Minimum Viable Consent Transaction Record: Animin Example

Owned by Mark Lizar (Unlicensed)
Nov 01, 2014
4 min read

Minimum Viable Consent Transaction Record 

This specification is for the implementation of the consent receipt as a dynamically updated transaction record for Children’s mobile device video game. 


This specification evolves the Minimum Viable Consent Receipt into a transaction record in order to demonstrate two new requirements

  1. Audit ability
  2. Dynamic Consent and Parental Control (Third party surveillance use case)

With the objetive of demonstrating compliance with multi-jurisdictional regulations

  • COPPA
  • EU - New DP Reg
  • APEC
  • ISO -2901

 

The MVCR as it stands now provides a single static transaction “receipt" which evolves the current consent infrastructure online.  The receipt provides a standard record format to show in a human readable way a legally required compliance elements for basic consent requirements across jurisdictions.  This is a short static record of the consent transaction. 

To accommodate more complex privacy and data control requirements where consent preferences change dynamically a static receipt is not sufficient.  For dynamic consent control to be possible the standard consent receipt must be useful as a transaction record that can be aggregated.  The latest and accurate consent transaction record being the receipt demonstrating consent control/policy and compliance. For the this to be demonstrable then a consent transaction record viewer is needed, the transaction viewer needs a history which can be audited and viewed in aggregate. 

 

Animin: a AR Pet for mobile devices

The Animin application is a great framework itself for 

Description of Game

 

A virtual friend the evolves if you keep it happy. 

 

Privacy By Design

 

Privacy/Parental Controls

 

Parental Gateway: set a password to create a parental gateway

Buy: keep the buying options behind the parental gateway

Age Selector: selected the age of the user to restrict content

Lock In Animin: Lock the game (see notes below)

Privacy Viewer: Planned for Q1 Next Year with the release of the Multiplayer platform. 

Purpose Log: 

 

Setting the Age of the User

Animin has a Privacy feature where the age can be set by a parent, guardian or the game user, 

The age can be set so that content, features and permission can reflect legal policy for data controls that need to be appropriately set for age. a parent password setup and the game, a  consent log if kept.

As it is within Animin’s scope to be used in educational and health care based environments we have architected a robust  privacy framework

  

Content Rating:

The game has been rated for a 9 and up, but, the game content and design framework is privacy by design and can limit and provide content for all age ranges as set by the set age in the parental control screen. 

 

This game is directed and rated out of the box for ages 9+.  Even so all of the content is rated for all age ranges specified in Apple policy with this scale.  

kids ages 5 and under 

ages 6-8, or 

ages 9-11

Ages 12-16

Ages 17-21

21 and Up

 

All content and game elements are rated for age appropriateness.

 

 

 

 

 

Description of Privacy and Consent Controls in Game

 

Consent System For Game

 

Consent Viewer: Audit Ability

 

 

Dynamic Consent View

 

Future Use: Location and IOT

 

The consent framework is in place for this first version and for review of the app store this is apart of the  privacy by design methodology used to create Animin. 

 

All data collected comes with a short defined purpose which is kept in a purpose/consent log. This consent framework provides scalability and customisation of consent and control for the future platform of Animin.

 

To achieve scalable security controls Animin has a purpose for every consent and use of personal data) tracking system that is expandable and scalable.   The purpose’s and transaction is  logged and these are used to create a ‘dynamic consent view’. This dynamic view is based on the Consent Receipt standard specification  for the settings that is used in the game.  This consent system collects the consent the game user provisions, and then, by working with the security controls allow for parents to view and control their children’s access.

 

(Note: The consent privacy view is still in development and is awaiting some feedback from the App store before implication schedule for Dec 1 release.)

 

 

 

 

 

Future Forward

 

In future we will aim to use this framework so that fine grained consent controls can be used to enable the Animin to interact with real objects in physical space (not just on the device).  The privacy/security framework is scaleable for this and many other purposes.

The consent framework is in place for this first version and for review of the app store this is apart of the  privacy by design methodology used to create Animin. 

All data collected comes with a short defined purpose which is kept in a purpose/consent log. This consent framework provides scalability and customisation of consent and control for the future platform of Animin.

To achieve scalable security controls Animin has a purpose (consent for use of personal data) tracking system that is expandable and scalable.   The purpose’s are logged and these are used to 

create a ‘dynamic consent view’. This dynamic view is based on the Consent Receipt standard specification  for the settings that is used in the game.  This consent system collects the consent the game user provisions, and then, by working with the security controls allow for parents to view and control their children’s access.

In future we will aim to use this framework so that fine grained consent controls can be used to enable the Animin to interact with real objects in physical space (not just on the device).  The privacy/security framework is scaleable for this and many other purposes.

Â