Versions Compared

Old Version 37

changes.mady.by.user Mark Lizar

Saved on

compared with

New Version 38

changes.mady.by.user Mark Lizar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Providing Trust Capacity Metrics

Editors: Sharon Polsky, Mark Lizar

...

Copyright: The content of this document is copyright of Kantara Initiative, Inc.
© 2022 Kantara Initiative, Inc.

Introduction

Trust Transparency Performance Indicator’s (TPI’s), also referred to here as Transparency Performance Indicators, are used to capture the performance of digital transparency measuring how dynamic the operational performance of transparency is for digital services.

...

Work pre-ceding these TPI’s developed a consent receipt, which is a record that can be used to capture the state of trust before a session, to capture surveillance context, and wether notice was provided before the technical session is establish or after, to capture the providence of wether consent is implied or expressed dynamically.

...

This specification is offered as a contribution to the ISO/IEC SC27 WG5 body of work, as it extends the ISO/IEC 29100 privacy and security framework into operational trust transparency applications.

The Notice Record, generated from TPI’s, enables operational ‘online’ transparency by the use of the controls in ISO/IEC 29184. This can be further evidenced with an anchored notice and mirrored (digitally twinned) notice consent receipts [ again ISO/IEC 29184, Appendix B], again generated from a TPI Notice Record.

...

TPI Indicators here are for Digital Transparency, Level of Trust Transparency Assurance 0. [Ref-DTL’s]

The TPI’s here are used to assess session based data capture and self asserted information by organizations.

...

This TPI captures when the Controller's legal entity and accountable Privacy Officer (digital identifiers) provide notice; Before, At the time of, or After personal data is captured. This captures if dynamic transparency is available systematically and when. It provides a way for an individual to assess if they can trust a service or not, independently of the service provider.

Note: This is the most common legislated privacy element in the world, required in all privacy legislation and instruments. (ISTPA 2007)

...

+1 refers to a technical framework and PII Controller transparency prior to the initiation of a session providing security based trust transparency assurances.

0 refers to dynamic a measure of providing dynamic transparency in the context of once a technical session starts (which is at the time of collection), in context transparency over purpose and disclosures,

...

Rating - Instruction

TPI 1 - Timing (wrt to processing)

TP2 - Required Info Presentation

TPI3 Accessibility (trans performance)

TPI4 - Digital Security

+1 (assured)

PII Controller credential is displayed, using a standard format with machine readable language and linked, for example, in an http header in a browser

Controller is discoverable automatically prior to session (out of band) in a machine readable format. Number of ways
1. is a Controller Identity Trust Transparency registry
2. is client side record of processing (via a wallet or browser)

Controller identity is presented prior to data collection

Security is required prior to collection (digital wallet based)

0(dynamic assurance)

PII Controller Identity or credential is provided in first notice

0 credential is presented just in time (automated check and first time notice)

Embedded as a credential and dynamically available upon access (almost just in time)

is assured -e.g. certificate is specific to and matches controller and context

-1 (analogue assurance - online)

The Controller Identity, or screen with the Controller Identity is one screen and click away. For example, the privacy policy link in the footer of a webpage

controller information is accessible (not presented) during collection

PII Controller Identity prominently displayed on first view – prior to processing first page of viewing, the assessment question would be

not-specific to controller - does not match jurisdiction

-2 - (not mandatory in flow)

Controller Credential information is linked during collection

is linked not presented

does not match ou

-3 ( non operative)

PII Controller Identity is not accessible enough to be considered ‘provided’

Controller information not present

Identity or credential is not accessible in context - e.g. two or more screens of view away, or privacy contact is mailing g address and non operative in context of data collection.

is not valid, secure, or recognized provider.
Not security operational (proving non reciprocal security assurance)

...

These TPI’s use open standards, with an open license specified for people to be able to use and create records they can own and keep across and independently of service providers.

TPI 1 is a measure of trust, so that when asked, “Do you trust (accept) a service”, you necessarily transparency which indicates if you know who is capturing and processing your data before, during or after .” Overwhelimingly your personal information is processed. Referred to as operational transparency, in that it enables the Individual to see, and depending on the context make your own choice, as to wether or not to trust that behaviour.
Over whelmingly people indicate trust would be higher. if notified prior to data capture, which only makes sense.

...