Summary
- The controller credential is an extension of the Kantara Initiative, ANCR Notice Record specification, and apart of the notice record and receipt information structure used in the 0PN- AuthC Protocol.
- to get acces to the current draft - please join a work group call and request it.
"The missing link between Human Trust and Digital Trust" Implementing (SSI)
Process in progress:
| Notice & Consent Task ForceProject owner: Editors Surveillance Controller EditorSalvatore DAgostino OCA Schema Editor: | StatusACTIVE |
Notice Controller Credential add's additional fields to an existing consent record formant for notice and consent |
Introduction
In privacy regulations globally transparency is a key requirement. transparency is most often represented by the requirements for notice and specifying a legal justification and purpose for processing.
In this regard standards for the transparency and notice are required for transparency to scale. As a result there is a critical security issue in which people are not able to see who is in control of their personal data, what the legal justification and authority is used to processing personal - which makes it almost impassive to consent to transfer or exchange personal data across boarders.
This required contextual integrity.
Problem Statement
Solution
Specification Overview
Record and Receipt Info Structure
ANCR Record - (receipt prefix)
Additional Field for ANCR
- PII Controller Identifier [DiD]
- Credential ID
- Fiels specified here are added to the ANCR Notice Record,
- Accountable Person and role
- Controller Notice Record Identifier
- Controller Receipt Identifier
- : DiD: Verified Credential
- Controller Type[Ctype]:
- Notice Controller,
- PII notice controller,
- PII controller,
- PII surveillance controller , (info not provided by PII Principle)
- [Ctype] controller operator,
- Accountable Person Type
Security Considerations
2 Use Cases
- Security,
- evidence
- fraud, traceabilty
- permission and access control transparency.
- Security of Security
- schema struture and use of object identifiers
- NIST - Privacy and Security Control framework
- NIST Language -
- evidence
- Auditing a ToiP implementation
Glossary
Controller Credential & Consent Notice Semantics
ISO 29100 Privacy Stakeholders
Privacy Stakeholders | ISO Definition | |
---|---|---|
Regulator / | ||
PII Principal | ||
PII Controller | ||
PII Processor | ||
3rd Party |
Privacy Controller Credential Roles | |||
---|---|---|---|
Data Governance Authority Operator Role | Certification Providers on Regulator Approved Codes of Conduct - very limited PII - data controller personal information and a linked reference to a data subjects identifier - | ||
Data Governance Registrar | ` |
Use Case 1:
Use Case 2: Applying international governance
- Assessing a ToiP / SSI / Verified Credential Implementations
Legal Semantic Element | semantic description | functional usage | fields Required | |
---|---|---|---|---|
controller | ||||
controller_identity | ||||
controller address registered | ||||
controller address (mailing) | ||||
controller contact | extend consent termination for a control point |
Delegated Authority Examples :
Delegated | |||
---|---|---|---|
Regulator | Ombudsman | ||
PII Principal | Guardian/Parent/School | ||
PII Controller | Joint-Controller | ||
PII Processor | Sub-Processor | ||
3rd Party | turtles |
References for use for creating a Unified (generic) Data Control Vocabulary for OCA
Standard/Specifications | Title | Description | Resource Status |
---|---|---|---|
ISO 29100 | Information technology — Security techniques — Privacy framework | ISO/IEC 29100:2011 provides a privacy framework which
| Status - Is publicly available - https://www.freestandardsdownload.com/iso-iec-29100-2011.html |
ISO/IEC 29184:2020 | Online privacy notice and consent | (just published - not available to public - we are working on publishing a report/appendix for use with this group ) | |
W3C DPV 0.01 | Data Privacy Vocabulary |
|
|
Reference: OPN-Notice Schema
OPN: Open Notice (+ Consent) Receipt Schema: Starters Guide to Unified Data Control Schema
Lizar, M. & Pandit, H.J., OPN: Open Notice Receipt Schema, 14th International Conference on Semantic Systems (SEMANTiCS 2019), Karlsruhe, Germany, 2019 [Published http://www.tara.tcd.ie/handle/2262/91576 [accessed July 1, 2020]
Field Name | Field Label | Format | Description | Required/Optional |
Schema Version | version | string | Required | |
Notice Profile URI | profile | string | Link to the controller's profile in the OPN registry. | Required |
Type of Notice Receipt | Notice Receipt | string | Label Notice Receipt | Required |
Receipt ID | id | string | A unique number for each Notice Receipt. SHOULD use UUID-4 [RFC 4122]. | Required |
Timestamp | timestamp | integer | Date and time of when the notice was generated and provided. The JSON value MUST be expressed as the number of seconds since 1970-01-01 00:00:00 GMT (Unix epoch). | Required |
Signing Key | key | string | The Controller’s profile public key. Used to sign notice icons, receipts and policies for higher assurance. | Optional |
Language | language | string | Language in which the consent was obtained. MUST use ISO 639-1:2002 [ISO 639] if this field is used. Default is 'EN'. | Optional |
Controller Identity | controllerID | string | The identity (legal name) of the controller. | Required |
Legal Jurisdiction | jurisdiction | string | The jurisdiction(s) applicable to this notice | Required |
Controller Contact | controllerContact | string | Contact name of the Controller. Contact could be a telephone number or an email address or a twitter handle. | Required |
Link to Notice | notice | string | Link to the notice the receipt is for | Optional |
Link to Policy | policy | string | Link to the policies relevant to this notice e.g. privacy policy active at the time notice was provided | Required |
Context | context | string | Method of notice presentation, sign, website pop-up etc | Optional |
Receipt Type | The human understandable label for a record or receipt for data processing. This is used to extend the schema with profile for the type of legal processing - and is Used to identify data privacy rights and controls |
OCA schema specification: https://docs.google.com/spreadsheets/d/1KOdq8Yy3OXmuELyh7tpHMlhyMZPSZ3Ib/edit#gid=68769926