Charter

 

(1) WG NAME (and any acronym or abbreviation of the name):  

ANCR WG (Anchored Notice & Consent Receipt)

[ Standardised Record Framework for Consent Receipts and their use as verified claims in identifier management protocol based technical token ]

(2) PURPOSE:

Develop and contribute to standardised digital notice transparency in the 'digital commons', mandating the use of consensus protocol for  specifying internationally interoperable data governance. 

ANCR objective is to complete the Notice and Consent Receipt work with a conformance and compliance program. Contributing specifications according to this charter once incubated.  Consent receipt derivative work is specified for (public accessible) ISO/IEC 29100 Security and privacy technique and the not open to access, ISO/IEC 29184 Online Notice and Consent Standard, where the Consent Notice Receipt Is published (Appendix B  and Consent Standard).  Demonstrating the Controller Notice record format that is used in the trust framework scheme.

This WG is chartered to specify for the digital commons, referring to the Council of Europe 108+, international privacy legal framework, to which the Consent Receipt v2. Consent Token Architecture and associated transparency conformance and compliance schemes are focused.  

This works builds upon the Consent Receipt v1.1 and the ISO/IEC 27560 Consent Record Information Structure, which compliments it.  Current request to ISO to make this open to access as well.


(3) SPECIFICATION COPE: 

  1. Specify and Publish: ANCR Record Transparency Performance Scheme for Transparency Performance indicators, which  can identify the digital transparency gaps, so they can be addressed.   
  2. Specify and Contribute: ANCR Record Framework 
  3. Specify and Contribute:  AuthC Transparency Protocol for signalling authorisation with consent  
    1. Innovate in accordance with Kantara Operating Procedures and promote a consent notice receipt (a receipt that is a notice of consent) as an international tool for human, legal and decentralized identity governance and interoperability.

Required to:

  • To specify a human to technology Trust Anchored, governance framework and architecture,
  • TO specify interoperable, inclusive record and receipt based governance, referring specifically to Conv 108+ Art 14- Transparency Modalities, Art 30 RoPA, and Art 88 - Logging. 
  • To specify royalty free, open access and open source digital transparency, transparency performance. Licesened for open governance and transparency signalling. Open and usable for generating and distributing notice receipts and decentralised  consent records called tokens. 
  • To be Specified strictly to  legal requirements and the listed standards,  agnostic to digital identity protocols so as to be interoperable with identifier 'trust/security' frameworks. 
  • To ensure that the Record of Processing Activity (RoPA) are Transparency and trustworthy with a Notice Receipt as a mirrored record  (digitally twinned) record architecture.  The RoPA-T provides a notice receipt, that is used as a legal proof of Notice and knowledge that is inclusive.  As a digital record owned and controlled by the individual) that an individual can trust and self verify, validate and assure and issue as a digital claim.     
  • To contribute this work to;  Kantara Initiative Conformance and Assurance initiatives, ISO/IEC, SCC, IEEE, SCC, NIST, DIACC, W3C DPV, OIX, OpenID, Digital Governance Council of Canada;  community and standards group for liaison, completion and implementation of data rights.


(4) DRAFT TECHNICAL SPECIFICATIONS: List Working Titles of draft Technical Specifications to be produced (if any), projected completion dates, and the Standards Setting Organisation(s) to which they will be submitted upon approval by the Membership.


Specifications in scope

Details

Dates

Contributed Towards

Anchor Receipt (Conformance and Compliance Transparency Performance Scheme of Notice)

  • Publish as a Kantara Specification
    • Complements existing Consent Receipt
    • Maps to ISO/IEC 29100, 27560 and 29184, the stack of Standards which the TPS Scheme is focused on for Conformance 
    • Maps to international transparency adequacy Conv. 108+  for compliance assessment measurement baseline.

January 2022 - start of group, expected 6-month effort.

  • Kantara Specification
  • As appropriate for ISO 27560, FAPI, GNAP and related works.
ANCR Record Framework
January 2023Contribution to Kantara ANCR: TPS Benchmarking Program
ANCR Controller Notice to Notary Credential 
in progress DTL - 0PN CI-Trust framework program 
ANCR : Consent Receipt V2. Consent Token Record information Structure 
Extension and completion of Consent receipt work contribution to Kantara by the Open Notice Project,. DTL - 0PN CI-Trust framework program 
AuthCDTL Contributing to ANCR in progressDTL - 0PN CI-Trust framework program 
ANCR Consensus Protocol forgit based global digital stymergy
DTL - 0PN CI-Trust framework program 




(5) DRAFT RECOMMENDATIONS: Other Draft Recommendations and projected completion dates for submission for All Member Ballot.

Name

Description

Link

Spec input summary

date reviewed

Transparency Performance Conformity and Compliance Assessment Scheme 1, Part 1 and Part 2

specifies 4  Transparency performance indicators, to produce a digital transparency record. 




(6) LEADERSHIP: Proposed WG Chair and Editor(s)

  • Chairs & Secretary (initial)
    • Chair - Sal D'Agostino
    • Editor - Mark Lizar
    • Secretary - Gigi Agassani

(7) AUDIENCE: Anticipated audience or users of the work includes

Regulators looking for technical controls to implement legal requirements that scale.

Trust Framework Providers, 

Software developers, and product managers as a means of achieving interoperability across a wide range identity, security, and privacy of use cases. Developers of decentralized governance and next generation internet services.

Human beings, as the notice and consent receipts provide an alternative/complement to terms of services and privacy policies, and provides something that can be understood by people. This is in contrast to the current abuser experience, namely that privacy policies and terms of service address privacy concerns and provide safeguards of personal information.

Digital Privacy Operators, who are liable for  identity, privacy, security, and consent systems in the real world.

(8) DURATION: Objective criteria for determining when the work of the WG has been completed (or a statement that the WG is intended to be a standing WG to address work that is expected to be ongoing).

The first phase is the completion of the whitepaper and in parallel the specification. As in the table above this is expected to take 6 months, but there is no proposed time limit on the group.

(9) IPR POLICY: The Organization approved Intellectual Property Rights Policy under which the WG will operate.

Kantara Initiative IPR Policy - Patent and Copyright, Reciprocal Royalty Free, opt out to RAND, 
https://kantarainitiative.org/confluence/pages/viewpage.action?pageId=41025689

(10) RELATED WORK AND LIAISONS: Related work being done in other WGs or other organizations and any proposed liaison with those other WGs or organizations.

Notice and Consent Task force at ToiP, DIACC, Kantara ISO BOT Liaison, aNG liaison, and W3C DPV among others. Numerous other previous activities and liaisons developed in the Kantara CIS WG. (now archived).

(11) CONTRIBUTIONS (optional): A list of contributions that the proposers anticipate will be made to the WG.

Codes of conduct and practice that adopt this work and its licensing.

(12) PROPOSERS: Names, email addresses, and any constituent affiliations of at least the minimum set of proposers required to support forming the WG. At least 3 proposers must be listed. At least 2 of the proposers must be Kantara Initiative Members - current members list


Proposers Name

Email

Organization (or Individual)

Voting Member

Affiliations

Paul Knowles

paul.knowles [at] humancolossus.org

Human Colossus

x

ToiP-Inputs and Semantics WG

Sal D’Agostino

1dmach1n35 [at] gmail.com

Individual

x

Security Industry Association, ToIP, Kantara

Mark Lizar

Mark [at] openconsent.com

OpenConsent

x

Trust Over IP Notice and Consent Task Force

 


Related pages