(1) WG NAME (and any acronym or abbreviation of the name):
ANCR WG (Anchored Notice & Consent Receipt).
(2) PURPOSE:
Develop and contribute to standardised digital notice transparency in the 'digital commons', mandating the use of consensys protocol for specifying internationally interoperable data governance.
ANCR objective is to complete the Notice and Consent Receipt work. started in the Consent and information Sharing WG, that is specified for (public access) ISO/IEC 29100 Security and privacy technique and ISO/IEC 29184 Online Notice and Consent Standard, where the Consent Notice Receipt Is published (Appendix B and Consent Standard).
This WG is charted, to update this specification to the Council of Europe 108+ international legal framework (for the Common Wealth Countries), specifying the Consent Receipt v2. Consent Token Architecture and associated Transparency conformance and compliance schemes.
Chartered to utilising the updates to the Consent Receipt v1.1 (now ISO/IEC 27560 Consent Record Information Structure)
To specify a human Trust Anchored, governance framework and architecture, for interoperable, inclusive record and receipt based governance, referring specifically to Conv 108+ Art 14- Transparency Modalities, Art 30 RoPA, and Art 88 - Logging.
To specify royalty free, open access and open source digital transparency, transparency performance, and transparency signalling for distributed notice and decentralised consent. Specified strictly to legal requirements and the listed standards, agnostic to digital identity protocols so as to be interoperable with identifier 'trust/security' frameworks.
To ensure that the Record of Processing Activity (RoPA) are Transparency and trustworthy with a Notice Receipt as a mirrored record (digitally twinned) record architecture. The RoPA-T provides a notice receipt, that is used as a legal proof of Notice and knowledge that is inclusive. As a digital record owned and controlled by the individual) that an individual can trust and self verify, validate and assure and issue as a digital claim.
To contribute this work to; Kantara Initiative Conformance and Assurance initiatives, ISO/IEC, NIST, IEEE, DIACC, W3C DPV, OIX, OpenID, community and standards group liaisons.
(3) SPECIFICATION COPE:
- Specify and Publish: ANCR Record Transparency Performance Scheme for Transparency Performance indicators, which can identify the digital transparency gaps, so they can be addressed.
- Specify and Contribute: ANCR Record Framework
- Specify and Contribute: AuthC Transparency Protocol for signalling authorisation with consent
- Innovate in accordance with Kantara Operating Procedures and promote a consent notice receipt (a receipt that is a notice of consent) as an international tool for human, legal and decentralized identity governance and interoperability.
(4) DRAFT TECHNICAL SPECIFICATIONS: List Working Titles of draft Technical Specifications to be produced (if any), projected completion dates, and the Standards Setting Organization(s) to which they will be submitted upon approval by the Membership.
Specifications in scope | Details | Dates | Contributed Towards |
Anchor Receipt (Conformance of Notice) |
| January 2022 - start of group, expected 6-month effort. |
|
(5) DRAFT RECOMMENDATIONS: Other Draft Recommendations and projected completion dates for submission for All Member Ballot.
Name | Description | Link | Spec input summary | date reviewed |
Transparency Performance Conformity and Compliance Assessment Scheme 1, Part 1 and Part 2 | specifies 4 Transparency performance indicators, to produce a digital transparency record. |
(6) LEADERSHIP: Proposed WG Chair and Editor(s)
- Chairs & Secretary (initial)
- Chair - Sal D'Agostino
- Editor - Mark Lizar
- Secretary - Gigi Agassani
(7) AUDIENCE: Anticipated audience or users of the work includes
Regulators looking for technical controls to implement legal requirements that scale.
Trust Framework Providers,
Software developers, and product managers as a means of achieving interoperability across a wide range identity, security, and privacy of use cases. Developers of decentralized governance and next generation internet services.
Human beings, as the notice and consent receipts provide an alternative/complement to terms of services and privacy policies, and provides something that can be understood by people. This is in contrast to the current abuser experience, namely that privacy policies and terms of service address privacy concerns and provide safeguards of personal information.
Digital Privacy Operators, who are liable for identity, privacy, security, and consent systems in the real world.
(8) DURATION: Objective criteria for determining when the work of the WG has been completed (or a statement that the WG is intended to be a standing WG to address work that is expected to be ongoing).
The first phase is the completion of the whitepaper and in parallel the specification. As in the table above this is expected to take 6 months, but there is no proposed time limit on the group.
(9) IPR POLICY: The Organization approved Intellectual Property Rights Policy under which the WG will operate.
Kantara Initiative IPR Policy - Patent and Copyright, Reciprocal Royalty Free, opt out to RAND,
https://kantarainitiative.org/confluence/pages/viewpage.action?pageId=41025689
(10) RELATED WORK AND LIAISONS: Related work being done in other WGs or other organizations and any proposed liaison with those other WGs or organizations.
Notice and Consent Task force at ToiP, DIACC, Kantara ISO BOT Liaison, aNG liaison, and W3C DPV among others. Numerous other previous activities and liaisons developed in the Kantara CIS WG. (now archived).
(11) CONTRIBUTIONS (optional): A list of contributions that the proposers anticipate will be made to the WG.
(12) PROPOSERS: Names, email addresses, and any constituent affiliations of at least the minimum set of proposers required to support forming the WG. At least 3 proposers must be listed. At least 2 of the proposers must be Kantara Initiative Members - current members list
Proposers Name | Organization (or Individual) | Voting Member | Affiliations | |
Paul Knowles | paul.knowles [at] humancolossus.org | Human Colossus | x | ToiP-Inputs and Semantics WG |
Sal D’Agostino | 1dmach1n35 [at] gmail.com | Individual | x | Security Industry Association, ToIP, Kantara |
Mark Lizar | Mark [at] openconsent.com | OpenConsent | x | Trust Over IP Notice and Consent Task Force |