Canadian Opportunity: Notice & Consent Receipts - with Canadian e-Notary Laws - an Open Space Challenge Session -28-10-20

Challenge: How to Update Ontario privacy legislation to Solve Global Privacy / Identity governance Challenges ? 

The Solution - Notary laws to  eNotary laws

Canadian Privacy is consent by design, built with privacy by design.

Can eNotary laws? ;  allow for a means of self-authentication (signer ID), the use of technical audio-visual requirements, standardised international record-keeping [including the audio-visual sessions]. make the Ontario/Canada notary’s electronic signature and seal compatible with US model of cyber Notary (good for 29 states) and solve the biggest international identity governance issues ? 

(sneaky answer: It could with legally authenticated verified credentials in the PCTF)

*** 

Should  Canadian / Ontario update to Cyber Notary laws ? Are cyber notaries required for Meaningful eConsent? 

Can Ontario leverage national. + provincial privacy legislative capabilities and be a leader in the decentralised data economy ? 

A key and very current issue 

 eConsent  is required for  digital identity to be legal in Canada, right now digitl identity is not compliant with Canadian privacy law.   Canada and the PCTF have the legal and identity governance infrastructure to make a difference.  What does this really take ? 

eConsent - Defined by Canadian - Meaningful Consent Law  - is what is needed to address terms of services -  that are surveillance by design - with Notice & Consent Receipts.  And finally - Canada has the standards. 

Most (identity based) services  do not respect Canadian privacy, and do not provide  the privacy controls Canadians (parents) expect.  The PCTF and the Canadian Call to action for the next generation digital privacy Charter is an immense opportunity to solve global privacy and cyber security  challenges, addressing the weak transparency over providence, and the un-regulated digital identifier management technology that enables foreign data aggergating services to violate Canadian culture and law.   

The Big Questions - How can WE support legislative change that makes a difference ? 

• This session proposes a new topic at the apex of digital identity governance, to address the  intra/extra territorial data governance and Challenge Canada to promote  the potential of  Canadian world class privacy PIPEDA laws  backed up by the provinces and the PCTF.      

For Additional Context: 

Right now, secondary use of Canadian (children's) meta/data is un-regulated, exploited, sold and then aggregated for wholesale commercial use by projects like side-walk labs or to generate cyber attacks on e-identity systems.   Non-Compliant Identity management technologies, like google cookies, operate without meaningful consent, under surveillance by design terms of service and are not legally compliant in Canada.   

Emphasised by  the failure of the Privacy Shield, the 50 million Euro’s Google Fine for illegal notice and consent, and the Supreme Court Judgment to uphold the expectation of privacy in public. (All in within - the last year)

The Session: Taking the next generation regulatory path 

 Session Proposes an e-Notary upgrade and the implementation of legal Notice + Consent Receipts for making Canada a data trust.    Taking heed of the Canadian privacy requirements for Digital identity (refer to PCTF) enabling people to self-assert digital credentials by implementing ISO standards for Canada with  a cyber notary legislation enabling   people to safely self assert competency.  (And businesses compliance) 

Challenges:

What are the good versus bad digital identity Challenges ? 

How can we collectively  meet the Canadian Privacy Challenge for Meaningful Consent, address cyber security concerns with digital identity on-boarding, and be compatible with the USA law? 

Solutions 

Implement ISO standards.  In particular -  ISO 29184 Online Privacy Notice and Consent Standard (published June 06 - for GDPR + COE 108+ compatibility) and make the Ontario/Canada notary’s electronic signature and seal compatible with US model of cyber Notary (good for 29 states)  ? 

How would this work ?   

With the  invented in Ontario (Made in the Kantara Initiative)  Notice and Consent Receipts - (just voted by ISO SC this year to become ISO/IEC 27560 as a companion to  ISO 29184 and Privacy by Design (ISO 27550) - usable to create  a legal data governance - for  privacy / security with the  PCTF digital identity framework.   Addressign --

Background 

This effort - began with a call to action for W3C Do Not Track and Beyond conference in 2012 to address the (non-privacy compliant terms and conditions online) with Open Notice. 

This issue represents the Canadian response to that chlleng. 

Since 2019 began Canada has risen to the challenge, implemented the highest International legal standard for Meaningful Consent, started the process for a digital update to the Charter.   And, To support this, the new ISO 29184 Online notice and Consent Standard (published June 06) -provides an International standard that can implement  Canadian privacy expectations with receipts that  override terms and policies that are not compliant in Canada. 

But, to address this challenge, we need Ontario’s world class  Notary laws to evolve  to world class eNotary laws. - for the use of Notice & Consent Receipts - (invented in Ontario and adopted by ISO ) which enable people to use standardised access to privacy rights,  regardless of the service, its jurisdiction or its technology.  +1 

In this regard,  without the use of notice and consent semantic standards and controls found in ISO 29184 - consent is meaningless online, and identity management illegal in Canada.  People need  to see/understand what privacy to expect from these services before data processing.  These services do not respect privacy expectations, enable secondary use, or provide universal Canadian privacy controls for the top Canadian Identity Innovators and the PCTF.