Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Update 

This document presents a summary update to the ANCR WG and Consent Receipt community on of some of key issues and solutions that address them since MVCR v0.8  (when spec was frozen) for review by ANCR WG 

The Original Use Case – To replace/ advance the  Online opt-in's contract of adhesions, with  a privacy agreement model that include standardized privacy rights access, independent of the technology and service provider. In such a way the 'concerns' are separated and the service providers can dramatically reduce data processing risk, transfer liability, and reduce the burden of policy on people with an international standard.   

The v1.2 completes Minimum Viable Consent Receipt use case which started the consent receipt work.  Including an analysis on what was broken in the v1.1, preparing the way forward for a V2 receipt specification.  This  receipt specification scope is on the legally required technical fields for extending personal data governance online. 

Key challenges were a lack of maturity and granularity in operational semantics of the legal frameworks , specifically  a) the technical semantics of delegation, authority, and control b) enforceable privacy law (GDPR) c) standards for notice and consent (ISO 29100 and 29184).  Thus addressing an International set of terms, definitions Notice content controls and consent structure format, so that people can consent to control and transfer their own data to another entity (locally or across jurisdictions)

With a focus on the  delegation of authority and the jurisdictional fields for a proof of notice and consent record. Called an ANCR Record in this v1.2, people can technically own their own records of consent and data control.  Generate with trusted 3rd Party Notary, proof of notice and evidence of consent.  Track ones own consent and purposes and because of this technically generate notification for access and rights, requesting standardized transparency with a Consent Receipt.  

The standardization of terminology, controls, notice and notification for maintaining a state of consent can all be automated with Consent Receipts.   Utilizing standards for legal semantics to implement the power of linked data and render records/receipts to provide people with transparency over risk and performance of human centric data controls. 

Key Updates

  1. The ISO/IEC SC 27 Committee in April 2020 to start an ISO Working Draft based on the Consent Notice Receipt
  2. The Consent Notice Receipt was published in appendix D, of ISO/IEC 29184 (June 6,2020)  titled 'Online privacy notice and consent' 
    1. this establishes  the Consent Notice Receipt as an authoritative data governance tool to provide transparency over the control and interoperability of data processing by services between jurisdictions     
  3. V1.1  to V 1.2 Notice; regarding 'well known issues and developments' (WKID) Updates, 
    1. delegation (on-behalf)
    2. proof of notice receipt
    3. Consent Notice Receipt (Human Definition) 
      1. a receipt to prove awareness of any policy or notice regarding surveillance; a physical sign, a blinking light, T&C's, privacy policies, cookie notices and online consent forms inform people about their own understanding of consent.  Consent is a human term which is technically a multi-permissoned active state at any one point of time reflecting hidden and personal capabilities per context, biological, social, legal, but more importantly, the physical environment which dictates security and controls considerations for the individual.  
      2. generated from the notice and or sign presented to the Individual in the individuals physical context indicating the system permissions/data protection and controls scopes/ relevant to the person and context. 
    4. the consent receipt core purpose is to link and rendering privacy rights information and access into a receipt  independent of service context 

 

How Notice Standard Record is Global Interop Technology (in a nutshell) 

The Consent Notice Receipt Framework, is a semantically standardized notice and notification framework for the processing of personal and sensitive data, with the maximum explicit consent record structure as the base  (or first legal processing notice receipt schema specified),  

Interoperability: Standardized Privacy Notice Semantics for Transborder identity and data governance 

Governance Interoperability is a core focus of the work, primarily from the human to technology governance interoperability, Standardizing Notice law, technical formats and semantics in the notice provides the framework for all processing activities to be relayed to a person in a consistent language and format.  

The Notice framework here is a semantic governance framework for digital twin of a physical notice using standards, or assessed against standards, independent of service provider and jurisdiction.  

Legally 

A privacy notice is the only required elements for all personal data privacy processing across all privacy legislated jurisdictionsThe harmonization's of the legal semantics, via international standards and the adoption of best practices.   Notice is the most similar across all jurisdictions and it is also the only privacy element that is constant in all frameworks.  

Notice for security, privacy, health and safety is universally required in governance, and where there is none. Like big data, there is little to no providence 

Human 

People first must have some sort of notice that they are providing consent before consent is possible.  People must first be aware of surveillance before it can be trusted, or trustworthy 

Technically 

For active surveillance with digital identity management technology, whether it is Sovreign or not. It is untrustworthy, unless it is proportionatedemocratic, and reciprocal, meaning that the Individual can see the active state of the legal entity and status of the service, with reciprocal transparencyNotice Record Structure 

Legal Justifications 

For a high assurance notice governed data flow, the specified purpose of use, is what governs the data flow and processing.   A notice record is required for any processing and to start a relationship.  The Notice type is further extended by the legal justification for processing and often identified as a services 

There is more than one type of identity relationship for a legal justification for processing, and opf there are multiple relationships for a processing activity – which would required multiple legal justifications.  

 

IN 29184, the legal justifications for the use with identity management systems are generically defined as  a Notice for 

  1. Consent;  (consent as the framework notice and consent by design 
  1. Contract Notice Receipt 
  1. Vital Interest of Individual (Vital Notice Receipt) 
  1. Legal Obligation - Legal Notice Receipt  
  1. Legitimate Interest - Essential-Use - Notice Receipt  
  1. Public Interest - Public Notice Receipt 

In these legal contexts, notifications inform the lifecycle of legal justification for processing and its relationship, in addition to which rights apply in context, and what the performance of those rights ares legally expected by people.  

 

The CR V1.2 Updates the CR V1.1 Structure to a more modular structure 

Notice Fields  

  • Notice Receipt (core field set)comprised of the fields for notice that are required for all legal justification for processing.  
  • The Notice Receipt by itself indicates the security first, the PII Controller, and representative. 
  • Notice Receipt Utilities  
  •  Without a legal justification this notice mitigates the risk and can technically start the process of transferring liability for processing to the Individual (PII Principal) n legal entities and the provider of notice,  
  • Notice with a notification payload,  
  • In a specific context a legal Notice can be used to deliver a notification 
  • Meaningful consent requires a notice of risk  
  • A notice receipt for a notification of risk, in addition to a consent notice receipt provides 2 factors of notice,  
  • Utilizing the same two factor messaging pattern for semantic harmonization 
  • Consent is not possible without a Notice of,  
  • Processing and operational understanding  
  • Directed & Altruistic Consent 
  • PII Principles provide the notice themselves  
  • Go 

Vectors of Consent  

 

Quality of Consent 

  • Weak transparency over legal entities and beneficiaries of data processing 
  •  

Consent Notice Receipt (MVCR Finished = v1.2)  

Extending a Notice Receipt with Consent as the legal justification, requires purpose specification, for a service,  

The CR v1,1 as published contains the fields for the specification of a purpose for consent,  The vocabulary and categories required to  harmonize semantics for data control where know issues that have been focused on for the last 3 years.  

The Personal Data Categories are used to specify the purpose, while the Data Privacy Vocabulary, provides a machine-readable legal ontology for specifying data types, and treatment. All of which are required to specify a purpose for dynamic data flows that people can a) see b) human understandable c) interact with in a meaningful way , d) while also semantically harmonized in containers that are machine readable.  

CR v1,2  : Core  

  1. Notice Receipt  
  1. Location & Time 
  1. Location – twin - 
  1. Physical -  
  1. Digital - 
  1. PII Controller 
  1. Jurisdictions, 
  1. Link to physical notice 
  1. Extend it (Legal Justification)  
  1. Privacy Stakeholders 
  1. Categories of controllers  
  1. Consent Purpose Specification (v.1.1) 
  1. Purpose Category 
  1. Purpose Descriptions  
  1. Purpose Sensitive Categories of Data  
  1. Sensitive data category  
  1. Personal Data Category  
  1. Personal Data Types/attributes etc  
  1. Personal Data Processing Treatment 
  1. Storage 
  1. Security (cert/sighed key) 
  1. Extensions –Requirements (according to Context)  

Notice can itself be extended with a Notification for the maintenance of a consent record, and consent based relationship.  

Notice Receipt Semantic Governance Framework  

A notice section 1, can be extended with these receipt profiles  

  • Contract Notice Receipt 
  • Vital Notice Receipt  
  • Notice of (legal) Obligation Receipt  
  • Legitimate Interest Notice Receipt  
  • Public Interest Notice Receipt  

Notification  

notifications 

Rights Consent Notice Receipt 

Privacy and Surveillance based rights are applied to context according to the legal justification, which is confusing even for the experts.  

  • Withdraw Consent 

Consent Notice Receipts (Lifecycle)  

The spectrum of consent has multiple vectors  

  1. Is the relationship vector: 
  1. Starting at the first notice for consent, then lasting for the lifecycle of Consent and permission 
  1. This first Notice for Consent receipt is the Anchor receipt and is maintained with linked notices 
  1. Consent Notice Receipts 
  1. Anchor receipt  

Type of Consent Receipt 

Description 

Lifecycle Use  

 

Explicit Consent  

Anchor Receipt (starts a receipt)  

 

 

Implied Consent  

Action of the PII Principal 

 

 

expressed 

Notification by the PII Principal  

 

 

Directed  

(Health Care )  

 

 

Altruistic  

No Notice Required -  

 

 

 

  • No labels