Versions Compared

Old Version 16

changes.mady.by.user John Wunderlich

Saved on

compared with

New Version 17

changes.mady.by.user John Wunderlich

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Core Spec: Minimum Viable Consent Receipt (MVCR)- Specification

Related Documents:

Objective

 

The Open Notice Initiative is an effort that calls for an open, global and public infrastructure for consent-based notices. A key element of that infrastructure is the minimum viable consent receipt described in this document. Such a receipt will provide the basic fields for recording open policy notices in a registry.  With these notices people can easily obtain a simple record of consent, and use this independently to manage personal data control and  access personal data organisations have.  

...

The Alpha version of this draft is intended to be very focused on explicit consent online, and the ability for organisations to provide explicit consent. Our first aim is to research the state of play and compliance. 

Background

Draft, background document can be found here, 

Minimum Viable Consent Requirements

By its format and structure the MVCR is intended to provide the basic information to review further the compliance of policy for consent. The MVCR is a record in a standard format. As a result it can be further extended by jurisdiction, data type and additional context. A basic consent receipt will assure a basic level of general regulatory compliance for consent.  It will do this by being open, accessible, extensible and providing a standard format to develop a higher quality of consent and policy usability, data privacy law usability.

MVC Contents

Consent Receipt

Field NameDescriptionPurpose/ExplanationFormat example (XDI)
Data Subject

Name or pseudonym of the user

Depending on the context could be full name, username, or pseudonym

Data Subject: Alice [=]!:uuid:1111

Data Controller

Name of the entity issuing the receipt

Should be the entity/organization operating the service/web site that is collecting personal information

Data Controller: Amazon [+]!:uuid:9999

Third Parties

Names of third parties involved in the transaction

An example would be a transaction with Amazon where the fulfilment of the order is done be UPS

Third Parties: UPS [+]!:uuid:8888

   

following lines all prepended with

([=]!:uuid:1111/[+]!:uuid:9999)

Digital Location

The location from which the consent receipt orginates. Possibly the web page with the consent button

This indicates the 'point of consent' - hopefully a button where the user clicked "I agree" or "I consent" (i.e. the biggest lie)

[#receipt]!:uuid:1234<#location><$uri>&/&/"....." 

URI Location

The domain of the organization issuing the receipt

This identitifies the organization accountable for the fulfilling the committements of the receipt/notice

[#receipt]!:uuid:1234<#location><$uri>&/&/"....."

Consent TypeWhat kind of consent has been receivedTo record the type of consent or whether there is an exception to the requirement for consent. 
PurposeThe purposes for which the personal information is being collected. 

[#receipt]!:uuid:1234[<#purpose>]<@0>&/&/"We need to process your payment."

[#receipt]!:uuid:1234[<#purpose>]<@2>&/&/"We  need your data to prevent fraud."

[#receipt]!:uuid:1234[<#purpose>]<@3>&/&/"We will advertise to you."

TimestampWhen consent was obtainedTo record when the user, either by implication or explicity, granted consent for the purposes described.[#receipt]!:uuid:1234<$t>&/&/"2014-07-13T21:32:52"
Privacy PolicyThe issuing entity's privacy policy (by reference to URI)If not available, should provide a notice that it is missing[#receipt]!:uuid:1234<#privacy><#policy><$uri>&/&/"https://..."
Cookie PolicyThe issuing entity's cookie policy (by reference to URI)If not available, should provide a notice that it is missing[#receipt]!:uuid:1234<#cookie><#policy><$uri>&/&/"https://..."
Terms of ServiceThe issuing entity's terms of service (by reference to URI)If not available, should provide a notice that it is missing[#receipt]!:uuid:1234<#short><#privacy><#notice><$uri>&/&/"https://..."
Do Not TrackDoes the issuing entity respect DNT?If not available, should provide a notice that it is missing[#receipt]!:uuid:1234<#dnt>&/&/true
SensitiveCategorize the information collected as senstivie or notMedical, financial information for example[#receipt]!:uuid:1234<#sensitive>&/&/true
JurisdictionThe jurisdictions of the data protection authority for the data controller and data subject 

[#receipt]!:uuid:1234<#jurisdiction>/$ref/[=]!:uuid:1111<#jurisdiction>

[=]!:uuid:1111<#jurisdiction>&/&/"US"
[+]!:uuid:9999<#jurisdiction>&/&/"DE"


 


Full Content (proposed development

Field NameDescriptionPurpose/ExplanationFormat of FieldExampleLegal Reference for Field

Tech

Ref

Next StepComments 
DP_Domain_Accountable for ConsentURL of the domain where consent is provided Consent. If this is physical space, then physical location needs to be included, along with digital domain of service provider/data controler. Header/Admin/entity identifier,location of domain, physical space where the consent is provided.       
Location:is this a physical location        
ConsentPref_ThirdPartyYes/No share with 3rd partie        
Third Party Sharing - Link ListA list of third parties, that data is shared with.This is a critical element for having a consistent scope for data sharing and enabling people to manage/check third parties post consent.html link, contact info, policy info   A format and form for Linking third parties needs to be created.  
ConsentPre_etcConsentPref captured during the consent recording/transactionThis field is for capturing consent preferences at the point of consent. This is only used when making a live record of consent.     Comment by John; Comment by Mark etc 
Consent type: Explicit, Implied, ExceptionAssumed Explicit consent fro alpha versionfor live consent, this explicit, althought there are post, pre, consent notices and development which may need a different consent type.       
Data Processing consented to: PurposeWhat are the top level purpose(s) for the consentNote; There are some jurisdictions that require multiple consents for multiple purposes.       
Processor ID if different than Domain Id : Listed DPThe identification of the data processorentity in charge       
User ID:id (email) of the user in the consent formnon-repudiation       
Transaction ID: GUIDthe specific consent ID(or transaction id)       
Use Reference: type of use ID       Note how is this different than purpose? 
Date:TimeStamptime and date of consent        
Policy URI’s: PP, TOSA, CookiesUrl of policies, these are used to grab a copy of the policies and to store them in the registry record.        
Address & Contact details of SPUnless different DP this should be the same as the DP        
IP of DSIP of person making consent - Jurisdiction of the IP addressIn order to compare compliance of policy of the Service provider against the jurisdiction of the individual       
Data Type: Personal Information(PI), (SPI) Sensitive Personal Information (Y/N)Data sensitivity (privacy category)        


Header Information

  • DP Domain:Domain URL

  • DS Consent Preferences: {array to be determined}

  • Processor ID: Listed DP

  • User ID: Consenting identifier

  • Transaction ID: GUID

  • Sequence #: 0 for new receipt +1 every time it is used

  • Use Reference: type of use ID

  • Date:TimeStamp

  • Consent type: Explicit, Implied, Exception

  • Policy URI’s: PP, TOSA, Cookies

  • Data Processing consented to: Purpose

  • Address & Contact details of DP

  • IP of DS

  • Data Type: Personal Information(PI), (SPI) Sensitive Personal Information (Y/N)

Extended By Other Services

  • Jurisdictional specifics

  • Reputations

  • Icons

  • Short Notices

  • Trust Frameworks

Glossary

Minimum Viable Consent Receipt(MVCR)

...