ANCR WG: Provides Specifications for the Governance of Digital Trust

Owned by
Mark Lizar
Last updated: yesterday at 8:38 pm
6 min read

ANCR WG, where building on the success of previous work, provides open royalty free specifications, for personal data control, aka anchoured notice and consent receipts. A mirriored record specification, specified to ISO/IEC 29100, international data governance, extended with ISO/IEC 29184, and 27560, to provide an international standard for data governance, thorugh mirrored records and receipts that provide trustworthy digital privacy transparency over digital trust.

 

Remove this Draft Note: Action 1 - first draft of top-line boiler plate - introducing stakeholders to ANCR Specs *

Get Involved this Summer in ANCR Activities,

  1. Kantara Community interop and demo - meetings

  2. Review and comment on latest specifications

  3. Collaborate on developing consensus protocol for consent by design project development


General Meeting -

  • Wed 12pm eastern

  • Working on Consensus, Reviewing Roadmap and policy

Specification review Meeting

  • Wed 9 am Eastern July 10th - Next time in Aug TBA

Digital Trust Governance Interop for Kantara Community

  • Wed 9 am Easter July 17th - Next time in Aug TBA

    • Consumer Protection vs Consumer Rights Policy

  •  

 

ANCR: Digital Trust Governance 

  • ANCR standing for Anchored by the individual, as the master controller, data subject and PII Principle, require to enable existing systems with a Consent Gateway - which is a Consent by Design - Human Centric 'Knowledge based method of Operating Systems' 

    • Authentic - Consented Data : all surveillance and its processing produces a mirrored record, to established its authenticity and providence, with standardised notice as required by the international treaty, with a legal scope that covers the internet for the Commonwealth of 56 countries

    • Personal Secure clean, trusted data source Anchored refers technically to the individual in control of a personal and private record of processing activity called a receipt, that is notarised by an 0PN-Notary.  

    • Personal control and governance of Meta-data : This record of micro-data, is used to gain transparency over the processing of the data capture by a second and third party, and to enable  independent control of personal data, so that the individual can then, as a master data controller, use digital consent to permission the use of micro-data so as to be used as meta-data, for personal, private, and common use.  Where as public non-governed use is non-compliant and has low level of assurance automatically. 

      • Call for a Digital Forrest Charter - all data must show providence and be authentic in the _________ commons       

  •   SDPT → standardised digital privacy transparency specifications

    • The CR v2. Consent Receipt Token  - Digital Consent as a Secondary purpose

      • Mirrored record of processing activities to enable scalable digital trust assurance

      • PII Controller Credential

        • mirrored record and  consent receipt  for trusted and governed data control providing a legal proof of notice.  .

        •  the use of the (TPS -- >. Digital Trust Performance Scheme) to measure the conformance and compliance of digital trust for all stakeholders - addressing and solving a key challenge that has until now prevented scalable governance of digital privacy 

Stakeholder Groups 

  1. Individuals  (Master Controllers) 

  2. Data Controllers - communities / digital data ecosystems 

  3. Data Processors ( and Data Intermediaries) 

  4. Regulators 

  5. Data Soverign Communiteis and Industries

Technically Applicable to:

  • Making Transparent the providence and authenticity of any data process, for any legal justification, wether it is public or personal data processing, to enable trust and consent to scale with network/digital devices and technologies.   Including - All Digital Identifier and attribute based technologies   verifiable Credential Technologies,

  • Used universally for all stakeholders to participate in data  Governance of all security an surveillance technologies so that they can be trusted

  • Interoperable -  enable individual  authority to control managed and govern their own data with an anchored  transparency record and consent receipt based assurance framework 

  • inclusive of all people, and data processing contexts covering   3 vectors of data governance,   enable by the Conv108+ data protection law. 

Consent by Design Identifier, attirbute and Credential based Governance

ANCR WG - Common (ground up_ research and development) Background

The ANCR WG, and it’s founders have been committed to developing a commons based identity trust framework for humans since 2006, where this effort originally began at Identity Commons, as the Identity & Trust Charter. It became an Open Notice effort in 2012, with the Campaign for standards collaboration with industry and standards organisation for an alternative to the I Agree - policy framework.

Became a WG effort at Kantara evoling the Information Sharing WG to the Consent and Information Sharing WG, where the Conent Receipt was specified, and now continues under the ANCR WG, where building on the success of previous work, provides open, royalty free specification, for data governance transparency, control and digital identity interoperabilty for people

Generic Benefits of ANCR Specs

  • Transparency over Surveillance, enabling individuals to understand data sharing and disclosures risks in context

  • DPTS 0PN Digital Commons Privacy Policy - Digital Privacy Notice Broadcasting - Consent by Signalling - Enables trusted signalling peer to peer, and (0pn-common-notary)

  • Generic Concentric data control and data control transparency best practices for Secondary Consent to provide

  1. Increased efficiency: standard record of a notice and its data processing activity will dramatically reduced processing times for transactions and digitally identity account management tasks, passwords and resets, by enabling individuals to handle access, control and governance of private and decentralised personal data sources, much faster compared to current KYC, AML approaches without digital consent.

  2. Improved accuracy and compliance: Data minimization is no longer an security risk with services as the individual self-identifies and then provides a verifiable credential to an authentic third party source, who can govern the legitimacy of the request, addressing the gap in which the indivdual is burdened with governing execessive requests for PII from service providers. Making Consent by Design Transparency and consent mechanism safe for children and youth, and community.

  3. Self-identification with ANCR’D Verified Credential - Enhanced human, community experience: Consent by Design highlights the individuals ability to self assert, and self-identify with digital identifier technologies. Enabling identity systems with tools set for individuals to have personal control over personal data profi;es they might have. to eliminated the need for 3rd parties, removing an entire level of permission friction which frusterates customers and their user experience, dealing with bots, AI, automated phone services, and administrative queues dealing with online services activities. This made digital identity more pleasant and competitive.

  4. Decentralised Authentication and Data Access Authorisations, the Individual service user being able to authorize access to their data profiles and services account information with a consent token, as well as to object to processing in various technical ways, by locking, blocking, suspending and recover data profiles and services accounts. In order to minimize errors of commission and omission that were common in service based data processing systems. This increased accuracy in record-keeping and consented data interactions (and subsequent consent based transactions).

  5. Cost reduction: The move was described as a way to reduce the costs of digital identity management and security associated with contract based privacy and digital identity management systems.

  6. Expanded service offerings: Digital consent, opens up a wider range of access to retail services prevented by current surveillance based advertising models, providing direct to retail purchasing and suppy options never before accessible. Decentralisd data governance enables consent based service options.

  7. Real-time data control: This transition is characterized as a move towards real-time, data transparency and control for individuals in online systems that could / will eventually provide up-to-date data processing information and faster more timely and beneifitial data processing services.

  8. Improved personal data security: reduce and eliminating data breaches - CbD emphasizes enhanced security measures that co me with co-regulated personal data control systems vs data protection based systems, including encryption and multi-factor authorisations, using verifiable credentials. removing need for 3rd party identity service risks, for peer to peer authentication.

  9. Scalability and flexibility: The CbD governance systems are described as a way to enhance existing systmes to make them interoperable, scalable and flexible, allowing service providers to easily adapt to growing data governance and security challengs, and diverse financial needs.

  10. Consent Credit Systems used for multi-currency management capabilities: Banks highlighted the ability of computerized systems to handle multiple currencies more efficiently.

  11. Data management and analysis: The move was presented as an opportunity to better manage and analyze customer data, leading to improved decision-making and personalized services.

Overall, ANCR: CbD enables the transition to personal data control andas a necessary and beneficial evolution that modernized the operations, of services for improved customer service, and positioned them for future growth in the digital age.

Â