Roll
Salvatore D'Agostino (Unlicensed)
Paul Knowlese
(quorate)
IPR
Notice Conformance Fields for Specifying ANCR Record Spec
Starting from Related work https://wiki.trustoverip.org/display/HOME/Privacy+Controller+Credential+Specification
...
- This audits a notice for information that is required if information is processed in a way that is processed digitally/remotely
Field Name | Type | PII(Y) | Field Label | Description | Required/Optional |
version | string | Schema Version | Required | ||
profile | string | OPN Privacy Profile URI | Link to the controller's profile in the OPN registry. | Required | |
Notice Receipt | string | Type of Notice Receipt | Label Notice Receipt | Required | |
id | string | Receipt ID | A unique number for each Notice Receipt. SHOULD use UUID-4 [RFC 4122]. | Required | |
timestamp | integer | Timestamp | Date and time of when the notice was generated and provided. The JSON value MUST be expressed as the number of seconds since 1970-01-01 00:00:00 GMT (Unix epoch). | Required | |
key | string | Signing Key | The Controller’s profile public key. Used to sign notice icons, receipts and policies for higher assurance. | Optional | |
language | string | Language | Language in which the consent was obtained. MUST use ISO 639-1:2002 [ISO 639] if this field is used. Default is 'EN'. | Required | |
controllerID | string | Controller Identity | The identity (legal name) of the controller. | Required | |
Controller Address | |||||
jurisdiction | string | Legal Jurisdiction | The jurisdiction(s) applicable to this notice | Required | |
controllerContact | string | Controller Contact | Contact name of the Controller. Contact could be a telephone number or an email address or a twitter handle. | Required | |
notice | string | Link to Notice | Link to the notice the receipt is for | Optional | |
policy | string | Link to Policy | Link to the policies relevant to this notice e.g. privacy policy active at the time notice was provided | Required | |
context | string | Context | Method of notice presentation, sign, website pop-up etc | Optional | |
Receipt Type | The human understandable label for a record or receipt for data processing. This is used to extend the schema with profile for the type of legal processing - and is Used to identify data privacy rights and controls | ||||
Notice Text | |||||
Accountable Person Role | |||||
TASKS
- Write ANCR Spec
- Things to do next
- mapping to ISO standards - can be done with an OCA - mapping overlay.
- Example Case Study for GNAP and OpenIDConnect
- Childrens Surveillance Sign for Classrooms - Recording for YouTube in school - etc. (audit the notice for eLearning, and use on YouTube)
- Read the sign the and collect the information and add to this form - made with OCA from these fields
- Name of the Controller
- research
- Childrens Surveillance Sign for Classrooms - Recording for YouTube in school - etc. (audit the notice for eLearning, and use on YouTube)
- Person interaction with ANCR Record (fields required for access to privacy rights)
- Rights
...