...
Digital trustworthiness - is about providing people with control of identity relationship records. This specification proposes the use of standardized notice and data control semantics so that people can trust and "see" who (if not oneself), is in control and accountable for personal information. This specification extends the Kantara ANCR Record to product a Notice of Controller Receipt for automating the administration of Online Rights for digital identity systems.
- using privacy rights independent process of service
- people provide consent to a purpose -
- additional notices are not required for consent
- permissions -
- Notes - how to add DPV - as a predefined language ?
the missing link for people. To achieve human trust, the control of privacy needs to be human/individual centric, not business, legal and technical centric. It is for this reason that the global point of interoperability for privacy and human data control is on the requirement for a privacy, surveillance, safety, and security notice.
In all of the jurisdictions, in all the laws, providing a notice to people is required, as this is how people gain contextual knowledge and can participate in consensus. Every privacy law requires that the identity of the privacy controller and the contact point for rights administration be provided. A privacy controller credential is the combination of the legal entity + the accountable / contact person into a verifiable credential so that it can be used to provide privacy assurances and access to privacy rights.
Legally, this information is required to be as open as possible and is codified in law in many different ways. Standardizing the credential using ISO 29100( open and free ) so that privacy controller credential can be used by people internationally to assert privacy controls and negotiate individual digital rights with service providers and communities.
This specification focuses on a best practice schema for identifying the privacy controller.
Process in progress:
Process in progress:
| StatusACTIVE | |
Notice & Consent for people relies on clear communication.Decentralized identity relies on contextual legal semantics and notices by implementors in order to be compliant with sovereign data rights . These semantics need to be standardized to be used by decentralized identifier based technologies for human interoperable data governance. The more unified across ecosystems the notice and risk semantics, the more human centric the service becomes as it lowers the burden on humans and increases the understanding of risks, benefits and (human) consentor operational in context. | Specification proposal: to extend Decentralized Semantic Governance for a dynamic data control ( DDC) architecture for active control transparency that people can usetransparency and controls that are human centric.
|
Privacy Controller Credential For Data Governance Accountability
...