Convergathon Hack Notes July 12

Welcome to Convergathon

Core Qustions to raise big issues to hack

What does the emerging market place look? What is next?

What are the big issues for digital personal data control? (are their any elephants in the room?)

How does your product/project/proposal deal with consent and notice?

How does your product/project/proposal deal with Third Party data transfer? (notice, contract, transparency?)

Big Issues to Solve in Hack

(note: these are raised by the core questions, put your name under the issue you want to hack, this will form your team)

E.g. Lack of transparency over third party sharing in the UK, companies are required to only share the category of data they share, not who they share it with. This means people are unable to contact orgs with their data for a copy, or to see if they are compliant.

List of Technologies, Projects and Ideas

(please put your name, email, and project idea below)

Matan Safriel - matan.safriel@gmail.com - automatic text analysis for extracting bottom line meaning of long terms of service pages for a "regular" user. Chrome extension with NLP backend.

Mark Lizar - mark.lizar@gmail.com Consent Receipt ------Open Consent - common format for listing policies and data controls connected wtih consent

Markus Sabadello - markus@projectdanube.org - Working on Respect Network and XDI protocol for semantic data modeling, linking, interchange. Interested in synergies with Open Consent format.

Sunday Hack Collaboration Sessions (add your own and advertise it)

Put your issues/session down

a) OKF-My Data List 3pm Berlin time - (google hangout link goes here)

b) join Open Notice/Clear Button 3pm Berlin time (google hangout link goes here)

=========================

Demo

- AmazonRespect is a member of the RN (Respect Network) and is the Data Controller

- Alice is a member of the RN and is the Data Subject

- This is for a one off consent transasction not for an ongoing access for pcloud therefore does required and XDI Link Contract (link contract is authotisations for access to pcloud)

- In future implementation the receipt needs to be signed by by both parties there a number of ways to do this (at this time crypto is in black box)

- in XDI it will/can happen in the pcloud (lots of options being developed currently) e.g. Open Web

- Add more options here:

a demo of an Open Notice registry where a company (AmazonRespect) fills a form (name, location, policy links, contact information, third party etc) to create a notice registry listing (that is public) that would then provide them with a snippet of code they can put behind their 'I agree' button that gives out a consent receipt.

The idea here is that after company x (AmazonRespect) fills in the form they would get a list of trust services (e.g. privacy icons, respect network, safe harbour, TOS;Dr etc) they can select (with some signup process if necessary) and these icons/links/trust marks would then be added to their consent receipt.

When AmazonRespect fill outs the registry form an additional form listing third parties Alices data is shared with is presented. In this form AmazonRespect also requires the purpose the information is shared, how long the data is shared with and what the data retention policy is for that third party. Ths is then creates the link contract with UPS in Amazon's cloud.

Alice signals an intent to go to Amazon's page (directly enters a URL or clicks a link).

If the site is in the Open Notice Registry, she continues (later versions could check if the notice is compliant with Alice's personal preferences and/or complies with Alice's country's privacy code). If the site is not in the registry, an alert could pop up, saying "No privacy notice, continue (Y/N)?

Alice continues, signs up for an account and clicks the I agree button (or ticks a box).

A modal pop up appears with 5 options

1. use email address (mail receipt to user)

2. Send to pcloud - XDI - Authorisation to store in pcloud - If Alice provides a personal cloud name, the cloud password is required too.

3. Browser Capture (in shoebox)

4. Download receipt

5. Dont give me a receipt

+=========================

Respect Network XDI Consent Receipt

Data Subject: Alice [=]!:uuid:1111

Data Controller: Amazon [+]!:uuid:9999

Third Parties: UPS [+]!:uuid:8888

In Alice's and Amazon's cloud:

(all elements of one receipt)

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<#location><#digital>&/&/true #the webpage uri with the consent button or opt in

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<#location><$uri>&/&/"....." # explain the domain of the organisation

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<#type>&/&/"explicit"

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234[<#purpose>]<@0>&/&/"We need to process your payment."

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234[<#purpose>]<@1>&/&/"We need to be able to deliver your product."

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234[<#purpose>]<@2>&/&/"We need your data to prevent fraud."

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234[<#purpose>]<@3>&/&/"We will advertise to you."

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<$t>&/&/"2014-07-13T21:32:52"

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<#privacy><#policy><$uri>&/&/"https://..."

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<#cookie><#policy><$uri>&/&/"https://..."

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<#tos><$uri>&/&/"https://..."

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<#short><#privacy><#notice><$uri>&/&/"https://..."

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<#dnt>&/&/true

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<#sensitive>&/&/true

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234<#jurisdiction>/$ref/[=]!:uuid:1111<#jurisdiction>

[=]!:uuid:1111<#jurisdiction>&/&/"US"

[+]!:uuid:9999<#jurisdiction>&/&/"DE"

In Amazon's clouds:

([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234 <-- copy of the receipt

[=]!:uuid:1111<#email>&/&/"alice@gmail.com"

[=]!:uuid:1111#address<#street>&/&/"Street 123"

[=]!:uuid:1111#address<#country>&/&/"DE"

[=]!:uuid:1111#address<#postal><#code>&/&/"23544"

([+]!:uuid:9999/[+]!:uuid:8888)$do/$get/[=]!:uuid:1111#address

([+]!:uuid:9999/[+]!:uuid:8888)$do/#receipt/([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234

"there is a relationship between 9999 and 8888. in that relationship we have a link contract ($do). the link contract's associated #receipt is under ([=]!:uuid:1111/[+]!:uuid:9999)[#receipt]!:uuid:1234

Generic schema: (entity1/entity2) = Entity 1 and entity 2 have a relationship.

UUID:1234 = transaction receipt identifier

JSON signature

http://www.davedoesdev.com/json-web-signatures-on-node-js/

{

"@context": "http://opennotice.org/spec/receipt-0.1",

"receipt":{

"timestamp": 1405243610859,

"userId": "aweftrew",

"dialogUrl": "http://michielbdejong.github.io/consent-receipt/signup.html",

"dnt": true,

"revokeUrl": "http://michielbdejong.github.io/consent-receipt/quit",

"policyUrls": [

"http://michielbdejong.github.io/consent-receipt/terms",

"http://michielbdejong.github.io/consent-receipt/privacy"

]

},

"jsonSignature": "tr0tberoijawflekrjg5wrgtbghdfgrt09rtgjw5tbrthe5ztntr"

}

https://github.com/RDBinns/consent-receipt/blob/gh-pages/signup.html

http://on.smartspecies.com/consent-directory/form2.php

But how can Alice know, before going to the site, to get the receipt that it is even a site that she is willing to trust to visit. Shouldn't there be at least the possibility for a pre-landing validation that the publishied notice for the site doesn't egregriously violate Alice's expectations?

The Open Notice Registry should provide the ability for a user/browser to validate basic notice BEFORE going to the site.

# Privacy Notice Service

It is the case that most countries that have a data protection regime have some form of notice and consent regime. We propose a privacy notice service to provide participating entities with a common protocal and service to publish their privay notices. This enables the following:

* Regulators to validate that notice and consent guidelines are being met

* Users to proactively determine which entities to deal with before provide personal information

Adoption of a privacy notice service would also encourage competition and innovation in data protection.

## Privacy Notice Service

"noticeTS":1420642200 # Time that notice was created

"noticeType": "Asserted|Validated|Found" # notice could be asserted by entity, validated by third party, or scraped from web site

"noticeURL":"http://www.entity.com/opennotice"

"noticeTxt":"We only collect information about you with your consent, except for web browser information which is retained in our logs for 2 weeks."

"consentReceipt":TRUE|FALSE # whether the site provides consent receipts

## Open Notice Registry

This would be a service on the Internet. Open Notice Registry (ONR) servers would be repositories of privacy notices and could communicate with each other to provide redundancy. A preferred model of this would also have a governance model to allow for validation of notices.