Summary
- The controller credential is an extension of the Kantara Initiative, ANCR Notice Record specification, and apart of the notice record and receipt information structure used in the 0PN- AuthC Protocol.
- to get acces to the current draft - please join a work group call and request it.
"The missing link between Human Trust and Digital Trust" Implementing (SSI)
Process in progress:
| Notice & Consent Task ForceProject owner: Editors Surveillance Controller EditorSalvatore DAgostino OCA Schema Editor: | StatusACTIVE |
Notice Controller Credential add's additional fields to an existing consent record formant for notice and consent |
Introduction
In privacy regulations globally transparency is a key requirement. transparency is most often represented by the requirements for notice and specifying a legal justification and purpose for processing.
In this regard standards for the transparency and notice are required for transparency to scale. As a result there is a critical security issue in which people are not able to see who is in control of their personal data, what the legal justification and authority is used to processing personal - which makes it almost impassive to consent to transfer or exchange personal data across boarders.
This required contextual integrity.
- Liability and Traceabilty (input)
- Impact on risk (output)
Problem Statement
Solution
Specification Overview
Record and Receipt Info Structure
ANCR Record - (receipt prefix)
Additional Field for ANCR
- PII Controller Identifier [DiD]
- Credential ID
- Fiels specified here are added to the ANCR Notice Record,
- Accountable Person and role
- Controller Notice Record Identifier
- Controller Receipt Identifier
- : DiD: Verified Credential
- Controller Type[Ctype]:
- Notice Controller,
- PII notice controller,
- PII controller,
- PII surveillance controller , (info not provided by PII Principle)
- [Ctype] controller operator,
- Accountable Person Type
Security Considerations
2 Use Cases
- Security,
- evidence
- fraud, traceabilty
- permission and access control transparency.
- Security of Security
- schema struture and use of object identifiers
- NIST - Privacy and Security Control framework
- NIST Language -
- evidence
- Auditing a ToiP implementation
Glossary
Controller Credential & Consent Notice Semantics
ISO 29100 Privacy Stakeholders
Privacy Stakeholders | ISO Definition | |
---|---|---|
Regulator / | ||
PII Principal | ||
PII Controller | ||
PII Processor | ||
3rd Party |
Privacy Controller Credential Roles | |||
---|---|---|---|
Data Governance Authority Operator Role | Certification Providers on Regulator Approved Codes of Conduct - very limited PII - data controller personal information and a linked reference to a data subjects identifier - | ||
Data Governance Registrar | ` |
Use Case 1:
Use Case 2: Applying international governance
- Assessing a ToiP / SSI / Verified Credential Implementations
Legal Semantic Element | semantic description | functional usage | fields Required | |
---|---|---|---|---|
controller | ||||
controller_identity | ||||
controller address registered | ||||
controller address (mailing) | ||||
controller contact | extend consent termination for a control point |
Delegated Authority Examples :
Delegated | |||
---|---|---|---|
Regulator | Ombudsman | ||
PII Principal | Guardian/Parent/School | ||
PII Controller | Joint-Controller | ||
PII Processor | Sub-Processor | ||
3rd Party | turtles |
References for use for creating a Unified (generic) Data Control Vocabulary for OCA
Standard/Specifications | Title | Description | Resource Status |
---|---|---|---|
ISO 29100 | Information technology — Security techniques — Privacy framework | ISO/IEC 29100:2011 provides a privacy framework which
| Status - Is publicly available - https://www.freestandardsdownload.com/iso-iec-29100-2011.html |
ISO/IEC 29184:2020 | Online privacy notice and consent | (just published - not available to public - we are working on publishing a report/appendix for use with this group ) | |
W3C DPV 0.01 | Data Privacy Vocabulary |
|
|
Reference: OPN-Notice Schema
OPN: Open Notice (+ Consent) Receipt Schema: Starters Guide to Unified Data Control Schema
Lizar, M. & Pandit, H.J., OPN: Open Notice Receipt Schema, 14th International Conference on Semantic Systems (SEMANTiCS 2019), Karlsruhe, Germany, 2019 [Published http://www.tara.tcd.ie/handle/2262/91576 [accessed July 1, 2020]
Field Name | Field Label | Format | Description | Required/Optional |
Schema Version | version | string | Required | |
Notice Profile URI | profile | string | Link to the controller's profile in the OPN registry. | Required |
Type of Notice Receipt | Notice Receipt | string | Label Notice Receipt | Required |
Receipt ID | id | string | A unique number for each Notice Receipt. SHOULD use UUID-4 [RFC 4122]. | Required |
Timestamp | timestamp | integer | Date and time of when the notice was generated and provided. The JSON value MUST be expressed as the number of seconds since 1970-01-01 00:00:00 GMT (Unix epoch). | Required |
Signing Key | key | string | The Controller’s profile public key. Used to sign notice icons, receipts and policies for higher assurance. | Optional |
Language | language | string | Language in which the consent was obtained. MUST use ISO 639-1:2002 [ISO 639] if this field is used. Default is 'EN'. | Optional |
Controller Identity | controllerID | string | The identity (legal name) of the controller. | Required |
Legal Jurisdiction | jurisdiction | string | The jurisdiction(s) applicable to this notice | Required |
Controller Contact | controllerContact | string | Contact name of the Controller. Contact could be a telephone number or an email address or a twitter handle. | Required |
Link to Notice | notice | string | Link to the notice the receipt is for | Optional |
Link to Policy | policy | string | Link to the policies relevant to this notice e.g. privacy policy active at the time notice was provided | Required |
Context | context | string | Method of notice presentation, sign, website pop-up etc | Optional |
Receipt Type | The human understandable label for a record or receipt for data processing. This is used to extend the schema with profile for the type of legal processing - and is Used to identify data privacy rights and controls |
OCA schema specification: https://docs.google.com/spreadsheets/d/1KOdq8Yy3OXmuELyh7tpHMlhyMZPSZ3Ib/edit#gid=68769926