Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

MVCR (Minimum Viable Consent Receipt) for an Open Consent Model

  • A proof of concept that explains the consent receipt and is presented as an open common consent meta-format for consent.
  • A receipt is a starting point for being able to track consents and their basic requirements for people online.

  • The MVCR is meant to be the simple version of a receipt, which people download at the point of consent 

    • providing legacy consents, with an updated consent profile implementations that can be used to evolve, manage and maintain consent by both parties
    • a consent receipt aggregated, with other receipts in a dashboard provide the basis for modern consent management (which is beyond scope of this use case)
    • This use case will show that the open format by its self is
    • It is intended to be the light version of the core consent receipt data model
    • It is intended to a way to bridge for policy, and personal data control architecture
  • Objective
    1. The MVCR has a downloadable record of consent, provides contact and purpose in context
    2. It is record the data subject receivies that has a clear record of purpose, and can be used to independently manage consent after the consent has been provided. 
    3.  it is, by itself intended to transparently show organisation data sharing practices and 
  • Method
    • display the meta format that meets the minimum compliance obligations of an organisation that does not:
      • share with third parties,
      • does not collect sensitive data,
      • includes a self assertion that context specific requirements are included, this minimum viable consent receipt provides the minimum needed for a person to interact independently with an organizations to address any additional compliance or complaint requirements.
    • Notes:
      •  the MVCR is designed and intended to demonstrate the minimum online consent requirements with existing law illustrating the most common consent requirements across all jurisdictions in an independently usable form)
      • with these three components alone provides a tremendous improvement as a meta format,
  • Additional Operational Objectives to implement beyond the MVCR: (creating list here)

    1. re-consent

    2. withdrawing consent

    3. upgrading consent to the new consent data model

  • Technical Implementation
    • release an open simple version of the CR that is useful out of the box for a common and specific scenario, defined here as website registration for Kantara.
    • do this in a way that enables the receipt to be usable (systematically read)

Stage 1 MVCR Website Registration: : CIS-WG Implementation:

  • Specific Use Case for:
    •  non-sensitive PII, -
    • e.g.no third party sharing,
    • no-PII payload,
    • with output into a json field with pdf version (or html version)
  • Components
    • includes a simple form for creating a static receipt
    • presents the receipt on a website, with pdf version, and digital cert version
    • documentation about what the receipt is potentially good for. 
  • Walkthrough
    • WG- Admin
      • fills out form for creating consent receipt code
      • this code is put on the website
    • Alice Experience
      • alice goes to sign up
      • alice gets receipt
  • Implementation Plan
    • get quote from Oliver for the demo
    • demo needs plan to be developed and moved to consent receipt. org
      • includes list of usability requirements, documentation, graphics

Stage 2  MVCR Website Registration: Consent Receipt . Org

 

 

  • No labels