Minimum Viable Consent Transaction Record: Animin Example
Minimum Viable Consent Transaction RecordÂ
This specification is for the implementation of the consent receipt as a dynamically updated transaction record for Children’s mobile device video game.Â
This specification evolves the Minimum Viable Consent Receipt into a transaction record in order to demonstrate two new requirements
- Audit ability
- Dynamic Consent and Parental Control (Third party surveillance use case)
With the objetive of demonstrating compliance with multi-jurisdictional regulations
- COPPA
- EU - New DP Reg
- APEC
- ISO -2901
Â
The MVCR as it stands now provides a single static transaction “receipt" which evolves the current consent infrastructure online. The receipt provides a standard record format to show in a human readable way a legally required compliance elements for basic consent requirements across jurisdictions. This is a short static record of the consent transaction.Â
To accommodate more complex privacy and data control requirements where consent preferences change dynamically a static receipt is not sufficient.  For dynamic consent control to be possible the standard consent receipt must be useful as a transaction record that can be aggregated.  The latest and accurate consent transaction record being the receipt demonstrating consent control/policy and compliance. For the this to be demonstrable then a consent transaction record viewer is needed, the transaction viewer needs a history which can be audited and viewed in aggregate.Â
Â
Animin: a AR Pet for mobile devices
The Animin application is a great framework itself forÂ
Description of Game
Â
A virtual friend the evolves if you keep it happy.Â
Â
Privacy By Design
Â
Privacy/Parental Controls
Â
Parental Gateway: set a password to create a parental gateway
Buy: keep the buying options behind the parental gateway
Age Selector: selected the age of the user to restrict content
Lock In Animin: Lock the game (see notes below)
Privacy Viewer: Planned for Q1 Next Year with the release of the Multiplayer platform.Â
Purpose Log:Â
Â
Setting the Age of the User
Animin has a Privacy feature where the age can be set by a parent, guardian or the game user,Â
The age can be set so that content, features and permission can reflect legal policy for data controls that need to be appropriately set for age. a parent password setup and the game, a consent log if kept.
As it is within Animin’s scope to be used in educational and health care based environments we have architected a robust privacy framework
 Â
Content Rating:
The game has been rated for a 9 and up, but, the game content and design framework is privacy by design and can limit and provide content for all age ranges as set by the set age in the parental control screen.Â
Â
This game is directed and rated out of the box for ages 9+. Even so all of the content is rated for all age ranges specified in Apple policy with this scale. Â
kids ages 5 and underÂ
ages 6-8, orÂ
ages 9-11
Ages 12-16
Ages 17-21
21 and Up
Â
All content and game elements are rated for age appropriateness.
Â
Â
Â
Â
Â
Description of Privacy and Consent Controls in Game
Â
Consent System For Game
Â
Consent Viewer: Audit Ability
Â
Â
Dynamic Consent View
Â
Future Use: Location and IOT
Â
The consent framework is in place for this first version and for review of the app store this is apart of the privacy by design methodology used to create Animin.Â
Â
All data collected comes with a short defined purpose which is kept in a purpose/consent log. This consent framework provides scalability and customisation of consent and control for the future platform of Animin.
Â
To achieve scalable security controls Animin has a purpose for every consent and use of personal data) tracking system that is expandable and scalable.  The purpose’s and transaction is logged and these are used to create a ‘dynamic consent view’. This dynamic view is based on the Consent Receipt standard specification for the settings that is used in the game. This consent system collects the consent the game user provisions, and then, by working with the security controls allow for parents to view and control their children’s access.
Â
(Note: The consent privacy view is still in development and is awaiting some feedback from the App store before implication schedule for Dec 1 release.)
Â
Â
Â
Â
Â
Future Forward
Â
In future we will aim to use this framework so that fine grained consent controls can be used to enable the Animin to interact with real objects in physical space (not just on the device). The privacy/security framework is scaleable for this and many other purposes.
The consent framework is in place for this first version and for review of the app store this is apart of the privacy by design methodology used to create Animin.Â
All data collected comes with a short defined purpose which is kept in a purpose/consent log. This consent framework provides scalability and customisation of consent and control for the future platform of Animin.
To achieve scalable security controls Animin has a purpose (consent for use of personal data) tracking system that is expandable and scalable.  The purpose’s are logged and these are used toÂ
create a ‘dynamic consent view’. This dynamic view is based on the Consent Receipt standard specification for the settings that is used in the game. This consent system collects the consent the game user provisions, and then, by working with the security controls allow for parents to view and control their children’s access.
In future we will aim to use this framework so that fine grained consent controls can be used to enable the Animin to interact with real objects in physical space (not just on the device). The privacy/security framework is scaleable for this and many other purposes.
Â