Schema Sandbox
Please document ideas for Open Notice Schema here.
Â
Joe's proposal Aug 18, 2013:
Bob checks his privacy exposure before buying from a foreign website.
Identity: Details to uniquely identify this particular Open Notice
Scope : a rigorous statement of what this particular Open Notice applies to. A way to say "This website" or "These web pages" or "This location".
Notices: an array of notices applicable to the stated scope
Strawman JSON schema example:
{
 "identity" : {
 "version": "http://opennotice.org/v/1",
 "guid": "836baeee-6dcc-489a-8242-bd5bf46de278",
 "md5Hash" : "9f06243abcb89c70e0c331c61d871fa7",
"authority" : {
"displayName": "Joe Andrieu",
 "url" : "http://joeandrieu.com" }
  },
 "scope" : {Â
"type: "website",
"recognizer": {
"type" : "regex"
"rx" : ["^google.com/",
"^www.google.com/"]
},
"notices" : [{
"type": "general policy",
"url" : "https://www.google.com/intl/en/policies/",
"displayName" : "Google Terms and Policies",
"authority" : {
"displayName" : "Google, Inc.",
"url" : "http://google.com" }
},{Â
"type": "terms of service",
"url" : "https://www.google.com/intl/en/policies/terms/",
"displayName" : "Google Terms of Service"
"authority" : {
"displayName" : "Google, Inc.",
"url" : "http://google.com" }
},{Â Â
"type": "privacy policy",
"url" : "https://www.google.com/intl/en/policies/privacy//",
"displayName" : "Google Privacy Policy",
"authority" : {
"displayName" : "Google, Inc.",
"url" : "http://google.com" }}]
}
Â
This is about as simple as I think we can make it. We still need an ontology of notice and scope types and I'm sure I'm missing stuff, but this feels like something simple enough that we might be able to get it locked down and released within 3-6 months with focused effort.
My goal is to allow anyone to publish a notice statement about typical situation (websites, public spaces, etc.) that anyone can consume to gain an understanding of that situation: applicable policies, terms of use, freedom of information act statements, health risks, whatever.
I want ToS;DR, Common Terms, Standard Label, Mozilla Privacy Icons, etc., to be able to post notices about websites that are easily connected to the website in question. Then anyone can build a registry of known sources (ala Technorati) and any website can publish its own open notices without needing to change any of their underlying policies or terms infrastructure. No new URLs, no new language, etc. The authority behind each open notice as well as the authorities behind the linked notices are well labeled, so it's easy to follow that I, Joe Andrieu, wrote the above Open Notice, while Google, Inc., is responsible for the three notices actually linked to the four wildcard urls http://www.google.com/*, https://www.google.com/*,http://google.com/*,https://google.com/*, (This expansion depends on the definition of "regex" recognizers for "website" scopes.)
Similarly the MD5Hash is a stand-in for some appropriate signature. Maybe a JWT. To be decided as I'm not deeply versed in the tradeoffs of different options.
Â