...
In this WG's effort to address these core technical and governance issues 2FN and 2FC has worked to separate technical permissions in the context of access management and human permission in the context of Consent which is referred to here as s 'purpose of use' management. Not separating system permissions from consent is an identified dark pattern which 2FN is specified in ANCR to address. This has been made Distinguishing from identity management or online service provider implementation of consent with system centric permissions. Made more difficult through a consolidated industry effort to conflate these two types of permission (as digital trust) for commercializing digital identity as security services.
...