Versions Compared

Old Version 20

changes.mady.by.user Mark Lizar

Saved on

compared with

New Version 21

changes.mady.by.user Salvatore D'Agostino

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Commonly referred to as the ANCR TPA Scheme : Parts 1 and 2 for measuring conformance, compliance, performance and security of

...

transparency and

...

consent.

Anchor
_Toc155867426
_Toc155867426
Conformity & Compliance Scheme Framework v0.08.1

...

ANCR refers to an Anchored Notice & Consent Receipt, it is a record that is generated using the Transparency Performance Indicator that assess the operational conformance of the record of processing and its compliance with legislation.

Note: In the ANCR Consent Notice Receipt specificationSpecification, the record and receipt is are generated with a PII Controller Identity

...

This ANCR TPA Scheme is a specification that is required to be open, as specified under a the ANCR WG IP License, Patent & Copyright: Reciprocal Royalty Free with Opt-out to Reasonable and Non-discriminatory (RAND) license agreement at the Kantara Initiative for contribution to ISO/IEC SC 27 WG 5.

...

ANCR Digital Identity Trust: Transparency Performance Assessment Scheme, Part 1 & 2 v0v1.80

Anchor
_Toc155867427
_Toc155867427
NOTICE

This specification relies on (open access to) ISO/IEC 29100 Security techniques, Privacy framework and ISO/IEC 29184 online privacy notices and consent, and ISO/IEC 27560 the Consent Record Information Structure and a Consent Notice Receipt, which is a digitally twinned record information structure , based on the Consent Receipt v1.1.4

Anchor
_Toc155867428
_Toc155867428
Conditions for use

...

4 Transparency Performance Indicators asses assess transparency signalling signaling in Part 1,

  1. when Timing: When PII Controller Identity information is provided in accordance to with when data is captured, to assess the security and privacy risk and compliance, to determine the legal validity of consent.

  2. Content: If required PII Controller Identity information is provided. to assess operational complinace compliance for any legal justification or authority.

  3. Usability, Accessibility & Authenticity: the presentation accessibility of the PII Controller Identity Information, taking into account device accessibility, the language and number of screens to access privacy information. in order to then assess the terms and their definition against the legal (and expected) terms and definitions.

  4. Security integrity, of a SSL Certificate Contextual Security Integrity: in particular the contents and policy of digital certificate (or token) - digital security used, e.g. certificate integrity and cryptography, asses its OU relevance to the PII Controller, Jurisdiction, and Name, to match the PII Controller Information , registration and risks presented in notice.

...