ANCR WG 20230503 - AdHoc

We have grouped these into a scopes, but these are just suggestions, everyone is welcome to suggest/package a scope.

@Mark Lizar

@Salvatore D'Agostino attending

Project 1

PII Controller Notice Credential (for notice, records, receipts, tokens and directed consent) focus on regulated Public Credential Management and interoperability)

Work Plan outline -

1. Reason - addressing security and authority issues in identity management - Idm governance using international security and privacy standards and law. Law is code. rule set.
- interoperability . #1
- publicly regulated credential scalable to all privacy security contexts. It can be used with common/standard rules - to build legal processing protocols
- Communities
  - Kantara, DIACC, HC,
- Outputs
  - Work Plan
    - topics / text to cover per call
  - Writing up the project - description
  - invites to stakeholders
  - spec draft for review and comment,
    - TPI’s as a component of the credential solution
performance metric
- Transparency Performance - to mitigate risk by individual - measure performance and Interoperability with regards to credential baseline.
- Establishing level 0 - for Levels of Trust Performance Assurance
Controller Credential = consent receipt v2 (tokenization) scope
- Performance (notice) Record as
- Credential - Legal Schema, - glossary - Ontology
- DPV vocabulary for notice and notification
Use Cases
- Level of PII Controller Notice Credential Assurance
- NIST LoA to DT LoA -
- Specs
  - credential - TPI’s
  - using TPIs to make a notice Record
  - Turning a notice record into a credential
Work efforts for contribution and collaboration
- Project 2
  - AuthC - ?
    - concentric notice labels
      - mapping service to types of legal authority and specifying controls/obligations
      - purpose specification
      - 2 factor concentric notice
      - exchange protocol
      - notice language and ontology
      - Delegation
  - Use Cases
    - Digital Consent - W3C