You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Next »

Summary 

  • The controller credential is an extension of the Kantara Initiative, ANCR Notice Record specification, and apart of the notice record and receipt information structure used in the 0PN- AuthC Protocol.
  • to get acces to the current draft - please join a work group call and request it. 

"The missing link between Human Trust and Digital Trust" Implementing   (SSI)

Process in progress:

  1. Updated March 24
  2. Notice Controller Credential Specification
  3. Papers (in progress)
    1. Decentralized Data Governance 
    2. identity interoperability

Notice & Consent Task Force 

Project owner:

Mark Lizar 

Editors

Surveillance Controller EditorSalvatore DAgostino

OCA Schema Editor: 


Status

ACTIVE 




Notice Controller Credential add's additional fields to an existing consent record formant for notice and consent 


Introduction

In privacy regulations globally transparency is a key requirement.   transparency is most often represented by the requirements for notice and specifying a legal justification and purpose for processing.

In this regard standards for the transparency and notice are required for transparency to scale. As a result there is a critical security issue in which people are not able to see who is in control of their personal data, what the legal justification and authority is used to processing personal - which makes it almost impassive to consent to transfer or exchange personal data across boarders.

This required contextual integrity. 


Problem Statement


Solution 


Specification Overview 

  • Record and Receipt Info Structure

    • ANCR Record - (receipt prefix)

Additional Field for ANCR

  1. PII Controller Identifier [DiD] 
    1. Credential ID 
    1. Fiels specified here are added to the ANCR Notice Record, 
    1. Accountable Person and role 
    1. Controller Notice Record Identifier 
    1. Controller Receipt Identifier 
    1. : DiD: Verified Credential  
  1. Controller Type[Ctype]:  
  2. Notice Controller,  
  3. PII notice controller,  
  4. PII controller,    
  5. PII surveillance controller , (info not provided by PII Principle) 
  6. [Ctype] controller operator, 
  7. Accountable Person Type

Security Considerations

2 Use Cases

  1. Security, 
    1. evidence 
      1. fraud, traceabilty
      2. permission and access control transparency. 
    2. Security of Security 
      1. schema struture and use of object identifiers 
      2. NIST - Privacy and Security Control framework 
        1. NIST Language - 
  2. Auditing a ToiP implementation



Glossary

Controller Credential & Consent Notice Semantics

ISO 29100 Privacy Stakeholders


Privacy Stakeholders

ISO Definition


Regulator / 

PII Principal

PII Controller

PII Processor

3rd Party



Privacy Controller Credential Roles 


Data Governance Authority Operator Role  Certification Providers on Regulator Approved Codes of Conduct  - very limited PII - data controller personal information and a linked reference to a data subjects identifier -

Data Governance Registrar`

Use Case 1: 


Use Case 2: Applying international governance

  • Assessing a ToiP / SSI / Verified Credential Implementations 


Legal Semantic Element 

semantic description

functional usage

fields Required


controller 


    
controller_identity








controller address registered



controller address (mailing)








controller contactextend consent termination for a control point



Delegated Authority Examples :




Delegated 

Regulator

Ombudsman
PII Principal

Guardian/Parent/School
PII Controller

Joint-Controller
PII Processor

Sub-Processor
3rd Party

turtles 

References for use for creating a Unified (generic) Data Control Vocabulary for OCA

Standard/Specifications

Title

Description 

Resource Status

ISO 29100

Information technology — Security techniques — Privacy framework

ISO/IEC 29100:2011 provides a privacy framework which

  • specifies a common privacy terminology;
  • defines the actors and their roles in processing personally identifiable information (PII);
  • describes privacy safeguarding considerations; and
  • provides references to known privacy principles for information technology.
Status - Is publicly available - https://www.freestandardsdownload.com/iso-iec-29100-2011.html
ISO/IEC 29184:2020Online privacy notice and consent
(just published - not available to public - we are working on publishing a report/appendix for use with this group )
W3C DPV  0.01Data Privacy Vocabulary
  • legal ontology for technically breaking down and mapping legal ontology to a data legal ontology - 
  • the Notice +  CR V1.2 and W3C DPV, also use a common set of purpose categories. and the Kantara CR v1.1 for purpose specification
  • (note shared by initial FIHR approach - now much more evolved) 

Reference: OPN-Notice Schema

OPN: Open Notice  (+ Consent) Receipt Schema: Starters Guide to Unified Data Control Schema

Lizar, M. & Pandit, H.J., OPN: Open Notice Receipt Schema, 14th International Conference on Semantic Systems (SEMANTiCS 2019), Karlsruhe, Germany, 2019 [Published http://www.tara.tcd.ie/handle/2262/91576 [accessed July 1, 2020]


Field Name

Field Label

Format

Description 

Required/Optional

Schema Version

version

string

The version of specification used to which the receipt conforms. To refer to this version of the specification, the string "v1" or the IRI "https://w3id.org/OPN/v1" should be used.

Required

Notice Profile URI

profile

string

Link to the controller's profile in the OPN registry. 

Required

Type of Notice Receipt

Notice Receipt

string 

Label Notice Receipt 

Required

Receipt ID

id

string

A unique number for each Notice Receipt. SHOULD use UUID-4 [RFC 4122].

Required

Timestamp

timestamp

integer

Date and time of when the notice was generated and provided. The JSON value MUST be expressed as the number of seconds since 1970-01-01 00:00:00 GMT (Unix epoch).

Required

Signing Key

key

string

The Controller’s profile public key. Used to sign notice icons, receipts and policies for higher assurance.

Optional

Language

language

string

Language in which the consent was obtained. MUST use ISO 639-1:2002 [ISO 639] if this field is used. Default is 'EN'.

Optional

Controller Identity

controllerID

string

The identity (legal name) of the controller.

Required

Legal Jurisdiction

jurisdiction

string

The jurisdiction(s) applicable to this notice

Required

Controller Contact

controllerContact

string

Contact name of the Controller. Contact could be a telephone number or an email address or a twitter handle.

Required

Link to Notice

notice

string

Link to the notice the receipt is for 

Optional

Link to Policy

policy

string

Link to the policies relevant to this notice e.g. privacy policy active at the time notice was provided

Required

Context

context

string

Method of notice  presentation, sign, website pop-up etc

Optional

Receipt Type

The human understandable label for a record or receipt for data processing.  This is used to extend the schema with  profile for the type of legal processing - and is Used to identify data privacy rights and controls 

OCA schema specification: https://docs.google.com/spreadsheets/d/1KOdq8Yy3OXmuELyh7tpHMlhyMZPSZ3Ib/edit#gid=68769926

  • No labels