Kantara Initiative - Advanced Notice & Consent Receipt - ANCR-WG Charter
(1) WG NAME (and any acronym or abbreviation of the name):
Advanced Notice and ANCR WG (Anchored Notice & Consent Receipt Work GroupANCR WG )
[ Standardised Record Framework for Consent Receipts and their use as verified claims in identifier management protocol based technical token ]
(2) PURPOSE:
To provide a protocol and framework based on notice and consent that supports the use of records and receipts for decentralized authorization independent of identifier technology. To provide a specification for an anchor receipt for notice of purppose and context) and proof of that notice that supports this decentralized authorization (Auth C) by the principal and the controller/operator.
Collaborate with other Kantara, and community and standards groups in the adoption of the protocol and the anchor receipt.
(3) SCOPE:
...
Develop and contribute to standardised digital notice transparency in the 'digital commons', mandating the use of consensus protocol for specifying internationally interoperable data governance.
ANCR objective is to complete the Notice and Consent Receipt work with a conformance and compliance program. Contributing specifications according to this charter once incubated. Consent receipt derivative work is specified for (public accessible) ISO/IEC 29100 Security and privacy technique and the not open to access, ISO/IEC 29184 Online Notice and Consent Standard, where the Consent Notice Receipt Is published (Appendix B and Consent Standard). Demonstrating the Controller Notice record format that is used in the trust framework scheme.
This WG is chartered to specify for the digital commons, referring to the Council of Europe 108+, international privacy legal framework, to which the Consent Receipt v2. Consent Token Architecture and associated transparency conformance and compliance schemes are focused.
This works builds upon the Consent Receipt v1.1 and the ISO/IEC 27560 Consent Record Information Structure, which compliments it. Current request to ISO to make this open to access as well.
(3) SPECIFICATION COPE:
- Specify and Publish: ANCR Record Transparency Performance Scheme for Transparency Performance indicators, which can identify the digital transparency gaps, so they can be addressed.
- Specify and Contribute: ANCR Record Framework
- Specify and Contribute: AuthC Transparency Protocol for signalling authorisation with consent
- Innovate in accordance with Kantara Operating Procedures and promote a consent notice receipt (a receipt that is a notice of consent) as an international tool for human, legal and decentralized identity governance and interoperability.
Required to:
- To specify a human to technology Trust Anchored, governance framework and architecture,
- TO specify interoperable, inclusive record and receipt based governance, referring specifically to Conv 108+ Art 14- Transparency Modalities, Art 30 RoPA, and Art 88 - Logging.
- To specify royalty free, open access and open source digital transparency, transparency performance. Licesened for open governance and transparency signalling. Open and usable for generating and distributing notice receipts and decentralised consent records called tokens.
- To be Specified strictly to legal requirements and the listed standards, agnostic to digital identity protocols so as to be interoperable with identifier 'trust/security' frameworks.
- To ensure that the Record of Processing Activity (RoPA) are Transparency and trustworthy with a Notice Receipt as a mirrored record (digitally twinned) record architecture. The RoPA-T provides a notice receipt, that is used as a legal proof of Notice and knowledge that is inclusive. As a digital record owned and controlled by the individual) that an individual can trust and self verify, validate and assure and issue as a digital claim.
- To contribute this work to; Kantara Initiative Conformance and Assurance initiatives, ISO/IEC, SCC, IEEE, SCC, NIST, DIACC, W3C DPV, OIX, OpenID, Digital Governance Council of Canada; community and standards group for liaison, completion and implementation of data rights.
(4) DRAFT TECHNICAL SPECIFICATIONS: List Working Titles of draft Technical Specifications to be produced (if any), projected completion dates, and the Standards Setting OrganizationOrganisation(s) to which they will be submitted upon approval by the Membership.
Specifications in scope | Details | Dates | Contributed Towards |
|---|---|---|---|
Anchor Receipt (Conformance and Compliance Transparency Performance Scheme of Notice) |
| January 2022 - start of group, expected 6-month effort. |
|
| ANCR Record Framework | January 2023 | Contribution to Kantara ANCR: TPS Benchmarking Program | |
| ANCR Controller Notice to Notary Credential | in progress | DTL - 0PN CI-Trust framework program | |
| ANCR : Consent Receipt V2. Consent Token Record information Structure | Extension and completion of Consent receipt work contribution to Kantara by the Open Notice Project,. | DTL - 0PN CI-Trust framework program | |
| AuthC | DTL Contributing to ANCR | in progress | DTL - 0PN CI-Trust framework program |
| ANCR Consensus Protocol for | git based global digital stymergy | DTL - 0PN CI-Trust framework program | |
(5) DRAFT RECOMMENDATIONS: Other Draft Recommendations and projected completion dates for submission for All Member Ballot.
Name | Description | Link | Spec input summary | date reviewedNone |
Transparency Performance Conformity and Compliance Assessment Scheme 1, Part 1 and Part 2 | specifies 4 Transparency performance indicators, to produce a digital transparency record. |
(6) LEADERSHIP: Proposed WG Chair and Editor(s)
- Chairs & Secretary (initial)
- Chair - Sal D'Agostino
- Editor - Mark Lizar
- Secretary - tbdGigi Agassani
(7) AUDIENCE: Anticipated audience or users of the work includes
Regulators looking for technical controls to implement legal requirements that scale.
Trust Framework Providers,
Software developers, and product managers as a means of achieving interoperability across a wide range identity, security, and privacy of use cases. Developers of decentralized governance and next generation internet services.
Regulators looking for technical controls to implement legal requirements that scale.
For human Human beings, as the implementation of the notice and consent receipts provide an alternative/complement to terms and of services and privacy policies, and provides something that can be understood by people. This is in contrast to the current abuser experience, namely that privacy policies and terms of service address privacy concerns and provide safeguards of personal information.
Operators of Digital Privacy Operators, who are liable for identity, privacy, security, and consent systems in the real world.
...
(11) CONTRIBUTIONS (optional): A list of contributions that the proposers anticipate will be made to the WG.
Codes of conduct and practice that adopt this work and its licensing.
(12) PROPOSERS: Names, email addresses, and any constituent affiliations of at least the minimum set of proposers required to support forming the WG. At least 3 proposers must be listed. At least 2 of the proposers must be Kantara Initiative Members - current members list
...
Proposers Name | Organization (or Individual) | Voting Member | Affiliations | ||||||
Paul Knowles | paul.knowles [at] humancolossus.org | Human Colossus | x | ToiP-Inputs and Semantics WG | Jan Lindquist | Jan [at] linaltec.com | Linaltec | x | |
ISO 27560 Editor, Hyperledger Aries Digital Ledger Consent | Sal D’Agostino | 1dmach1n35 [at] gmail.com | Individual | x | Security Industry Association, ToIP, Kantara | ||||
Mark Lizar | Mark [at] openconsent.com | OpenConsent | x | Trust Over IP Notice and Consent Task Force | Dr. Vitor Jesus | Vj [at] vitorjesus.com | Individual | x | ISO 27560 |