Transparency Trust Metrics

Editors: Sharon Polsky, Mark Lizar

ContributorsChair: Sal D’Agostino

Abstract:

At the present time, when online services are involved, Individuals have no way of seeing or knowing who is in control of collecting, using, processing, or disclosing their personal information before the collection, use, processing, or disclosure takes place. Individuals are powerless to resist or object to the one-size-fits-all contracts presented on websites that are called ‘terms and conditions’, ‘user licenses’, ‘privacy policies’ or ‘data sharing agreements’, that do not implement privacy people expect.

No mechanism is currently available for Individuals to assert authority in advance of disclosing their personal information; and no way for them to determine, control, or negotiate the conditions or sources under which data about them may be processed, used, managed, or associated with other data consent.

Lack of transparency and consent defaults prevent Individuals from knowing or seeing (therefore trusting or controlling) when digital identifiers and related metadata about themselves are created, used, or disclosed, for additional purposes

Systemically prohibiting interaction, access and participation required for individuals to see how information about themselves is used, when, by whom, and for what purposes.

Enabling individuals to see how information about themselves is used, when, by whom, and for what purposes, requires a standardized transparency mechanism as a way to provide data governance that scales when decentralized.

The Anchored Notice and Consent Record implements a standard of transparency to enable Individuals to see if PII about them is being used in ways that are private and whether, when, where, and to whom it is disclosed — locally, domestically, or internationally.

The ability to direct and control the collection, use and disclosure of information about themselves is essential for Individuals to have technical capacity to trust the management of surveillance, personal identity, and advanced digital data analysis technologies.

The ANCR specification provides a mechanism to implement legal and technical standards for transparency that supersede ‘terms and conditions’, ‘user licenses’, ‘privacy policies’ and ‘data sharing agreements’. Specifying an active technical object for managing the rules of data and its consented exchange.

NOTES TO READER

This Kantara Initiative work effort began when Liberty Alliance became the Kantara Initiative, and the Consent and Information Sharing Working Group formally began in 2015. That Working Group’s activities carried on through the ANCR Working Group.

In this specification and proposed standard the term “PII Principal” is used interchangeably with Data Subject and “Individual”.

IPR Option:

This ANCR Record Specification is available for use for public benefit licensing @0PN C.I.C and the open schema available @Human Colossus, and is specified under a Reasonable and Non‑Discriminatory (RAND) agreement at the Kantara Initiative for submission to ISO/IEC SC 27 WG 5

Published for use as public infrastructure through code of conduct and practice in industry and trade certification bodies.

Patent & Copyright: Reciprocal Royalty Free with Opt-out to Reasonable and Nondiscriminatory (RAND)

Suggested Citation: (upon WG approval)

ANCR Specification v0.9

NOTICE

This document has been prepared by Participants of Kantara Initiative Inc. Permission is hereby granted to use the document solely for the purpose of implementing the Specification. No rights are granted to prepare derivative works of this Specification. Entities seeking permission to reproduce this document, in whole or in part, for other uses must contact the Kantara Initiative to determine whether an appropriate license for such use is available.

Implementation or use of certain elements of this document may require licenses under third party intellectual property rights, including without limitation, patent rights. The Participants and any other contributors to the Specification are not and shall not be held responsible in any manner for identifying or failing to identify any or all such third-party intellectual property rights. This Specification is provided "AS IS," and no Participant in Kantara Initiative makes any warranty of any kind, expressed or implied, including any implied warranties of merchantability, non-infringement of third-party intellectual property rights, or fitness for a particular purpose. Implementers of this Specification are advised to review Kantara Initiative’s website (http://www.kantarainitiative.org ) for information concerning any Necessary Claims Disclosure Notices that have been received by the Kantara Initiative Board of Directors.

Dear reader,

Thank you for downloading this publication prepared by the international community of experts that comprise the Kantara Initiative. Kantara is a global non-profit ‘commons’ dedicated to improving trustworthy use of digital identity and personal data through innovation, standardization and good practice.

Kantara is known around the world for incubating innovative concepts, operating Trust Frameworks to assure digital identity and privacy service providers, and developing community-led best practices and specifications. Its efforts are acknowledged by OECD ITAC, UNCITRAL, ISO SC27, other consortia and governments around the world. 'Nurture, Develop, Operate' captures the rhythm of Kantara in consolidating an inclusive, equitable digital economy offering value and benefit to all.

Every publication, in every domain, is capable of improvement. Kantara welcomes and values your contribution through membership, sponsorship and active participation in the working group that produced this and participation in all our endeavors so that Kantara can reflect its value back to you and your organization.

...

Copyright: The content of this document is copyright of Kantara Initiative, Inc.
© 2022 Kantara Initiative, Inc.

Introduction

This section describes the creation and use of an ISO/IEC 29100 for processing (personal) data and to illustrate the use of ISO/IEC 29184 controls to assess performance of this record. The associated notice controller credential and its associated record is regulated with international privacy laws, principals and standards, As a result of the record’s basis on the ISO/IEC 29100 Security and Privacy Framework the record and associated data fields provide a globally binding and standardized governance framework for creating records. Importantly it provides the transparency legally required for trustworthy ‘consented data access’, for adequate data transfers internationally; and can also provide an opportunity to implement a low-cost digital (twin) record and receipt mechanism. The use of the associated notices, receipts and records dramatically improve the security of personal data control, significantly increasing transparency and as a result greatly improves the scale and effectiveness of cyber physical security and digital privacy.

This specification is a contribution for extending the work and interoperability of ISO/IEC SC27 WG5,  29100 privacy and security framework, that results in a standardized record processing format for generating notice records and consent receipts.

The Notice Record specified here provides, importantly, operational transparency with the use of the controls in ISO/IEC 29184 Online Privacy Notices and Consent and evidenced with anchored notice and consent receipts. [ISO/IEC 29184, Appendix B]

Why was this specification written?

An internationally standardized notice controller credential provides people with digital transparency over who controls personal data in context. It provides a public (open) format for a PII Principal to generate records independently of the PII Controller, and to hold, control and manage, separately from the PII Controller, and for the PII Principal to withdraw consent by context for multiple services efficiently (at the same time). The specification uses standards to capture, and measure the performance of PII Controllers’ transparency, digital security and active state of digital privacy throughout the life-cycle of the use of (digital) services.

Why Digital Transparency?

Standardized digital notice is a steppingstone to digital privacy and is required to scale human to system (electronic) consent online. A record that is provided by default using standard digital identifier governance defaults, designed for self-sovereign/human centric transparency and interoperability, between people and systems.

The notice record information structure is specified in this document with ISO/IEC 29100 Security and privacy techniques framework, which is a free and public standard. ISO/IEC 29100 is used in this specification to measure the performance of transparency using the controls, and consent notice receipt, specified in ISO/IEC 29184.

What should you expect to find in this document?

This ANCR WG Transparency Performance Indicator’s specifications assess the digital privacy transparency of online services.

The capture is with an ANCR Notice Record, the record is captured using ISO/IEC 29100 Security and Privacy (international framework). It’s captured can be compared agains the ISO/IEC 29184 Online privacy notice and consent receipt standard format, controls and conditions, to demonstrate conformance, and is mapped to CoE 108 + and the GDPR in the Notice Record Framework.

Transparency Performance Indicator’s (TPI’s) provide a human and consent centric digital privacy transparency framework, that people can use tp see and understand who and how, their personal information and identity is controlled.

TPI’s are generated through the capture of a notice, and its assessment for the time of notice presentation(1) in relations to first data capture, the contents of the notification (2), the accessibility of the notice access for use (3), and the digital trust/security of the notice (4), all of which are required for digital privacy interoperability utilizing a standard concentric notice transparency framework, whereby proof of notice and evidence of consent is required for permissions to process and disclose personal and identifying digital identifier’s.

These (aforementioned 4) transparency performance indicators (TPIs) are used together to automate a digital privacy transparency performance baseline, The notice records created through interaction with standardized online notifications demonstrate next generation digital privacy.

The indicators and associated report utilize a standard information structure, notice and consent record format, and controls for digital privacy rules and regulations and their performance measurement.

Transparency Performance Indicators

There are 4 TPI’s that are used to asses public service data at an assurance level 0 (self asserted) of 4 privacy assurance levels identified in the ANCR Framework. (ref)

These 4 indicators are bundled together as analogue assessment type, which people can do quickly to understand the transparency state, and that can then be used to measure how dynamic the performance of transparency is, for higher interoperability assurance levels.

1. TPI for when Notice is Provided vs when data is collected

2. TPI for transparency over required PII Controller digital identity and privacy access contact point

3. TPI for how accessible the transparency is (transparency of digital transparency)

4. TPI for digital privacy security verification

Image Removed

The first TPI is to capture if a PII Principal is notified before data is collected, the 2nd and 3rd TPI performance indicators measure the transparency of the ‘provided’ PII Controller Identity information.

This is required to measure how accessible the PII Controller Identity and privacy information is, before or at the time of data processing, which is a condition of governance adequacy and privacy compliance for all digital identifier-based processing activities, used to develop data profiles. An ANCR Record of data processing activity in this way provides evidence to demonstrate security and privacy compliance.

Once the capacity for the active state of digital privacy is ascertained, the fourth performance indicator is used to verify the cybersecurity certificate (or token key) to see if the security matches digital privacy information.

TPI 1: Timing of Notice vs Data Collection Transparency

TP1 requires monitoring the technical end point to monitor if PII is captured in relation to when a notice is provided. Measuring the notice regulatory performance. .

TPI: 2 PII Controller: Required PII Controller Data Transparency

Assess if the required information for transparency over who is in control of notice is ‘provided’

The MUST fields identify elements that are required in legislation that MUST be present.

TPI 3: Transparency Accessibility

How accessible is the PII Controller and Privacy Contact information?

For example, in the context of a website or a mobile device, how difficult was it to access the ‘provided’ information. How many clicks, or screens, away is the required information?

TPI 3–Example — Accessibility Measurement Rating

This transparency accessibility rating score of [1,0, -1 or –3] reflects the number of steps, screens, or clicks required to find the ‘provided’ information within a mobile application or webpage providing the client user interface.

...

Rating

...

Description

...

Instruction

...

+1

...

Controller identity is embedded as a credential linked to authoritative registries.

...

PII Controller credential is displayed, using a standard format with machine readable language and linked, for example, in an http header in a browser

...

0

...

PII Controller Identity prominently displayed on first view – prior to processing first page of viewing, the assessment question would be

...

PII Controller Identity or credential is provided in first notice

...

-1

...

Privacy signal Is not first presented – but is linked and one click and screen away

...

The Controller Identity, or screen with the Controller Identity is one screen and click away. For example, the privacy policy link in the footer of a webpage

...

- 3

...

Identity or credential is two or more screens of view away

...

PII Controller Identity is not accessible enough to be considered ‘provided’

TPI 4: Certificate (and/or Key) Security Transparency

This security performance indicator requires that the notice record session certificate is collected and used to check if the PII Controller Identity information is the same or linked to the controlling entity in the associated security certificate. For example, does the SSL (secure software layer) certificate identify the Controller, and is it secured for the DNS and localization expectation and corresponding jurisdictional information (a ZPN required digital security for privacy measure to implement the international governance interoperability with legal adequacy with eConsent)

Certificate status, and transparency performance, are used to establish session security prior to the collection, use and processing of PII. The security TPI is used to measure the certificate and or cryptographic keys for a specified organizational unit to corroborate and validate the PII Controller’s digital integrity.

...

Field Name

...

Field Description

...

Requirement: Must
Shall
May

...

Not Available

...

TPI 2

Rate: +1, 0, -1, -3,

...

Notice Location

...

Location the notice was read/observed

...

MUST

...

Present

...

+1

...

found

...

PII Controller Name

...

Name of presented organization

...

MUST

...

Present

...

0

...

Match

...

PII Controller Address

...

Physical organization Address

...

MUST

...

Present

...

0

...

Not match

...

Privacy Contact Point

...

Location/address of Contact Point

...

MUST

...

Present

...

1

...

Not match

...

Privacy Contact Method

...

Contact method for correspondence with PII Controller

...

MUST

...

Present

...

-1

...

No Match

...

Session key or Certificate

...

A certificate for monitored practice

...

MUST

...

Present (or Not-found)

...

1 (or –3 )

...

Contributors:

IPR Option:

The Transparency Performance Indicator Specification is for use for public benefit and is specified under a Patent & Copyright: Reciprocal Royalty Free with Opt-out to Reasonable and Nondiscriminatory (RAND) license from the Kantara Initiative.

Suggested Citation: (upon WG approval)

ANCR Specification v0.8

NOTICE

This document has been prepared by participants of Kantara Initiative Inc. Permission is hereby granted to use the document solely for the purpose of implementing the Specification. No rights are granted to prepare derivative works of this Specification. Entities seeking permission to reproduce this document, in whole or in part, for other uses must contact the Kantara Initiative to determine whether an appropriate license for such use is available.

Implementation or use of certain elements of this document may require licenses under third party intellectual property rights, including without limitation, patent rights. The Participants and any other contributors to the Specification are not and shall not be held responsible in any manner for identifying or failing to identify any or all such third-party intellectual property rights. This Specification is provided "AS IS," and no Participant in Kantara Initiative makes any warranty of any kind, expressed or implied, including any implied warranties of merchantability, non-infringement of third-party intellectual property rights, or fitness for a particular purpose. Implementers of this Specification are advised to review Kantara Initiative’s website (http://www.kantarainitiative.org ) for information concerning any Necessary Claims Disclosure Notices that have been received by the Kantara Initiative Board of Directors.

Dear reader,

Thank you for downloading this publication prepared by the international community of experts that comprise the Kantara Initiative. Kantara is a global non-profit ‘commons’ dedicated to improving trustworthy use of digital identity and personal data through innovation, standardization and good practice.

Kantara is known around the world for incubating innovative concepts, operating Trust Frameworks to assure digital identity and privacy service providers, and developing community-led best practices and specifications. Its efforts are acknowledged by OECD ITAC, UNCITRAL, ISO SC27, other consortia and governments around the world. 'Nurture, Develop, Operate' captures the rhythm of Kantara in consolidating an inclusive, equitable digital economy offering value and benefit to all.

Every publication, in every domain, is capable of improvement. Kantara welcomes and values your contribution through membership, sponsorship and active participation in the working group that produced this and participation in all our endeavours so that Kantara can reflect its value back to you and your organisation.

...

Copyright: The content of this document is copyright of Kantara Initiative, Inc.
© 2022 Kantara Initiative, Inc.

Introduction

Transparency Performance Indicator’s (TPI’s) measures digital services and operators in a way that provides people with indicators of trustworthiness and risk, ideally before any surveillance, tracking or data/token exchange takes place.

The TPI’s in this document measure the public performance of transparency and accountability in online services, referred to as Level of Transparency Assurance level 0. It is Level 0 because it is public and unverified. Levels of assurance increase through verification, active monitoring, and conformance profiles.

These TPI’s are designed to quickly assess the operational transparency capacity by measuring the performance of publicly required digital service information. The TPIs check digital components of authority and security assess and assure the validity of privacy.

Work pre-ceding these TPI’s developed a consent receipt, which is a record that can be used to capture the state of, or before a session, the surveillance context, and whether notice was provided before the technical session is established, at the time of, or after, to capture the providence of whether consent is implied or expressed dynamically.

There is no assessment of the capability of he use of consent receipts, brought by the service user to provide source, and session history. But there is in law, implied and expressed, consent states, which are commonly inferred in digital privacy and security contexts.

Most assessment for conformance of privacy information or services are mapped to analogue legal requirements which measure response times in days, out of technical context.  TPI’s all measure how dynamic privacy service information is, and include in the rating system a value which is indicated as a +1. As a result, TPI’s include a Dynamic, in context performance indicator, for active state notice and privacy controls.

TPI’s are recorded in an ANCR Notice Record Format, fully filled in, useable as a Controller Notice Receipt Credential. This is used to generate a Directed, explicit or Altruistic Consent Receipt.[1] This specification introduces a standardised record format for the capture of attributes that are required by law for the legal and trustworthy processing of personal identifiers.

The format is defined with the ISO/IEC 29100 security and privacy techniques framework. This format is used to collect identifier and session based attributes, notice, notification, and disclosure text mapped directly to the analogue (brick and mortar) legal requirements. We present here TPI in the context of

The Notice Record format can also be used to measure conformance with the ISO/IEC 29184 Online privacy notice and consent standard (2020), in which, the Consent Notice Receipt is provided in Annex B.

The use of the associated notices, receipts and records dramatically improve the security of personal data control, significantly increasing transparency, including importantly for the individual. It also greatly improves the scale and effectiveness of cyber physical security and digital privacy through the decentralized authority inherent in the Notice Record.

This specification is offered as a contribution to the ISO/IEC SC27 WG5 body of work, as it extends the ISO/IEC 29100 privacy and security framework into operational transparency applications.

The Notice Record, generated from TPI’s, enables operational ‘online’ transparency by the use of the controls in ISO/IEC 29184. This can be further evidenced with an anchored notice and mirrored (digitally twinned) notice consent receipts [ again ISO/IEC 29184, Appendix B], again generated from a TPI Notice Record.

Why was this specification written?

TPI’s aim to help standardize digital transparency and dramatically improve the safety, security, and usability of digital transparency for people. It does so by providing a set of metrics to quickly assess if and how digital privacy is operating at the moment.

Currently, there is no way for people to see who is tracking them and how digitally exposed people are in context. Data control, access, and privacy rights requests and response time, TPI’s indicate if the digital information provided upon contact with a digital service is capable of meeting this basic requirement and capable of dynamic data access and controls.

Digital transparency around why, who, and where behind a data request is as important as security and privacy of identifiers and attributes. Without standardized digital transparency it is difficult if not impossible to make decisions about the creation and subsequent necessary, tracking and monitoring of personal data and digital identifiers.

The TPIs are a step to where people have the insights to exercise access controls, and to use rights to create and control their own records of digital of identity relationships, in a meaningful or operational manner.

Why Transparency Performance Indicator’s?

TPI's provide a way to quickly see what digital privacy and/or security measures are in place, and in line with human, legal and analogue requirements for the human in context of operating a digital service.

TPI’s capture the digital identifiers and meta data to measure the performance of digital transparency for conformance to standards, compliance to regulations, and for self-sovereign assessment

business, operational, legal, technical, and social dimensions and considerations. Through the implementation and capture of records for legal proof of notice (share knowledge and understanding), the TPI’s set the stage (allow to follow in the workflow) for digital consent with a receipts. These receipts can then be used by people to provide their own evidence of notice and records.

4 TPI’s in this document specify the capture of notification meta-data and measure its performance for digital consent.

human readable digital representations of physical/human requirements for digital transparency, and when required digital consent as well as other justifications or requirements for processing.

The TPI’s presented are captured in a Notice Record, then assessed for conformance

{note: this is out of scope} provide provide a record, that can then be used to “anchor” the digital identity relationship with the organization, creating a basis and foundation for higher levels of digital transparency assurance. [2]

What should you expect to find in this document?

The 4 TPI’s specified here focus on the first / initial point of contact, and the transparency for public accessible digital services. This is publicly required information to provided, without requiring identification, authentication or authorization.

TPI Indicators here are for Digital Transparency, Level of Transparency Assurance 0. [Ref-DTL’s]

The TPI’s here are used to assess session based data capture and self asserted information by organizations.

TPI 1 - Measuring the Timing of Notice:

This TPI captures when the Controller's legal entity and accountable Privacy Officer (digital identifiers) provide notice; Before, At the time of, or After personal data is captured. This captures if dynamic transparency is available systematically and when. It provides a way for an individual to assess if they can trust a service or not, independently of the service provider.

Note: This is the most common legislated privacy element in the world, required in all privacy legislation and instruments. (ISTPA 2007)

TPI 2 - Measures Required Data Elements

This TPI capatures data elements required for all data processing (except when legally regulated otherwise [3] derogation). In “all” cases a Notice of who is processing your data, who is a accountable and the privacy contact information for access to personal information must be provided.

Notice of who is processing your data is required for all legal justifications for processing personal data in privacy law, as well as a fundamental security requirement, to identify the legal entity, in some cases including all beneficial owners, and the accountable person(s).

TPI 3 - Measure of Transparency Accessibility

This TPI measures the performance of transparency accessibility by capturing how the availability of the required information in TPI 2. For example, is the information presented in a pop-up notice, or is it required to click a link, e.g. to a standard transparency/privacy policy, is it the first screen or is it at a the bottom of a multi-screen display (with links not highlighted).

TPI 4 - Measures security information integrity

This TPI captures the (Secure Socket Layer/Transport Layer Security) SSL/TLS (e.g. 1.3) certificate or security keys (e.g. JOSE) to compare its meta-data against the required information in TPI 2. This is very much along the lines of Certificate Transparency but looking specifically at whether the policies cover the Notice, e.g. does the SSL certificate Organization Unit field and Jurisdiction fields match the captured legal entity information, how does the policy and jurisdiction here related to other beneficial entities. Importantly does this align with the policy expectations of the person.

TPI Metrics

move for intro text

TPI’s are captured in sequence;

1. TPI measuring the point when the individual is notified versus when personal information/digital identifiers are collected and processed. Capturing the timing of notice presentation in relation to first data capture

2. TPI measuring the contents of the notification for required PII Controller digital attributes that correspond to the physical brick and mortar attributes specified in privacy, security, safety and surveillance legislation. This is the Controller identity and entity information and access point

3.TPI for how accessible the transparency is (transparency of digital transparency)and the accessibility of the notice access for use

4.TPI validating the cybersecurity information versus the digital transparency information capturing the SSL certificate or keys and its associated meta-data.

Combined, these TPI’s provide an overall Indication of the operational state of digital privacy.

TPI Methodologies

Timing of Notice vs Data Collection Transparency

TP1 requires monitoring the technical end point to see if PII is captured in relation to when a notice is provided. This measures the notice regulatory performance against legal and human usability requirements.

PII Controller Digital Attribute Transparency

Assess if the required information for transparency over who is in control of notice is ‘provided’

The MUST fields identify elements that are required in legislation that MUST be present.

Transparency Accessibility

How accessible is the PII Controller and Privacy Contact information?

For example, in the context of a website or a mobile device, how difficult was it to access the ‘provided’ information. How many clicks, or screens, away is the required information?

Example — Accessibility Measurement Rating

This transparency accessibility rating score of [1,0, -1 or –3] reflects the number of steps, screens, or clicks required to find the ‘provided’ information within a mobile application or webpage providing the client user interface.

Security Validation Certificate (and/or Key) Security Transparency

This security performance indicator requires that the session security layer certificate or key information to be collected and then compared against the information in the Notice Record to validate the integrity of the security necessary for digital privacy.

This checks if the PII Controller identity information is the same or linked to the controlling entity in the associated security certificate. For example, does the SSL certificate identify the Controller, and is it secured for the DNS and localization expectation and corresponding jurisdictional information. This provides required digital security for privacy, measured for governance accountability and interoperability with legal adequacy with for eConsent (electronic or digital consent).

Certificate status, and transparency performance, are used to establish session security prior to the collection, use and processing of PII. The security TPI also measures the certificate and or cryptographic keys for a specified organizational unit to corroborate and validate the PII Controller’s digital integrity.

Table 1: Transparency Performance Rating

The TPI Rating system is designed to measure the operational performance of the information provided to be transparent. This rating is unique as it allows for an assurance levels that account for pre-assured and dynamically assured notice and notification information. A technical Requirement for secondary consent, referring to consent as a second (or additional) legal justification for processing personal data.

TPI Instruction and Guidance

The TPI Rating system is designed to measure the performance of the Controller digital identity and security session information, for example if only a mailing address is provided for a privacy contact, on a website, this is considered non-operable according to the context. This means that privacy access and specific information is not retrievable in the context of data collection. Demonstrating access to non-data governance which is not proportionate or reciprocal in context.

Table 2: TPI Schema

Table 3 : Transparency Performance Indicator Record Rating Example

Summary

In summary, Transparency Performance Indicators, TPI’s are specified here for people to use depending on context, location, security, and other out of session elements. TPI’s are used to determine with one's own soverign reasoning whether to trust a service, not an external framing, opinion or forced default.

These TPI’s use open standards, with an open license specified for people to be able to use and create records they can own and keep across and independently of service providers.

TPI 1 is a measure of transparency which indicates if you know who is capturing and processing your data before, during or after your personal information is processed. Referred to as operational transparency, in that it enables the Individual to see, and depending on the context make your own choice, as to wether or not to trust that behaviour.
Over whelmingly people indicate trust would be higher. if notified prior to data capture, which only makes sense.

TPI 2 is the legally required information, is it present, and then used as a, generally available, standardized, and open metric for compliance.

TPI 3 is an indicator for how accessible and inclusive is digital transparency.

TPI 4 validates for the individual if security “adds up” for the them and in doing so addresses a critical security gap widely overlooked today.

Roadmap

References

Appendix A: Notice Record Schema

In this appendix, here is a notice record template to fill out when recording a rating, along with a rating template, and analysis results format.

Notice Record Schema & , Notice Record and Report - Template and Example

1.2.    TABLE1: NOTICE RECORD SCHEMA

Endnotes

¹ Lizar, M, Pandit, H, Jesus, V, “Privacy as expected Consent Gateway”, Next Generation Internet (NGI) Grant [Access July 4] privacy-as-expected.org/