Dynamic Registrar Controller: Data Access Assurance WG
ANCR Proposes a Registrar Dynamic Data Assurance WG proposal to start a workgroup at Kantara, inviting a Multi-Industry Collaboration. Â
Collaboration between the security industry with use cases specific to (emergency responders), the privacy industry (Data Privacy Officers) and the Digital Identity Industry, Â
 Proposing a work effort at Kantara Initiative for a DPT-Registrar Notary Assurance Program Â
Â
Program Sub-Group Â
The Security Architecture - Â Â
The Registrars Code of Practice - (Discuss Plan?)Â
Controller Credential – Code of Conduct -  Â
Â
With 3 areas of policy topics
Registrar - Consent by Default Code of Practice Â
Dynamic Security Access Architecture GroupÂ
Digital Privacy Notary - Privacy Policy, Index and LedgerÂ
Â
Security Architectures Currently use commercial identity management, which is really insecureÂ
Refers to terms that are redefined for technical purpose, which conflict with governance terms, in addition to locking in the requirement for people to provide identifiers and personal attributes to use security in online services Â
Current risks for children can be seen in our slides Â
Â
PII Controller – is an Industry Security solution witch is ISO/IEC 27002- specified, using open to access privacy framework solutions to extend enterprise security architectures for decentralised data governance solutions,Â
Up until now, digital identity technology has, for the most part, been specified and defined by commercial enterprises, Â
A famous code is law, article for Lawrence Lessig, who started creative commons, explained how technology is making their own rules and not obeying the rules we think, Â
This has cause significant issues in governance and delivery of market services, Â
Thes are now seen in the security and surveillance industries in a number of ways, across many jurisdictions.  Â
In particular the digital identity management industry, and the generic identifier to attribute management standards, which aim to side step the data governance requirements with technical specifications, which are free from governance rules and restrictions, Â
Security and Privacy issues now a key concern as commerical IDm Digital Trust solutions have made these systms insecure. Â
Topics
Governance Authority, sovereign transparency - decentralised and distributed data governance, security and policy for regulators and industry engagement and approval, to enable new knowledge banking industry,  Â
This group would inherit updated ANCR Specification(s) as well as use of the ANCR TPS Benchmark Program – For Assessment and Assurance, of registry products and services for regulators, Â
The program aims to produce, maintain and sustain the international policy framework for registrars in different industries, and jurisdictions to extend their governance authority with this framework. Â
Specifically, planning to provide a common’s policy extensions framework that governs the PII Controller Notice and Notary Credential Policy, to enable children, youth, community security and privacy standard development. Â
The Audience is OECD, CoE 108+ committee, Commonwealth, industry and Community of Registrars
ANCR Contributing
* AuthC -Consent by Default Protocol for digital identity management systems and surveillance.Â
The AuthC protocol in development at ANCR would be to extend existing identiyt management protocols., with a authorisation from consent. Â
Digital Privacy as public digital infrastructure, and an industry unto –itself for the co-regulation of the data commons. Contributing to these efforts, CoE, OECD, Â
Â
Â