Spec for ANCR Record - For Security
- here is a record for identifying if there is enough security for privacy
- who is the controller,
- what are the applicable laws, and rights
- and how are these accessed.
Here are fieilds
- to create this security audit record, including locations of people and processing sufficient to provide jurisdiction
PASP - Privacy Access Service Point - defines digital service contact point and information for proportionate access to rights information
- there are different performance levels for privacy information access and rights which is captured in this assessment,
- Performance
- if online and access is provided with a PASP which is an api access fore in conxt privacy then privacy information and controls can be dynamic
- this field has dynamic,
- out-of-band,
- static
- Access Conformance
- access to information in the information according to context
- linked data -
- access to information in the information according to context
- if online and access is provided with a PASP which is an api access fore in conxt privacy then privacy information and controls can be dynamic
- Confromance
- a) if using standards, information access has a higher level of transparency
- a person,
- self-service
- bot
- mailbox
- answering machine
- a) if using standards, information access has a higher level of transparency
- Performance
Consent Type Defaults
Consent Types refers to the context of Notice which covers the array of concentric engagement points in which humans provide permissions to generate digital identifiers.
Normally a static permission, or more frequently an online interaction context in which a relationship to consent is inferred or expressed in some manner.
- Other: Not Consent,
- delegated
- Implied
- implicit
- expressed
- explicit
- directed
- altruistic
****
Here is how to use it →
Audit / use for conformance
Objective
This ANCR Record specification provides a methodology to audit a notice to produce a notice record and a consent(ric) receiptNotice Record for generating a Consent Receipt. The objective of this documents is to
- Provide a set of instructions for recording a notice and its purpose in a standard consent(ric) record information structure derived for a Consent Receipt (ref)
- To then compare the conformance of the record with a control from ISO/IEC 29183 (as an example a set of rules for regulations and code of practiceset by regulations for notice & consent transparency)
Methodology
This method describes, how to audit a notice to generate an ANCR- Notice Record using ISO/IEC 29100 derived receipt format, which is now published in the ISO/IEC 29184 Annex D,
...
New Field - name, description, reference
PISP - Privacy Information Service Point - further define contact information
- there are different performance levels for privacy information access and rights which is captured in this assessment,
- Performance
- if online and access is provided with a PISP which is an api access fore in conxt privacy then privacy information and controls can be dynamic
- this field has dynamic,
- out-of-band,
- static
- Access Conformance
- access to information in the information according to context
- linked data -
- access to information in the information according to context
- if online and access is provided with a PISP which is an api access fore in conxt privacy then privacy information and controls can be dynamic
- Confromance
- a) if using standards, information access has a higher level of transparency
- a person,
- self-service
- bot
- mailbox
- answering machine
- a) if using standards, information access has a higher level of transparency
- b)
- Performance
Consent Type
*****************
Field Glossary
(Note: all terms refer to ISO/IEC 29100 and ISO/IEC 29184, Kantara Consent Receipt, adopted for - for terms, unless they are specified here to further extend terms or definitions in a more granular manner,
Consent Types refers to the context of wether there is a notice which specifies the legal justification, or wether a consent type is inferred and used to specify the permissions for processing with digital identifiers.
- Other: Not Consent,
- delegated
- Implied
- implicit
- expressed
- explicit
- directed
- altruistic
This refers to the initial state or context of processing, and data's subject knowledge and or expectation, prior to the notice or notification.
...
Field Name | Type | PII(Y) | Field Label | Description | Required/Optional |
version | string | Schema Version | The version of specification used to which the receipt conforms. To refer to this version of the specification, the string "v1" or the IRI "https://w3id.org/OPN/v1" should be used. | Required | |
profile | string | Privacy Profile URI | Link to the controller's profile in its registry. | Required | |
Notice ReceiptLocation | string Array | Type of Notice ReceiptRecord | Label Notice Receipt | Required | |
id | string | Receipt ID | A unique number for each Notice Receipt. SHOULD use UUID-4 [RFC 4122]. | Required | |
timestamp | integer | Timestamp | Date and time of when the notice was generated and provided. The JSON value MUST be expressed as the number of seconds since 1970-01-01 00:00:00 GMT (Unix epoch). | Required | |
key | string | Signing Key | The Controller’s profile public key. Used to sign notice icons, receipts and policies for higher assurance. | Optional | |
language | string | Language | Language in which the consent was obtained. MUST use ISO 639-1:2002 [ISO 639] if this field is used. Default is 'EN'. | Required | |
controllerID | string | Controller Identity | The identity (legal name) of the controller. | Required | |
| Controller Address | |||||
jurisdiction | string | Legal Jurisdiction | The jurisdiction(s) applicable to this notice | Required | |
controllerContact | string | Controller Contact | Contact name of the Controller. Contact could be a telephone number or an email address or a twitter handle. | Required | |
notice | string | Link to Notice | Link to the notice the receipt is for | Optional | |
policy | string | Link to Policy | Link to the policies relevant to this notice e.g. privacy policy active at the time notice was provided | Required | |
context | string | Context | Method of notice presentation, sign, website pop-up etc | Optional | |
| Receipt Type | The human understandable label for a record or receipt for data processing. This is used to extend the schema with profile for the type of legal processing - and is Used to identify data privacy rights and controls | ||||
| PASP | array | Privacy access service points of contact and access, email, ph, etc. - or PaeCG signal
| |||
| Consent Type | |||||
| Payload | Notice Text | Accountable Person Role |
****
(To be Moved Later) Case Study: privacy cafe
- Privacy Cafe Narrative
- Scenario 1 imagine - first time to a privacy cafe
- new country, different language, different types of coffee, different currency, different technology, different measures, different ingrediants eg. type of sugar, cream, milk and cup size measures
- Scenario 2 - a known regular at a privacy cafe close to your home or work
- the user experience with high level of consensus
- Scenario 3 - Digital Twin - Transparency - creating a record and providing receipts
- withdraw consent
- access to use surveillance
- audit to see who benefits from personal data in the cafe, out of the cafe
- audit of the providence of authority
- Scenario 1 imagine - first time to a privacy cafe
- Main functionality point is focused on how dynamic and operational privacy performance is, in proportion to the data processing surveillance.
- capacity for the notice to transfer liability for data processing and access to privacy to enable people with controls to mitigate risk
- difference between permission for a purpose, or permission for a data base field
- having to go into each service and change or withdraw permission
- or pressing one button to withdraw consent, for many services
- The Priavcy Cafe Experience
- Human XU - physical governance defaults - notice of (expected) defaults
- in this context - there can be consent
- Using the video surveillance in (or public camera outside) a privacy cafe to make a police report, without the need for an information request
- Privacy Cafe cookie (session cookies available to visitors)
- Human XU - physical governance defaults - notice of (expected) defaults
...