ANCR: PII Controller identification record v0.8
- Mark Lizar
Editor(s)
Mark Lizar, WG Editor
Contributors
Salvatore D’Agostino, WG Chair
Gigliolla Agassini, WG Secretary
Tim Reiniger
Paul Knowles
Tim Lloyd
v. 0.8
Prelude
This PII Controller identification record, is the security part of the minimum viable consent receipt, which is the original work. Its now 4th generation record, it is in the appendix of 29184, it was the basis for the Kantara Consent receipt v1.1, and then ISO/IEC 27560 Consent record information structure.
It was first published as 0PN Schema, in semantics workshop, and is the record that is used to capture PII Controller identification information in the ANCR WG Transparency Performance Report. Wherein, the fields are referenced to an internationally interoperable legal and technical standard.
This specification provides mapping of the controller credential role in multiple jurisdictions, guidance on extending the record to generate a notice and consent receipt.
PR Option:
This ANCR WG Recommendation is open and can be used royalty-free under the ANCR WG IP license, patent and copyright (see: Reciprocal Royalty Free with Opt-out to Reasonable and Non-discriminatory (RAND) license agreement at the Kantara Initiative for its use and contribution to ISO/IEC SC 27 WG 5).
Any derivative use of this specification must not create any dependency that limits or restricts the use, accessibility, and availability of the specification and/or its use to measure the performance of transparency and/or the ability for the PII Principal to receive a notice receipt, or to manage or present a notice receipt as a record of and for the authoritative use of PII Principal consent.
Suggested Citation: (upon WG approval)
Kantara Initiative, 2024: ANCR Transparency Performance Report v 1.0
Conditions for use
License Condition:
This document has been prepared by participants of Kantara Initiative Inc. ANCR-WG. No rights are granted to prepare derivative works of this ANCR Scheme outside of the ANCR WG. Entities seeking permission to reproduce this document, in whole or in part, for other uses must contact the Kantara Initiative to determine whether an appropriate license for such use is available.
Implementation or use of this document may require licenses under third party intellectual property rights, including without limitation, patent rights. The participants and any other contributors to the specification are not and shall not be held responsible in any manner for identifying or failing to identify any or all such third-party intellectual property rights. This Specification is provided "AS IS," and no Participant in Kantara Initiative makes any warranty of any kind, express or implied, including any warranties of merchantability, non-infringement of third-party intellectual property rights, or fitness for a particular purpose. Implementers of this Transparency Performance Indicators specification are advised to review the Kantara Initiative’s website (Kantara Initiative: Trust through ID Assurance )1 for information concerning any Necessary Claims Disclosure Notices that have been received by the Kantara Initiative Board of Directors.
Dear reader,
Thank you for reviewing this specification in its preparation for publication and contribution. The Kantara Initiative is a global non-profit dedicated to improving secure, private and trustworthy use of digital identifier surveillance through innovation, standardisation, and good practice.
The Kantara Initiative, known internationally for incubating innovative governance technologies, operates Identification Trust Assurance Frameworks to assure digital identification practices are developed with community-led best practices and specifications. Its efforts are acknowledged by OECD ITAC, UNCITRAL, ISO SC27, and other consortia and governments around the world. “Nurture, Develop, Operate” captures the rhythm of Kantara in consolidating an inclusive, equitable digital economy offering value and benefit to all.
Every publication, in every domain, is capable of improvement. Kantara Initiative ANCR WG welcomes and values your contribution through membership, sponsorship and active participation in community driven working groups2 that drive all endeavors so that Kantara can reflect its value back to you and your organization.
Copyright: The content of this document is copyright of Kantara Initiative, Inc.
© 2025 Kantara Initiative, Inc.
Introduction
The PII Controller Identification record is specified here as its own specification, along with how it can be used to generate a notice record and consent record and receipt, in line with (proposed changes to 27560 -) for consent capable notice and consent records and receipt.
This specification recommends the use of this core identification record as the preferred stand format for this scheme, so as to interoperate with the ANCR Transparency Performance Reporting PII Controller identification record, which also requires a publically required and open identifier.
In this specification we provide security and privacy considerations for a data goverance role specific to blinding the identification of the PII Controller, linked PII Principal identification information, using the international transparency (aka notice and and consent record and receipt policy and technology framework as specified with the consent receipt v1.1 work)
Terminology
In the appendix there are the ISO/IEC Standards and standard bibliography that this Controller identification, as interoperable with by default.
Access Gateway
is the safety, security, surveillance, privacy and consent notice access point location and use information
PII Controller Notice identification record
This table consists of the compulsory attributes,
PII Controller refers to the interacting party
Data Controler refers to the the controller accountable for protecting personal data, which is commonly the same or equivalent to the Data Controller;
PII Controller Identification Record attribute | Controller ID Object | String | controller_id_object | _ | Required |
2 | PII Controller Identity | object | [piiController_identity] |
|
|
3. (object) | PII Controller Name | String | piiController_name | Company / organization name | MUST |
| PII Controller address | String | piiController_address | _ | MUST |
4 | PII Controller contact type and info | Varchar(n) | piiController_contact_email | correspondence email | MUST |
8 | PII Controller SSL Certificate | BLOB | piiController_sslcertificate | A capture Website SSL | MUST |
| means of accessing privacy rights and controls | VarChar(max) | pcpL | the end point address for privacy information and service access | MUST |
7 | Notice and Privacy Access Point | Varchar | piiController_www | URL of website (or link to controller application) | MUST |
9 | Notice & Permission Access Point Types (pcpT) | Object |
| pcpType |
|
| Access Gateway AG_MailAddress | object |
| mailing address | MUST |
| AG-Profile | String | pcpProfile | Privacy Access Point Profile | ** |
| AG-InPerson | String | pcpInperson | In-person access to privacy contact | ** |
| AG-Email | Varchar | pcpEmail | PAP email | ** |
| AG-Phone | char | pcpPhone | Privacy access phone | ** |
| AG-PIP- URI | Varchar | pcpPip_uri | privacy info access point, URI | ** |
| AG-Sform | Varchar | pcpForm | secure environment pii capture form form URI | ** |
| AG-bot | String | pcpBot | privacy bot, URI | ** |
| AG-cop | String | pcpCop-loc | code of practice certificate, URI of public directory with pub-key | ** |
| AG-other | string | pcp_other | Other | ** |
10 | AG Policy Meta - link, notice id, statement id, label | text | pcpn/ | the means of privacy | MUST |
Controller Credential Mapped to Legislative Instruments
ISO/IEC 29100 security and privacy framework standard maps terms in the standard itself, for example PII Principal is mapped to the Data Subject.
Stakeholder | ISO/IEC 29100 | Conv 108+ | GDPR | PIPEDA | Quebec Law 25[1] |
Regulator | Privacy Supervising Authority | Supervisory Authority | Data Protection Authority | Privacy Commissioner | Commission d’accès à l’information du Québec
|
Principal | PII Principal | Data Subject | Data Subject | Individual | Concerned Person (or person concerned) |
Controller | PII Controller | Data Controller | Data Controller | Organisation | Person in Charge of the Protection of Personal Information |
Joint (or Co-) Controller | Joint PII Controller | Joint Data Controller | Joint-Controller | Organisations | Person in Charge of the Protection of Personal Information |
Processor | PII Processor | Processor | Data Processor | 3rd Party | Service Provider (prestataire de services) |
Sub-Processor | Sub-Processor | Sub-Contractor | Sub-Processor | 3rd Party / Service Provider | Service Provider (prestataire de services) |
3rd Party | Any entity or individual other than the Data Subject, Controller or Processor | Any entity or individual other than the Data Subject, Controller or Processor | Any entity or individual other than the Data Subject, Controller or Processor | 3rd Party | Any individual or organisation other than the person concerned or the organisation in charge of data protection |
Table 1. Role Mapping
Quebec, Bill 64 - [1] An Act to modernize legislative provisions as regards the protection of personal information, SQ 2021, c 25,
(compliance roles, mapped to be interoperable within data privacy framework)
Roles in this document refer to a record of relationship between the Individual and any digital service, as documented by the Controller identity schema for TPI assessment.
PII Controller Identification Schema
Schema for the Controller Identification Record, and access point, which does not require any PII. This is immensely useful, as it provides a mechanism that people can use to consent with,
Used to specify the digital element, nft, envelope, packet,etc, which encapsulates information, As a result, PII is not exposed through direct interaction, and thus enables the individual to be anonymous the service, authorising through an alternative approach.
Interoperable with
ISO/IEC A Standard that can be for the,
Convention 108+
GDPR
FIPPS Principles based law
ISO/IEC 29184:2020 Online privacy notice and receipt
ISO/IEC 27560:2024 - proposed as a profile for 27560
ISO/IEC ?
Appendix A: Standards Interoperability using ISO/IEC 29100 Terminology Bibliography
[1] ISO Guide 733, Risk management — Vocabulary
[2] ISO 31000, Risk management — Guidelines
[3] SC 27 committee document 502 — Privacy References List, available at: https://committee.iso .org/home/jtc1sc27
[4] ISO/IEC 27000:2018, Information technology — Security techniques — Information security
management systems — Overview and vocabulary
[5] ISO/IEC 27001, Information security, cybersecurity and privacy protection — Information security management systems — Requirements
[6] ISO/IEC 27002, Information security, cybersecurity and privacy protection — Information security controls
[7] ISO/IEC 27003, Information technology — Security techniques — Information security management systems — Guidance
[8] ISO/IEC 27004, Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation
[9] ISO/IEC 27005, Information security, cybersecurity and privacy protection — Guidance on managing information security risks
[10] ISO/IEC 27006, Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems
[11] ISO/IEC 27007, Information security, cybersecurity and privacy protection — Guidelines for information
security management systems auditing
[12] ISO/IEC TS 27008, Information technology — Security techniques — Guidelines for the assessment of information security controls
[13] ISO/IEC 270094), Information technology — Security techniques — Sector-specific application of
ISO/IEC 27001 — Requirements
[14] ISO/IEC 27010, Information technology — Security techniques — Information security management for inter-sector and inter-organizational communications
[15] ISO/IEC 27011, Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for telecommunications organizations
[16] ISO/IEC 27013, Information security, cybersecurity and privacy protection — Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1
[17] ISO/IEC 27014, Information security, cybersecurity and privacy protection — Governance of information security
[18] ISO/IEC TR 27016, Information technology — Security techniques — Information security management — Organizational economics
[19] ISO/IEC 27017, Information technology — Security techniques
[20] ISO/IEC 29100:2024 Information technology – Security techniques - Privacy Framework
1 (Kantara Initiative: Trust through ID Assurance
2 Kantara Initiative hosts a number of work groups which work at the apex of digital identification and trust, and assurance.