Versions Compared

Old Version 25

changes.mady.by.user Mark Lizar

Saved on

compared with

New Version 26

changes.mady.by.user Mark Lizar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In this regard standards for the transparency and notice are required for transparency to scale. As a result there is a critical security issue in which people are not able to see who is in control of their personal data, what the legal justification and authority is used to processing personal - which makes it almost impassive impossible to consent to transfer or exchange personal data across boarders.

This required contextual integrity. 

  • Liability and Traceabilty  (input)
  • Impact on risk (output)

Problem Statement

...

specification specifies the creation of a notice controller credential, which is used to generate micro-credential, signing a receipt to authorise  a specific purpose of use to implement international records of processing. 

Default - consent (representing shared understanding - as starting point)  - is provided in relationships record. 

  • the default presented to the controller - using the controller credential 
  • a notice request is the provided aka - a request to track - to  update the understanding 

Security , Transparency & Governance Gap

At this time people can't verify the services that  are processing their personal information, or control the source of information that is processed. 

There are 3 vectors of governance that this specification is designed to cater for which affect the privacy and security risks

3 Vectors of Governance 

  1. Personal Data Control (Gov) - (lower risk) uses micro-credentials 
    1. the individual controls the source of data and verification 
    2. attribute by attribute control 
    3. Logging the access to the attribute for processing 
  2. Co-Regulation : multi-party governed - 
    1. Data trusts, where the individual + regulator and service co-regulate
    2. Logging the access to the processing 
  3. Data Protection : Self-Regulated -
    1. the service provider regulates the processing of personal data
    2. Signed, verified and open code, with shared logging

3 Tiers of  Controller Assurance

  1. Public verifiable 
  2. Digitally verifiable & Legal (service delegation)
  3. Operator Controller - Certified and legal 


Specification Overview 

This specification contributes and builds upon the record and receipt information structureKantara ANCR Record specification (and Consent Reciept)(ref) to build a notice controller credential for recording the controller and contract information in a notice

The ANCR Record

...

  • ANCR Record - (receipt prefix)

provides Consent Types to anchor the records relationship, and individuals understanding of the relationship. 

The Record and Receipt specification uses ISO/IEC 29100 Security and Privacy techniques ref (free ISO specification) terms and definitions to identify the legal stakeholders(ref) and their roles in the processing and control of personal information.    Using international standards for creation of  record and receipts publicly. 

ISO/IEC 29184 - Online Privacy Notice and Consent Controls  - 

The field data for the records and receipts are specified from numerous sources, in particular the W3C Data Privacy Vocabulary, for 

Fields Added to ANCR Record

...

  1. PII Controller Identifier [DiD] 
    1. Credential ID 
    1. Fiels specified here are added to the ANCR Notice Record, 
    1. Accountable Person and role 
    1. Controller Notice Record Identifier 
    1. Controller Receipt Identifier 
    1. : DiD: Verified Credential  
  1. Controller Type[Ctype]:  
  2. Notice Controller,  
  3. PII notice controller,  
  4. PII controller,    
  5. PII surveillance controller , (info not provided by PII Principle) 
  6. [Ctype] controller operator, 
  7. Accountable Person Type

Security

...

To address the security gap, the controller credential is presented in a privacy or security notice, prior to surveillance.

The individual can use this controller credential to provide consent for a specific purpose, as well as specifying the source of data, by providing a consent receipt, signed to be a micro-credential. 

Micro-Credential Use Cases


 Examples

Use Case : Controller Credential: use of Verifiable Credential and Decentralized iDentifier to make Micro-Credentials

...

  1. Security, 
    1. evidence 
      1. fraud, traceabilty
      2. permission and access control transparency. 
    2. Security of Security 
      1. schema struture and use of object identifiers 
      2. NIST - Privacy and Security Control framework 
        1. NIST Language - 
  2. Auditing a ToiP implementation



Glossary

Controller

...

Credential 

Micro Credential

Privacy Stakeholders - ISO 29100

Privacy

ISO 29100 Privacy Stakeholders

Annex

Privacy Stakeholder Mapping to Functional ToiP Roles

Privacy Stakeholders

ISO Definition


Regulator / 

PII Principal

PII Controller

Joint PII Controller

PII Processor

3rd Party

Semantics




Annex: Privacy Stakeholder Mapping to Functional ToiP Roles

Continuing of the ANCR Record Assessment to identify the controller credential,

Map the ToiP functional role to the legal authority, justification and role of the stakeholder. 

Questions: 

Is the controller the holder, verifier, or issuer? 


ISO Term

TOIP Terms 




Controller Holder, verifier, issuer

    
Principal



Processor

Legal Semantic Element 

semantic description

functional usage

fields Required

controller     controller_identitycontroller address registeredcontroller address (mailing)


















controller contactextend consent termination for a control point


...