Charter (draft)

(1) WG NAME (and any acronym or abbreviation of the name):

ANCR WG (Anchored Notice & Consent Receipt)

(2) PURPOSE:

Develop and contribute to standardized digital notice and consent transparency and provenance tools, and infrastructure for individuals (i.e., data subjects/PII Principals), that can also be used by PII Controllers and Regulators.

The ANCR WG objective is to build on the Notice and Consent Receipt and Transparency Performance Indicator work including but not limited to conformance and compliance programs. This includes collaboration with other Kantara work groups, and Kantara compliance and conformance programs, and with other standards development and trade organizations involved with identity, privacy, and cybersecurity.

The ANCR WG creates publications, presentations, and subject matter expert support for these efforts.

(3) WORKGROUP SCOPE:

Specify and Publish: Use Case(s) that show how to implement and benefit from the proper use of Notice and Consent Receipts and the Transparency Performance indicators.
Specify and Contribute: Technical standards for authorization and tokenization using the previous work in the ANCR WG and previous Kantara WG efforts.
Specify and Contribute: Compliance and conformance requirements and controls that use the WG publications and member expertise.

To contribute this work to; Kantara Initiative Conformance and Assurance initiatives, ISO/IEC, SCC, IEEE, SCC, NIST, DIACC, W3C DPV, CEFACT, OpenID, Digital Governance Council of Canada; community and standards group for liaison, completion and implementation of data rights.

(4) DRAFT PUBLICATIONS AND SPECIFICATIONS: List Working Titles of draft Publications and Technical Specifications to be produced (if any), projected completion dates, and the Standards Setting Organization(s) to which they will be submitted upon approval by the Membership.

Deliverable	Description	Start	Details
Transparency Performance Indicators (TPIs) Use case	Publish as a Kantara Report Build on existing TPI Report for Kantara website and wiki Look at notices, privacy policies Possible inclusion of demonstration of receipts	June 2026	New Kantara member onboarding workflow and possible roles Member only GPA Voting, Non-voting Mailing List WG Officer Leadership Council Kantara Liaison Board Member Use of AI by organization and work groups
Notice Controller Registry	Under consideration
Create requirements and controls for conformance programs, and contributions to other standards and trade organizations	Under consideration		consider inclusion and work with Controller Identification Record

(5) DRAFT RECOMMENDATIONS: Other Draft Recommendations and projected completion dates for submission for All Member Ballot.

Name	Description	Link	Spec input summary	date reviewed
None at this time

(6) LEADERSHIP: WG Chair and Editor(s) (current)

Chairs & Secretary
- Chair - Sal D'Agostino
- Vice-Chair - Tim Reiniger
- Editor - Mark Lizar
- Secretary - Gigliolla Agassini

(7) AUDIENCE: Anticipated audience or users of the work includes

Organizations looking to adhere to best practice for identity, privacy, and cybersecurity in the use of personally identifiable information for identity and access management.
- Digital Privacy Operators, who are liable for identity, privacy, security, and consent systems in the real world.
Trust frameworks and compliance and conformance programs and their assessors.
Regulators looking for technical controls to implement legal requirements that scale.
Software developers, and product managers as a means of achieving interoperability across a wide range identity, security, and privacy of use cases.
Developers of decentralized governance and next generation internet services.
Human beings, as notice and consent receipts provide an alternative/complement to terms of services and privacy policies and provide something that can be understood by people. This is in contrast to the current abuser experience, to create a default experience where privacy policies and terms of service address privacy concerns and provide safeguards of personal information.

(8) DURATION: Objective criteria for determining when the work of the WG has been completed (or a statement that the WG is intended to be a standing WG to address work that is expected to be ongoing).

The charter covers work for the calendar year 2026

(9) IPR POLICY: The Organization approved Intellectual Property Rights Policy under which the WG will operate.

Kantara Initiative IPR Policy - Patent and Copyright, Reciprocal Royalty Free, opt out to RAND,
https://kantarainitiative.org/confluence/pages/viewpage.action?pageId=41025689

(10) RELATED WORK AND LIAISONS: Related work being done in other WGs or other organizations and any proposed liaison with those other WGs or organizations.

IEEE Privacy and Cybersecurity Initiatives, IEEE Standards, ABA, DIACC, Kantara ISO BOT Liaison, W3C DPV, and Consent Communities among others. Numerous other previous activities and liaisons developed in the Kantara CIS WG. (now archived).

(11) CONTRIBUTIONS (optional): A list of contributions that the proposers anticipate will be made to the WG.

(12) PROPOSERS (Initial): Names, email addresses, and any constituent affiliations of at least the minimum set of proposers required to support forming the WG. At least 3 proposers must be listed. At least 2 of the proposers must be Kantara Initiative Members - current members list

Current charter approved by WG [date]

Proposers Name	Email	Organization (or Individual)	Voting Member	Affiliations
Paul Knowles	paul.knowles [at] humancolossus.org	Human Colossus	x	ToiP-Inputs and Semantics WG
Sal D’Agostino	1dmach1n35 [at] gmail.com	Individual	x	Security Industry Association, ToIP, Kantara
Mark Lizar	Mark [at] openconsent.com	OpenConsent	x	Trust Over IP Notice and Consent Task Force

Add label