Versions Compared

Old Version 15

changes.mady.by.user Mark Lizar

Saved on

compared with

New Version 16

changes.mady.by.user Mark Lizar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This ANCR Record specification provides a methodology to audit a notice to produce a notice record and a consent(ric) receiptNotice Record for generating a  Consent Receipt.  The objective of this documents is to

  1. Provide a set of instructions for recording a notice and its purpose in a standard consent(ric) record information structure derived for a Consent Receipt (ref)
  2. To then compare the conformance of the record with a control from ISO/IEC 29183 (as an example a set of rules for regulations and code of practiceset by regulations for notice & consent transparency)  

Methodology

This method describes, how to audit a notice to generate an ANCR- Notice Record using ISO/IEC 29100 derived receipt format, which is now published in the ISO/IEC 29184 Annex D, 

...

PASP - Privacy Access Service Point - further define digital contact point information, for proportionate access to rights information 

  • there are different performance levels for privacy information access and rights which is captured in this assessment, 
    • Performance 
      • if online and access is provided with a PISP which is an api access fore in conxt privacy then privacy information and controls can be dynamic
        • this field has dynamic,
        • out-of-band,
        • static
      • Access Conformance 
        • access to information in the information according to context
          • linked data - 
    • Confromance 
      • a) if using standards, information access has a higher level of transparency 
        • a person, 
        • self-service
        • bot 
        • mailbox
        • answering machine
        • email 
    • b)

...

Consent Type  

Consent Types refers to the context of Notice which covers the array of concentric engagement points in which humans provide permissions to generate digital identifiers. 

Normally a static permission, or more frequently an online interaction context in which a relationship to consent is inferred or expressed in some manner.   

  • Other: Not Consent, 
  • delegated
  • Implied
  • implicit
  • expressed
  • explicit
  • directed 
  • altruistic 

Field Glossary

(Note: all terms refer to ISO/IEC 29100 and ISO/IEC 29184, Kantara Consent Receipt, adopted for -  for terms, unless they are specified here to further extend terms or definitions in a more granular manner,Consent Types refers to the context of wether there is a notice which specifies the legal justification, or wether a consent type is inferred and used to specify the permissions for processing with digital identifiers. 

...


This refers to the initial state or context of processing, and data's subject knowledge and or expectation,  prior to the notice or notification. 

...