Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

The mission:

An alternative policy framework for authorization and privacy online which is more performative, beneficial, compliant and empowering than today. 

The ANCR WG is eager to announce an alternative to the Opt In and Opt-Out terms and conditions and privacy policies online.  To offer a tool for digital identity access and management that evolves the authorization process to include the PII Principal in the scope of access and data controls. 

The deliverable:

To produce an alternative to the 'I Agree" (to things I don't read or understand). This challenge in tonline services and the embedded contract based policy terms of  services.  Tjos reqiores an alternative that scales, with common international specifications tused to standardize notice and consent online. 

Notice and consent standards can provide the alternative format focused on transparency, laws and practice operationally consistent across privacy jurisdictions.   

The result is trust for people that scales. 

The goal is to create a state of trust that provides people with choice to choose what is best for them in context. The result is freedom to choose from a place you (people) control regardless of physical or digtial technology or data governance providence (digi-space).  This specification for 2FN is designed to produce 'Privacy Assurance', (versus the existing framework of IAL, AAL, FAL), a new category of eConsent and identity management. 

2FN + 2FC  produces legal proofs (computational privacy) that can be used by people for access and mobility services to greater value with greater assurance and control as the alternative.

The work builds on a decade of effort, much of it in Kantara workgroups. The Consent Receipt has been widely recognized and adopted, with iteration and implementations since the publication of the Consent Receipt and then is includesion in the ISO 29184 annex. 

2FN and 2FC expresses exprected system use experiences as policy for access. This is the alternative to surveillance by default. 

As a result consent receipts (capture of state) can be generated and recorded independently by both parties (the PII Controller and the PII Principal) or together by both parties for advanced Auth C based preference and permission exchange. 

To learn more, check out the first draft of the 2FN and 2FC Introduction

Take a look at ANCR: Consent Receipt Section 1 - which is the work to specify the ANCR Notice Record Format for generating Notice and Consent Receipts - for PII Controller and Principal processing records

  • No labels