Spec for ANCR Record - For Security
- here is a record for identifying if there is enough security for privacy
- who is the controller,
- what are the applicable laws, and rights
- and how are these accessed.
Here are fieilds
- to create this security audit record, including locations of people and processing sufficient to provide jurisdiction
PASP - Privacy Access Service Point - defines digital service contact point and information for proportionate access to rights information
- there are different performance levels for privacy information access and rights which is captured in this assessment,
- Performance
- if online and access is provided with a PASP which is an api access fore in conxt privacy then privacy information and controls can be dynamic
- this field has dynamic,
- out-of-band,
- static
- Access Conformance
- access to information in the information according to context
- linked data -
- access to information in the information according to context
- if online and access is provided with a PASP which is an api access fore in conxt privacy then privacy information and controls can be dynamic
- Confromance
- a) if using standards, information access has a higher level of transparency
- a person,
- self-service
- bot
- mailbox
- answering machine
- a) if using standards, information access has a higher level of transparency
- Performance
Consent Type Defaults
Consent Types refers to the context of Notice which covers the array of concentric engagement points in which humans provide permissions to generate digital identifiers.
Normally a static permission, or more frequently an online interaction context in which a relationship to consent is inferred or expressed in some manner.
- Other: Not Consent,
- delegated
- Implied
- implicit
- expressed
- explicit
- directed
- altruistic
****
Here is how to use it →
Audit / use for conformance
Objective
This ANCR Record specification provides a methodology to audit a notice and to produce a consent receipta Notice Record for generating a Consent Receipt. The objective of this documents is to
- Provide a set of instructions for recording a notice and its purpose specification in order to capture the consent in a consent(ric) record information structure derived for a Consent Receipt (ref)
- To then compare the conformance of the record with a control from ISO/IEC 29183 (a set of rules or regulations referred to here as a code of practice.set by regulations for notice & consent transparency)
Methodology
This method describes, how to audit a notice to generate an ANCR- Notice Record using ISO/IEC 29100 derived receipt format, which is now published in the ISO/IEC 29184 Annex D,
...
New Field - name, description, reference
PISP - Privacy Information Service Point - further define contact information
- there are different performance levels for privacy information access and rights which is captured in this assessment,
- Performance
- if online and access is provided with a PISP which is an api access fore in conxt privacy then privacy information and controls can be dynamic
- this field has dynamic,
- out-of-band,
- static
- Access Conformance
- access to information in the information according to context
- linked data -
- access to information in the information according to context
- if online and access is provided with a PISP which is an api access fore in conxt privacy then privacy information and controls can be dynamic
- Confromance
- a) if using standards, information access has a higher level of transparency
- a person,
- self-service
- bot
- mailbox
- answering machine
- a) if using standards, information access has a higher level of transparency
- b)
- Performance
Consent Type
*****************
Field Glossary
(Note: all terms refer to ISO/IEC 29100 and ISO/IEC 29184, Kantara Consent Receipt, adopted for - for terms, unless they are specified here to further extend terms or definitions in a more granular manner,
Consent Types refers to the context of wether there is a notice which specifies the legal justification, or wether a consent type is inferred and used to specify the permissions for processing with digital identifiers.
...
,
...
...
This refers to the initial state or context of processing, and data's subject knowledge and or expectation, prior to the notice or notification.
...
- Notice Information Layers
- ISO/IEC References for Notice
- ISO 29184
- Notice Signal
- Privacy as Expected Consent Gateway - a project to produce a privacy notice signal in this work group
- Notice pop-up
- notice statement
- notice privacy overview
- notice privacy policy
- notice policy clause
- ISO/IEC References for Notice
Instructions
- Read a notice
- capture the name of the notice provider and enter this into the PII Controller field
- collect down the PII Controller Address
- collect contact information
- what type - use appendix to indicate dynamic, out-of band, static, in person active
- collect link to privacy policy
- collect any links to privacy access information
- Indicate in which concentric manner data has been
- Capture the legal justifications for processing
- Capture the Notice
- indicate what the expected consent type is prior to the notice
- indicate if personal identifiers are collected prior to presenting the notice
- Indicate the legal justification from the 6 categories -
- indicate the personal data is sensitive
- capture purpose description
- capture the authorization scope
- frequency
- duration
...
Q's to add to instructions
- is the notice linked
- is their there a notice of risk and harms risks or possible harms?
- is there a privacy information service point / api for dynamic data controls?
...
Field Name | Type | PII(Y) | Field Label | Description | Required/Optional |
version | string | Schema Version | The version of specification used to which the receipt conforms. To refer to this version of the specification, the string "v1" or the IRI "https://w3id.org/OPN/v1" should be used. | Required | |
profile | string | OPN Privacy Profile URI | Link to the controller's profile in its registry. | Required | |
Notice ReceiptLocation | string Array | Type of Notice ReceiptRecord | Label Notice Receipt | Required | |
id | string | Receipt ID | A unique number for each Notice Receipt. SHOULD use UUID-4 [RFC 4122]. | Required | |
timestamp | integer | Timestamp | Date and time of when the notice was generated and provided. The JSON value MUST be expressed as the number of seconds since 1970-01-01 00:00:00 GMT (Unix epoch). | Required | |
key | string | Signing Key | The Controller’s profile public key. Used to sign notice icons, receipts and policies for higher assurance. | Optional | |
language | string | Language | Language in which the consent was obtained. MUST use ISO 639-1:2002 [ISO 639] if this field is used. Default is 'EN'. | Required | |
controllerID | string | Controller Identity | The identity (legal name) of the controller. | Required | |
Controller Address | |||||
jurisdiction | string | Legal Jurisdiction | The jurisdiction(s) applicable to this notice | Required | |
controllerContact | string | Controller Contact | Contact name of the Controller. Contact could be a telephone number or an email address or a twitter handle. | Required | |
notice | string | Link to Notice | Link to the notice the receipt is for | Optional | |
policy | string | Link to Policy | Link to the policies relevant to this notice e.g. privacy policy active at the time notice was provided | Required | |
context | string | Context | Method of notice presentation, sign, website pop-up etc | Optional | |
Receipt Type | The human understandable label for a record or receipt for data processing. This is used to extend the schema with profile for the type of legal processing - and is Used to identify data privacy rights and controls | ||||
PASP | array | Privacy access service points of contact and access, email, ph, etc. - or PaeCG signal
| |||
Consent Type | |||||
Payload | Notice Text | Accountable Person Role |
****
(To be Moved Later) Case Study: privacy cafe
- Privacy Cafe Narrative
- Scenario 1 imagine - first time to a privacy cafe
- new country, differ different language, different types of coffee, different currency, different technology, different measures, different indegrediants ingrediants eg. type of sugar, cream, milk and cup size measures
- Scenario 2 - a known regular at a privacy cafe close to your home or work
- the user experience with high level of consentconsensus
- Scenario 3 - Digitally Twinning both scenarios for governance online- Digital Twin - Transparency - creating a record and providing receipts
- withdraw consent
- access to use surveillance
- getting a report on audit to see who benefits from personal data in the cafe, out of the cafe
- audit of the providence of authority
- Scenario 1 imagine - first time to a privacy cafe
- Main functionality point is focused on how dynamic and operational privacy performance is, in proprotion proportion to the surveillance this transfers liability, and data processing surveillance.
- capacity for the notice to transfer liability for data processing and access to privacy to enable people with controls to mitigate risk
- difference between Permission permission for a purpose, or permission for a data base field - field
- having to go into each service and change or withdraw permission -
- or pressing one button to withdraw consent, for many services
- For Example the Priavcy Cafe The Priavcy Cafe Experience
- Human XU - physical governance defaults - Notice for this notice of (expected) defaults
- in this context - there can be consent
- Using the video surveillance in (or public camera outside) a privacy cafe to make a police report report, without the need for an information request
- Privacy Cafe , making the session cookie for the web server - cookie (session cookies available to visitors)
- Human XU - physical governance defaults - Notice for this notice of (expected) defaults
Identity Governance Findings
...