Kantara Initiative - Advanced Notice & Consent Receipt - ANCR-WG Charter
(1) WG NAME (and any acronym or abbreviation of the name):
Advanced Notice and Consent Receipt Work Group
To provide a protocol and framework based on notice and consent that supports the use of records and receipts for decentralized authorization independent of identifier technology. To provide a specification for an anchor receipt for notice of purpose and context and proof of notice that supports decentralized governance and authorization (Auth C) by the principal and the controller/operator.
Collaborate with other Kantara, and community and standards groups in the adoption of the protocol and the anchor receipt.
Contribute this to iso works, contribute to conformance programs for notice and consent in Kantara Initiative Community.
- Publish a white paper that presents the flow of the Auth C protocol and the dual receipt structure.
- Publish a Notice Record and Receipt Specification to address the technical gaps in the current specification and include inputs from recent standards, and other technical, and legal developments.
- Update the initial consent receipt specification by specifying the explicit consent record fields for legal proof(s) of notice and proof of consent.
- In the update take advantage of ISO 29184 and other relevant technical standards, laws and policy developments.
- Address technical gaps in the initial consent receipt specification, with new specifications, e.g. a data privacy vocabulary
- A glossary.
- Innovate in accordance with Kantara Operating Procedures and promote a consent notice receipt (a receipt that is a notice of consent) as an international tool for human, legal and decentralized identity governance and interoperability.
(4) DRAFT TECHNICAL SPECIFICATIONS: List Working Titles of draft Technical Specifications to be produced (if any), projected completion dates, and the Standards Setting Organization(s) to which they will be submitted upon approval by the Membership.
Specifications in scope
Anchor Receipt (Conformance of Notice)
- Publish as a Kantara Specification
- Complements existing Consent Receipt
- Maps to ISO 27560 and 29184
January 2022 - start of group, expected 6-month effort.
- Kantara Specification
- As appropriate for ISO 27560, FAPI, GNAP and related works.
(5) DRAFT RECOMMENDATIONS: Other Draft Recommendations and projected completion dates for submission for All Member Ballot.
Spec input summary
(6) LEADERSHIP: Proposed WG Chair and Editor(s)
- Chairs & Secretary (initial)
- Chair - Sal D'Agostino
- Editor - Mark Lizar
- Secretary - tbd
(7) AUDIENCE: Anticipated audience or users of the work includes
Software developers, and product managers as a means of achieving interoperability across a wide range identity, security, and privacy of use cases. Developers of decentralized governance and next generation internet services.
Regulators looking for technical controls to implement legal requirements that scale.
For human beings, as the notice and consent receipts provide an alternative/complement to terms of services and privacy policies, and provides something that can be understood by people. This is in contrast to the current abuser experience, namely that privacy policies and terms of service address privacy concerns and provide safeguards of personal information.
Operators of identity, privacy, security, and consent systems in the real world.
(8) DURATION: Objective criteria for determining when the work of the WG has been completed (or a statement that the WG is intended to be a standing WG to address work that is expected to be ongoing).
The first phase is the completion of the whitepaper and in parallel the specification. As in the table above this is expected to take 6 months, but there is no proposed time limit on the group.
(9) IPR POLICY: The Organization approved Intellectual Property Rights Policy under which the WG will operate.
Kantara Initiative IPR Policy - Patent and Copyright, Reciprocal Royalty Free, opt out to RAND,
(10) RELATED WORK AND LIAISONS: Related work being done in other WGs or other organizations and any proposed liaison with those other WGs or organizations.
Notice and Consent Task force at ToiP, DIACC, Kantara ISO BOT Liaison, aNG liaison, and W3C DPV among others. Numerous other previous activities and liaisons developed in the Kantara CIS WG. (now archived).
(11) CONTRIBUTIONS (optional): A list of contributions that the proposers anticipate will be made to the WG.
(12) PROPOSERS: Names, email addresses, and any constituent affiliations of at least the minimum set of proposers required to support forming the WG. At least 3 proposers must be listed. At least 2 of the proposers must be Kantara Initiative Members - current members list
Organization (or Individual)
paul.knowles [at] humancolossus.org
ToiP-Inputs and Semantics WG
1dmach1n35 [at] gmail.com
Security Industry Association, ToIP, Kantara
Mark [at] openconsent.com
Trust Over IP Notice and Consent Task Force