...
- Friction Reduction - simplifying compliance for digital ecosystems
- simple services that are purpose driven will have a better user experience
*****
References for use for creating a Unified (generic) Data Control Vocabulary for OCA
...
Standard/Specifications
...
Title
...
Description
...
Resource Status
...
Information technology — Security techniques — Privacy framework
...
ISO/IEC 29100:2011 provides a privacy framework which
- specifies a common privacy terminology;
- defines the actors and their roles in processing personally identifiable information (PII);
- describes privacy safeguarding considerations; and
- provides references to known privacy principles for information technology.
...
- legal ontology for technically breaking down and mapping legal ontology to a data legal ontology -
- the Notice + CR V1.2 and W3C DPV, also use a common set of purpose categories. and the Kantara CR v1.1 for purpose specification
- (note shared by initial FIHR approach - now much more evolved)
...
- active -
- additional information
- Background: EU Funded Project Special
- Creating a Vocabulary
Reference: OPN-Notice Schema
OPN: Open Notice (+ Consent) Receipt Schema: Starters Guide to Unified Data Control Schema
Lizar, M. & Pandit, H.J., OPN: Open Notice Receipt Schema, 14th International Conference on Semantic Systems (SEMANTiCS 2019), Karlsruhe, Germany, 2019 [Published http://www.tara.tcd.ie/handle/2262/91576 [accessed July 1, 2020]
...
Field Name
...
Field Label
...
Format
...
Description
...
Required/Optional
...
Schema Version
...
version
...
string
...
...
Required
...
OPN Privacy Profile URI
...
profile
...
string
...
Link to the controller's profile in the OPN registry.
...
Required
...
Type of Notice Receipt
...
Notice Receipt
...
string
...
Label Notice Receipt
...
Required
...
Receipt ID
...
id
...
string
...
A unique number for each Notice Receipt. SHOULD use UUID-4 [RFC 4122].
...
Required
...
Timestamp
...
timestamp
...
integer
...
Date and time of when the notice was generated and provided. The JSON value MUST be expressed as the number of seconds since 1970-01-01 00:00:00 GMT (Unix epoch).
...
Required
...
Signing Key
...
key
...
string
...
The Controller’s profile public key. Used to sign notice icons, receipts and policies for higher assurance.
...
Optional
...
Language
...
language
...
string
...
Language in which the consent was obtained. MUST use ISO 639-1:2002 [ISO 639] if this field is used. Default is 'EN'.
...
Optional
...
Controller Identity
...
controllerID
...
string
...
The identity (legal name) of the controller.
...
Required
...
Legal Jurisdiction
...
jurisdiction
...
string
...
The jurisdiction(s) applicable to this notice
...
Required
...
Controller Contact
...
controllerContact
...
string
...
Contact name of the Controller. Contact could be a telephone number or an email address or a twitter handle.
...
Required
...
Link to Notice
...
notice
...
string
...
Link to the notice the receipt is for
...
Optional
...
Link to Policy
...
policy
...
string
...
Link to the policies relevant to this notice e.g. privacy policy active at the time notice was provided
...
Required
...
Context
...
context
...
string
...
Method of notice presentation, sign, website pop-up etc
...
Optional
...
OCA schema specification: https://docs.google.com/spreadsheets/d/1KOdq8Yy3OXmuELyh7tpHMlhyMZPSZ3Ib/edit#gid=68769926