Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »


CR V1.1 Issues Resolved for CR v1.2 Framework

the receipt is further defined and fields and broken down into

  1. Part 1 :  Required Notice of Controller Identity Fields - the capture of the identity of the controller, and the physical context of the notice for processing provided by the controller
  2. Part 2: Legal Justification and (services) purpose specification to generate a consent notice receipt from the notice presented to the Individual
  3. Part 3: the human interaction point - in which proof of notice being provided/read is captured and a Consent Notice Receipt is generated. 

Additional information for data control & accountability providence can be nested in the receipt to provide a higher level of automated privacy assurance to better mitigate risk and liability   

 Consent Types Defined in v1.2

  • explicit
  • implied
  • directed
  • altruistic



The CR v1,1 as published known challenges have been addressed and are specified here in the v1.2 update.  


  • See Update 


CR v1,2  Format Structure and fieilds

  

  1. Notice field object
    1. Location & Time 
    2. Location – twin - 
    3. Physical Device - 
  2. PII Controller object
    1. Jurisdictions, 
  3. Link to physical notice 
  4. Extend it (Legal Justification)  
  5. Privacy Stakeholders 
  6. Categories of controllers  
  7. Consent Purpose Specification (v.1.1) 
  8. Purpose Category 
  9. Purpose Descriptions  
  10. Purpose Sensitive Categories of Data  
  11. Sensitive data category  
  12. Personal Data Category  
  13. Personal Data Types/attributes etc  
  14. Personal Data Processing Treatment 
  15. Storage 
  16. Security (cert/sighed key) 
  17. Extensions –Requirements (according to Context)  

Notice & Notifications

Notice can itself be extended with a Notification for the maintenance of a consent record, and consent based relationship.  Notice Receipts facilitate a Semantic Governance Framework  

A notice of controller is the first section of the receipt  1, can be extended with these receipt profiles  

  • Contract Notice Receipt 
  • Vital Notice Receipt  
  • Notice of (legal) Obligation Receipt  
  • Legitimate Interest Notice Receipt  
  • Public Interest Notice Receipt  

Notification  

notifications 

Rights Consent Notice Receipt 

Privacy and Surveillance based rights are applied to context according to the legal justification, which is confusing even for the experts.  

  • Withdraw Consent 

Consent Notice Receipts (Lifecycle)  

The spectrum of consent has multiple vectors  

  1. Is the relationship vector: 
  1. Starting at the first notice for consent, then lasting for the lifecycle of Consent and permission 
  1. This first Notice for Consent receipt is the Anchor receipt and is maintained with linked notices 
  1. Consent Notice Receipts 
  1. Anchor receipt  

Type of Consent Receipt 

Description 

Lifecycle Use  

 

Explicit Consent  

Anchor Receipt (starts a receipt)  

 

 

Implied Consent  

Action of the PII Principal 

 

 

expressed 

Notification by the PII Principal  

 

 

Directed  

(Health Care )  

 

 

Altruistic  

No Notice Required -  

 

 

 

  • No labels