ANCR Project: Digital Privacy Transparency Index Demo

Owned by
Mark Lizar
May 25, 2024
3 min read

This project to implement and demonstrate the ANCR specifications with the 0PN Digital Transparency Lab, with the Sensorica Lab’s Open Value Network (OVN) in Montreal Canada.

 

@Salvatore D'Agostino Please Review this document

Project Brief for a Standardised Digital Privacy Transparency Index

(transparency over Valid Digital Transparency & Consent)

Objective:

The strength of Consent is based on the quality of transparency, and capacity for consensus.   The project aims to demonstrate a cyber-notary  Digital Transparency Index, as an open source, open legal commons service.  The prototype of this index has a purpose to measure the effectiveness of security and privacy laws and standards as public policy tools for individuals.  It aims to present this to regulars for its review.   The index focuses on the validity of consent in alignment with local and international privacy legislation, introducing an Authorisation from Consent - digital identity protocol. This protocol allows individuals to log in anonymously, inquire into a service's practices, receive a report, and progress according to local data security and privacy mechanisms,  for the enforcement of valid transparency and consent.  while being anonymous to the notary service. 

Goals:

  1. Enhance governance and authority structures in line with data commons governance, expected from international security and privacy laws.

  2. Prototype, demonstrate, and test a digital transparency technology for presentation to local and regional data privacy authorities as a framework for governed consent-based exchange.

  3. Establish a Transparency Code of Conduct and Consent Best Practices rule set for digital governance.

Project Deliverables:

  1. Data Commons Website for the Transparency Index.

  2. Implementation of a two-factor notice system generating a notice token.

  3. Use of the notice token as a consent receipt to access the Transparency Index service.

  4. Inquiry mechanism for users to report and act on non-compliant services.

  5. Development and testing of emergency data access protocols and procedures.

Methodology:

  • The project will use the ISO/IEC 291000 commons based ANCR Digital Transparency Protocol, requiring legal records and receipt standards for authenticity, providence, and authority verification.

  • It will involve training on consent management from Montreal/Quebec Privacy Law to France, Paris Privacy Law, and context.

  • Use of notarized control notice records and receipts for submitting evidence and making complaints about non-valid consent.

  • Monitoring and enforcement by regulators based on the collected evidence in various jurisdictions.

Benefits:

  • Establishment of a network and exchange where media is authentic, has provenance, and is watermarked with PII Controller Notice Credentials.

  • Enhancement of anonymity, privacy, and security for users in digital spaces, resembling physical space protections.

  • Provision of a service enabling individuals to verify if a service provides valid consent, promoting transparency in digital consent practices.

Conclusion:

The project will culminate in a report on the performance of transparency measures and the effectiveness of implementing the Transparency Code of Conduct and receipt standards in addressing digital consent issues. This will be presented to Quebec and French CNIL Regulators for consideration and potential adoption.

Implementation Tasks

  • Common’s based service which uses the International Privacy Law Convention 108+ Chapter 1 Transparency modalities as a the rule book for creating the Transparency Code of Conduct Privacy Policy for use with PII Controller Identifier based records and credentials.

  • A mapping of administrative complaint process for private rights of action using Quebec Law 25 for notice and consent practices

  • Mapping Quebec Law to Conv 108+

  • A Transparency Lab, Global Privacy Rights website, PII Controller Credential, Two Factor Notice, and Consent Receipt Flow

  • The use of the Consent Receipt to anonymously authenticate in order to use the transparency index report notary service

  • a TPS Report and a notary verification service

Part 1: Testing the complaint process and the effectiveness of enforcement

  • then options to make a data scraping complaints against IAB, to stop IAB in Quebec.

    • make a complaint (anonymously) about IAB Transparency and Consent Framework

      • for private right of action $1000

      • for public right of action $5000 to $25 million

      • for 4% of Gross

    • targeting/mapping the governance required for the entire authority supply chain

      • website,

      • website service provider

      • browser

      • operating system

      • network

      • IAB Canada

      • Google/Alphabet

Part 2: Montreal Municipal Government

The second project is already being planned to make a community transparency index of the Montreal Municipal government, to capture the evidence of notice, notification and disclosure practices by a community.