ANCR WG Blog 20210602

Created by Salvatore D'Agostino (Unlicensed)
Last updated: Jun 02, 2021


Our work continues on several tracks:

  1. To build out the Consent Receipt Framework 1.2, along the lines of OAuth where version 2 was a framework and not a specification. The consent receipt does not stand alone and we are working to provide a notice and consent framework consistent with privacy by design (ISO 27550 Privacy engineering for system life cycle processes) and the ISO 29100 Privacy Framework.

  2. Define the fields for the "anchor" receipt which is the notice receipt at the start of the (consent) flow.
  3. Work to incorporate this effort into ISO 27650 through Kantara liaison and individual member participation in the standard WG.
  4. Continued collaboration with W3C, Trust over IP, other participants in the NGI Trust who can leverage the work of the consent receipt in their individual projects and elsewhere.
  5. Outreach to browser providers to incorporate the consent receipt and "two factor consent" that is meaningul notice and then meaningful consent.
  6. We have ongoing workshops and presentation to support and promote the work, most recently an Identiverse presentation as part of Kantara's presentation, and "Role of Identity, Identification, and Receipts for Consent" at the Open Identity Summit 2021 on 2 June.