Kantara presented the demo at EIC 2019 and is scheduled to present improved versions at Identiverse 2019 and MyData 2019.
A webinar recording of the slides on YouTube
The slides on SlideShare: kantara-privacy-control-panel-demonstration-2019-0515
NEW: Demo video for ISSE 2019 Brussels
The project to assemble v2 of the demo is active as of December 2018. Throughout 2019 the WG team will be refining and growing the demo functionality.
The draft demo description being discussed in the WG is:
The main purposes of the Kantara Initiative Privacy Control Panel (Kantara PCP) system are a) to allow people to see, organize, find details via a ‘data processing receipt’ construct about the conditions under which they agreed to provide information for data processing; and b) to give them tools to investigate the data processing receipts they might have received or modify the permissions they granted when they initially shared the data for processing.
In the Kantara vision, whenever an individual is asked for their personal data, or whenever their personal data is acquired, a ‘data processing receipt’ is created by the data controller. The receipt includes details about the conditions under which the data was obtained: the privacy notices provided; the lawful basis and purposes for collecting and processing data; the terms of the agreement and other metadata related to the interaction.
These data processing receipts could be offered by the data controller’s system to the individual for storage in their personal Privacy Control Panel application.
Once the data processing receipts are in the personal PCP, the person can organize them and inspect them to ensure they are valid, current and actually represent what happened.
The PCP gives the person tools to take action with the receipts including view, validity check, request the data, revoke consent, change permissions, or erase the data. In other words to exercise their data subject rights.
On the consent management platform and data controller system side, standard data processing receipt APIs could be offered. The PCP utilizes these APIs.