Dear Members of JTC 1/SC27/WG 5 - WG Mirror Committee: Introducing the Transparency Performance Scheme
...
The ANCR WG contributed to the last JTC 1/SC27/WG5 meeting a number of items:
ISO/IEC 27568 Security and privacy in Digital Twin - PWI ANCR Report Submitted
ISO/IEC 27091 Security and privacy in Generative AI - A use case for ethics and AI Governance Digital Privacy and Ethic Governance of generative AI
ISO/IEC 27566-2 Benchmarking Age Assurance Systems -ANCR Post
Attached here is the report presented in the 27568 sessions, and this be found here,
| View file | ||
|---|---|---|
|
...
Consent by design is enabled by using a PII Controller Notice Credential to decentralised the records, with a receipt. In that individual is provided with a receipt in order to mitigate the liability and risk in data processing. In the common context a digital transparency receipt is provided when engaging with any type of sign or notice, This specifies for a notice/sign enhancement for an inclusive record and receipt provisioning practice, that is a called a two factor notice (2FN). A 2FN uses an overlay capture architecture when interacting with a notice, notification and disclosure, to create a consent receipt, which can be used with consent to interact with the service autonomously.
In Summary
We submit the ANCR WG specifications as Consent by Design for Privacy by Default systems, which can be used to secure individual privacy, dramatically reduce risks, enable the dynamic transfer of liability with authentication from consent.
...
To address Generative AI risks of deep fake, as well as assurance against mis-information the consent receipt is produced with a registered controller record, (a digital trust registry) and is registered in order to secure the accountability, providence and transparency of personal identifiable information processing
ANCR Work Group Presentation
0PN-DTL - ANCR Transparency Record Framework - Global Age Assurance April 13 2024 Manchester, UK
...
Introduces Standard Digital Privacy Transparency (SDPT) which is a standard PII Controller notice record and consent receipt practice for data governance. In the 0PN digital identity model security and privacy is digitally twinned (like in banking) and introudess a digital privacy framework where all data processing is recorded, logged and linked to a receipt which the individual keeps in their digital wallet.
Global Age Assurance Conference Presentation April 11
or here