Abstract
This document is a product of the CISWG Work Group. It records the scenarios and use cases governing the development of consent receipt and guiding associated implementations and deployments.
A Scenario specifying a receipt data schema
Status
This document is currently under active development. Its latest version can always be found here. See the Change History at the end of this document for its revision number.
Editors
Mark Lizar
Mary Hodder
Valentino
Intellectual Property Notice
The CISWG Work Group operates under Option ABC and the publication of this document is governed by the policies outlined in this option.
Table of Contents
Introduction and Instructions
This document is a product of the CISWG Work Group. It records the scenarios and use cases governing the development of the Consent Receipt Schema (CRS) and guiding associated implementations and deployments.
Please use the scenario template near the end of this document in adding new scenarios and subordinate use cases. Change the status keyword in each scenario and use case title as appropriate, linking to the meeting minutes page explaining the status change:
- Pending: Initial status when first submitted
- Accepted: Needs to be accounted for in Consent Receipt Schema V1 and/or its associated compliant implementations
- Deferred: Relevant to the problem space; may be considered in future versions
- Rejected: Out of scope
Edit the descriptions of technical issues and scope questions to reflect (or point to) group decisions about how to handle them.
Scenario: unique-title (Pending)
Submitted by: Mark Lizar
The goal of this scenario is to create a specification for a receipt schema and a demonstrator for creating, providing and using a minimum viable consent receipt.
Background
Not unlike a receipt you get when you buy something, which you then submit for a third party, either to show a budget and costs, or to report on what was purchased and for how much. Like costs, consents can be counted, and like purchasing preferences, consent preferences collected. Better managed preferences result in better user experience.
A receipt can also be used for governance, for instance, the Tax authorities can use a receipt to check and see if the sales are hidden, the purchaser can use a receipt to be sure of the cost of goods and compare the change provided and the receipt against the price advertised to make sure of compliance.
A receipt can be taken and used with third parties like a token to access other services.
Objective
Specify the existing fields for a consent transaction receipt and list them as a basic template for consent receipts. (Note: This entails formally defined attributes, published and open for comment.)
Develop scenario covering the life cycle of a minimum viable consent receipt for building a demonstrator. This would involve
- Create a consent receipt generator, --> Common Terms, Legal.TXT
- Create a consent receipt button, --> Embed Code, publish legal.txt
- Provision a consent to a service user
- Service user, uses the receipt to achieve the use case specified.
Intended Use
Use Case: Demonstrator (Pending)
Submitted by: Mark Lizar
So far this looks like --> Scenario 1
Pre-Consent
- Common Terms - links existing policies to consent fields and semantics
- This creates an embed code that is put behind a consent button,
- this publishes legal.txt to a common place - (Open Notice database)
Consent
When a consent is provisioned using the button
- a receipt is created at the point of consent, the identity used to provision the consent is used to deliver the consent receipt
-
Post Consent
- the initial consent is used to identify the parties and collect the preferences and options available, From companies this may be. marketing materials, items on sale, etc. For people, this may be do not track, proof of age, etc.
Issue: unique-title
(Provide technical commentary on the issues brought up by this use case.)