Project Goal
This Project is a working liaison on Consent Record works, focusing on combining inputs from multiple committees for input into ISO/IEC 27560 Privacy technologies: Consent record information structure - study period, for a unified input.
Compiling all the pending inputs into a complete notification governance standard or explicit Consent, with a maximum explicit consent use case for medical research, international interoperability, with a distributed ledger proof, consent receipt.
Including, an appendix with; notice, notification, and an explicit consent receipt types. As wells as a consent interop appendix mapping legal justifications to consent and notice, with a unified data control vocabulary for a consistent cross domain types for people to understand.
bringing together multiple standards, from different communities, to be able to demonstrate standards based interop, with W3C, ISO, COEL, and UMA.
Scope:
Working with liaisons, different communities, standards and SDO's to collaborate on unified notice and consent vocabulary controls, for personal data control.
Requirements:
- specification update that is usable for compliance, and evidence, and most importantly personal data control.
Call Times
- Wed 12:00 pm est
- alternating focus every week between spec and use case - in medical health, with Digital Ledger Consent RFC
- Goto Meeting: (temp line) https://global.gotomeeting.com/join/562338533
- Wed 12:00 pm est
First official liaison meeting kick off is on March Wed 25, 2020
- project kick off presentation Thursday 12, March 2020
Project Group Code Name: AdvCIS
Open To All
- Unified Data Control Vocabulary
- Consent State
- Strong & Active Transparency
Outputs: Complete CR2 draft by completing a reference implementation and touchstone use case, with key participants.
- Touchstone Use Case:
- Medical Research
- Medical Health Receipt Wallet
- Hyperledger RFC: Privacy Agreement Reference Implementation
Compiling the documentation for the (consent interop) layer will commence with this effort.
Items and topics to add to agenda,
- Extension Session
- Delegation Session
- revocation
- purpose of use
Project Start Date: March 25th
NOTE: Kantara WG will provide an open access to the outputs of this work for interoperability.
Background:
The Open Notice project brought the spec work to ISWG in 2015.
The Consent Receipt (CR) V1.1 was the output from Kantara frozen in 2017 used as input into GDPR and the Meaningful consent law in Canada.
Since 2018, Liaison work with ISO, W3C, OASIS, and MyData. Producing multiple inputs to the CR2: (replacing appendices and addressing tabled issues)
- ISO 29184 sister (notice) spec to Kantara Consent Receipt, v1.1
- W3C Data Privacy Control Vocabulary
- OpenConsent:: Notice Receipt
- & Poster
- W3C Data Privacy Vocabulary Controls CG
- CR v1.1 - GDPR Consent Receipt Extension W3C DPV
- -Blinding Identity Taxonomy
Reference Tech
- Overlay Capture Architecture
- HyperLedger RFC : Consent Lifecycle
- OASIS: Classification of Everyday Living
Project Lead: Mark Lizar
Participants Invited (so far):
- Harsh
- Jan
- Paul
- Tom
- Xiahou
- Vitor
- Sal
- Victoria
- Burak
- Ian
- Xavier
- Jerome
- Christoph
- Crt
- Tim
- Brock
- Burak
- Berrin
- Mike
Liaisons Invited
- DIACC (PCTF)
- Joni Brennan
- aNew Governance (MyData Operator)
- Oliver DIon
- Mattais De Bievre
- CSA + ISO Canada
- BSI : UK
SDO's providing input in the ISO 27560 invited
Contributions, Inputs:
PDF - Project Template (Atlassian dev template)