/"We  need your data to prevent fraud."

[#receipt]!:uuid:1234[<#purpose>]<@2>&/&/"We will advertise to you."

Location of Consent

The location of the consent provision. from which the consent receipt originates.(For example the web page with the consent button. )

This indicates the 'point of consent' - hopefully a button where the user clicked "I agree" or "I consent" (i.e. the biggest lie)

Can be a URI, URL, URN, 

This can also be a physical space where surveillance legal notice requirements exist (EU) - Global Positioning System (GPS)

 

[#receipt]!:uuid:1234<#location><$uri>&/&/"....." 

Sensitive Personal Data Flag (Y/N)Flag to categorise the information collected as sensitive or not (Y/N)Each jurisdiction has classifications of sensitive personal information (privacy): The generally include health, financial, Child Protection, Religious, Union categorisations

If Yes, then additional notice requirements are needed to confirm its compliance status.

If No, then the consent is automatically compliant

[#receipt]!:uuid:1234<#sensitive>&/&/true

Third Party Sharing

Flag whether data is shared with third parties. (Y/N)

If true, then compliance is dependent upon additional notice requirements not present in a MVCR. This can be addressed with the "Third Party Sharing" extension.

If Yes, then additional notice requirements are needed to confirm its compliance status.

If No, then the consent is automatically compliant

[#receipt]!:uuid:1234<#third><parties>&/&/true

TimestampWhen consent was obtainedTo record when the user, either by implication or explicity, granted consent for the purposes described. [#receipt]!:uuid:1234<$t>&/&/"2014-07-13T21:32:52"
Privacy PolicyThe issuing entity's privacy policy (either inline copy, or reference to URI)If not available, should provide a notice that it is missingIs the minmum Policy (or short notice) Needed to create a consent receipt.

[#receipt]!:uuid:1234<#privacy><#policy>&/&/"copy of privacy policy here"

or

 

[#receipt]!:uuid:1234<#privacy><#policy><$uri>&/&/"https://..."

Operational Context FlagFlag wether the Operational Requirements are present or not. (Y/N/Unknown)For the presentation of consent there are contextual and prescriptive requirements in legislation, a check list of these elements is being crated in this draft below.

Consent has contextual compliance requirements for the notice to be sufficent. These depend on the location and format of the consent notices

An organisation displays agreement (or not) to implement these OC requirements and this is reflected on the consent receipt.

 

...

Core extensions can be used by policy makers to localise the use of consent notices to operational contexts and more granular applications of enforcement.

Operational Context (OC): Legal Requirement for the MVCR Context (in progress)

...

Respect Network (RN) Technical Demo:

...

...

Amazon Respect Use Case: With the Respect Network and Open Notice
(Note: Amazon Respect is a Fictitious organisation used here only as an example) 

(http://open-notice.github.io/consent-receipt/amazon-mock/signup.html)

Implementation of consent receipt which is signed & created by a DC and stored in a personal Cloud. 

...

Trusted Services Appendix

...