...
TPR uses 4 transparency performance indicators (TPIs) to measure the transparency of PII Controller identification, the indicators are captured in a PII Controller record of compulsory attributes. Together they indicate the security and privacy risk of digital identification to the PII Principal. At no point in this process is the PII Principal required to be identified or under surveillance. In order for consent to identification, and identity management to be valid there are requirements for notice on the part of the PII Controller. This is true across justifications including consent, across frameworks, and across jurisdictions.
How Does it Work?
The four TPIs used in reporting measure:
Timing of notice
Regarding the initiation of surveillance
Content of notice
PII Controller required disclosures (Controller Record)
PII Controller Reverse Cookie (could be captured in a receipt and record for the PII Principal)
Who, where, what, why, how, when
Access and usefulness of notice
Taste of the Cookie
How good were the answers including their veracity to the above
Sovereignty of authority and security
Jurisdictions (Legal) of Principal and Controller
Cryptographic (Technical)
Linked by policy (objects)
...