Excerpt | ||
---|---|---|
| ||
It may be easiest to edit the incomplete links in the template text below in "wiki markup" mode. |
...
- Open Notice & Kantara Community
- The Usable Privacy Project
- Mozilla
- Internet Society
Background
Economic Performance of Consent:
A commercial receipt you received at point of purchase has many uses, it can be submitted to a third party, either to show a budget and costs, or to report on what was purchased and for how much. It is a great tool for reducing friction, saves time, money. Like a transaction commercial receipt, consents can also be submitted to a third party, it can be compared, counted, and like purchasing preferences, consent preferences can also be collected. In this way a receipt and preferences can be used with third parties like a token to access other services.
Experience of Consent
Hypothesis: Better managed consent preferences and policy will result in better user experience, transparency, privacy and security.
Governance of Consent:
A receipt can also be used as a tool for governance, for instance, the Tax authorities can use a commercial receipt to check and see if the sales are hidden, the purchaser can use a receipt to be sure of the cost of goods and compare the change provided against the price advertised or currency provided to make sure of compliance.
A receipt can be taken and used with third parties like a token to access other services.
Objective
Specify the existing fields for a consent transaction receipt and list them as a basic template for consent receipts. (Note: This entails formally defined attributes, published and open for comment.)
Develop scenario covering the life cycle (Pre-consent, Consent, Post-Consent) of a minimum viable consent receipt for building a demonstrator. This would involve
- Part 1: Create a consent receipt generator, embed code and publish legal.txt --> Common Terms, Legal.TXT
- Part 2: Create a consent receipt button , --> Embed Code, publish legal.txtProvision and provision a consent to a service user
- Part3: Service user, uses the receipt post consent to achieve the use case specified. improve user experience and compare policies.
The demonstrator includes 3 parts (or a stages of the lifecyle), 1. Pre-Consent, 2. Consent 3. Post-Consent
- Pre-Consent
- a website /server with form for a company to generate a legal.txt file
- Publishing legal.txt
- An embed code is created for company to put behind their consent buttons on the website
- Consent
- A service user selects the consent '+ receipt' option to collect a receipt
- The id used by the service user to provision consent is used to send the receipt.
- With no pre arranged application, a modal box will appear asking for selection of identifier to use with the receipt
- this could be social login, email, etc
- the receipt is then accepted and stored by the digital identity being used for the consent
- With no pre arranged application, a modal box will appear asking for selection of identifier to use with the receipt
- The id used by the service user to provision consent is used to send the receipt.
- A service user selects the consent '+ receipt' option to collect a receipt
- Post - Consent
- TOSSOS - Receipts are used to compare policy changes using TOSSOS
- TOS;Dr - Receipts are used to look up TOS;Dr rating
- Out of Scope
- Browser Plugin - Receipts are captured and used automatically to make policy responsive and to customise experience, reduces steps in stage 2. streamlining user experience.
- Would require a receipt viewing capability, preferably on aggregate and current view as well. (by identity would be useful too)
- Browser Plugin - Receipts are captured and used automatically to make policy responsive and to customise experience, reduces steps in stage 2. streamlining user experience.
...
Scenario 1; Part 3 Wire Frames - (in Progress Through Stage 1 & 2)
Issue: unique-title
(Provide technical commentary on the issues brought up by this use case.)
...