Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Removed duplicate item in Generic Requirements; added detail to requirement for a static link; adjusted capitalization

...

  1. The receipt MUST have a property to authenticate the origin.
  2. The receipt MUST have an integrity protection property.
  3. The audience SHOULD be restricted and transparent.
  4. The receipt SHOULD be able to be transmitted over various transport protocols.
  5. The payload MUST have a human readable section, and SHOULD have a machine readable section.
  6. The payload MUST include the following properties:
    1. Issuer
    2. Date
    3. Time
    4. direct Direct contact information to data controller
    5. Contain a static Link link to privacy policy; the user must have a permanent record of the text to which they agreed
    6. Purpose (s)
    7. YES or NO Flags
      1. 3rd party data sharing
      2. Sensitive Personal Data Collection
      3. Context
  7. The payload SHOULD include the following properties:
    1. A description of the types of personally identifiable information to which the consent applies.
  8. The payload SHOULD include the following information:
    1. the personal identifier used in the consent receipt
    2. some or all of the personally identifiable information to which the consent applies
  9. The receipt MUST be systematically usable and automatically discoverable
  10. Receipts MUST contain the minimum information to enable request for more information, if required
  11. Receipts MUST contain the minimum information to enable requests for more information, if required

Consent Notice Fields and Descriptions (TBF v.07)

...

  • Contact information of Data Controller
  • Identity provided by the individual
  • Link to privacy policy

...

Comments: JW: note: static link format required - raised by John W)

...

  • policy

...

ML: Should we consider stipulating that the URI be domain.com/privacy by default for MVCR with no payload.

JW: If the URI is not broken, but the policy has changed, how can this be known or addressed by the user?

ML: If the privacy policy is apart of the payload of the receipt and this payload was signed by the policy provider. Or if the policy is registered and kept public by the registrar e.g. TOSBACK)

  • The purpose(s) listed: itemised on receipt
  • YES or NO Flags
  • 3rd party data sharing
  • Sensitive Personal Data Collection
  • Context Scope and Requirements

...

TermDefinitionExample
Consent Receipt (CR)A record of a single consent transaction provided to (or obtained by) the data subject as a receipt.This record is a summary of legal requirements of the notice and a capture of consent related data provided at the point of consent.
Data Controller (DC)The organisation or individual that is accountable for the operation of the web site.This is contact information for the management of consent.
Data Subject (DS)The natural person that is registering on the web site.This is typically when a person registers to get access to a web site service.
Identity Provider (IdP)A third party that uses identity and/or authentication information about the data subject for access management. 
MinimumA Receipt will contain the purposes to which is consented toThe links to all policies that inform the consent and the contact information of the data controller.
Operational Context of ConsentThe list of legal (best practice) requirements for notice for consent in the jurisdiction and context in which the consent is given.This includes jurisdiction requirements as well as the contextual elements to the method of consent capture
Personally Identifiable Information (PII)Any information that (a) can be used to identify the Data Subject to whom such information relates, or (b) is or might be directly or indirectly linked to a Data Subject. 
Sensitive Personally Identifiable Information (SPII)This a flag in the consent receipt that is used for what is legally defined as sensitive and protected data, this varies from jurisdiction to jurisdiction. For this type of data explicit consent is required and a consent receipt extension is needed for this functionality.Include health, financial, children’s data, sexual data, political/religious data, surveillance data, (note I think this should include participation in identifying SPII
Info

NOTE: There are many different legal meaning of PII or Personally Identifiable Information across jurisdicions, courts and companies. In IDESG, we removed "identifiable" so that Personal Information was the term and we could specify it, without competing or confusing these other meanings. We could consider that here. -- mary

...

References and Further Reading

...