Privacy Broadcasting Reference Implementation

Owned by Mark Lizar
Last updated: Nov 14, 2020
3 min read

Reference implementation for notice receipts that scales infrastructure to be open for consent from people, (without the surveillance capitalism and the terms and conditions may apply social dilemma that poses grave cyber security threats).

Background

the effort to build this standard was started at the Do Not Track and beyond conference at Berkley in 2012, it led to realise a standard was needed for legally requiring open consent infrastructure in proprietary identity management systems.

This was presented as Open Notice Project and a result of the Identity Commons/IIW work of Identity Trust WG and the Kantara Information Sharing WG and the Privacy & Public Policy (P3)WG efforts which were involved in NSTIC and NIST.

The core research methodology for intervention in public surveillance policy was conduct as a Master Research Project for Social Research Studies in London where a 4 point compliance scale for measuring the legal compliance of CCTV Notice in UK was developed as a component to measure contextual legal integrity of video surveillance.

This framework for consent by design, has since evolved with industry and standards community efforts.

The toughest components to innovate happen at legal and technical hackathons, where a cross sector of experts could hack on a specific problem that have social importance. (see ref -cod) This inturn inspired the use of the work its specification and its implementation of Kantara Consent Receipt generator, which was then extended by an Media Law project, and could not of happened without the legal hacking Guidance of Dazza Greenwood and the summer hackathons between 2012 and 2014. (promoting the need for my data user community at OKF)

History of work now found at identity trust charter for governing identity with notice and consent. (ref)

Short Receipt History

  • The Open Notice Project was championed by Open Consent Group and contributed to the Kantara ISI WG where it became the CISWG, this resulted in the Consent Receipt v1.1 written for the ISO 29184 Online Notice and Consent standards draft.

  • ISO SC 27 voted to adopt v1.1 to draft its own standard ISO 27560 (April 2020).

  • This prompted the AdvCIS V1.2 global reciept update to the V1.1 (written before the GDPR) tonow encorpate the global notice semantic governance framework for the consent notice receipt record structure, provided here.

  • Providing a legal + technical system for data governance and control, digitising notice and consent (human) based/purpose driven systems for online contextual integrity

  • Since this project started the un-thinkable happened, the laws have changed, the work has become an ISO standard, and the consent receipt is now in the EU single market slated to become legal tool people can use to control their own data and own consent.

  • now with these this new environment, emerging in 2021, we have the opportunity to start a reference implementation for this, to demonstrate / test the standardised solution.

  • for the human -legal-social and technical interoperability layer

Introduction

Privacy broadcasting is the use of legally required, public open data, about privacy and security to be represented in a common standardised way publicly, using notice and consent legal semantics as mapped data legal ontologies. To enable the automatic discovery of services practices for digital twin notices for surveillance transparency, data rights and identity permissions frameworks.

Objective

Demonstrate a global human user interface solution for digital notice and consent transparency.

(project is in progress)