Consent & Information Sharing Work Group (CISWG)
This Work Group operates under the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND)
This working group has been evolving since 2009, starting with an initial phase which identified and documented use cases, scenarios, best practices and work product to illustrate the various sub-sets of user driven information, the benefits therein. In the secondphasewe specified policy and technology enablers needed to enable consent based information flow and produce the Consent Receipt aswguse case.
For review by industry, public sector, regulators, and community partners; like Project VRM, who have supported thelong termdevelopment of tools for individual autonomy over personal information and the Open Notice Initiative who gestated and contributed the consent receipt project. In this nextphasewe aim to start to develop further emerging cross domain frameworks and tools for our community to enable greater control over personal data flows. For example: When individuals are forced to sign organisation-centric privacypolicies / termsof use, limitations are naturally placed on personal information on both sides of the information-sharing-transaction. If people were enabled with open standards, these constraints would be able to be rebalanced as to enable people to have more and more autonomous personal data control capabilities.Catalysinga rich flow of consent based personal information - from a CRM perspective - actual demand data (as opposed toderived / predicteddemand) as pursued in CRM products and departments today.
This blog post on the Personal Data Eco-system is useful background and context for this working group.
Download the Consent Receipt Overview
- Andrew Hughes - Administrative Chair
User Submitted Terms: Monday's - 3:00pm UK (UTC+1); 8 AM PST; 10 ET
Consent Receipt: Thursdays - 3:30pm UK time, 7:30am PT, 10:30am ET
Please join my meeting from your computer, tablet or smartphone.
You can also dial in using your phone.
United States : +1 (571) 317-3129
Access Code: 983-443-893
More phone numbers
Canada : +1 (647) 497-9350
Sweden : +46 (o) 853 527 836
United Kingdom : +44 (o) 330 221 0086
Due to national holidays at the beginning of July, the WG decided to shift the Sprint dates by one week.
As usual, the github project for v1.1 is at:
The WG is trying out a new way to organize the work on Consent Receipt v1.1. We are using the concept of "Sprints" from the Agile world, along with github issues and comments.
The issues backlog is here: https://github.com/KantaraInitiative/CISWG/issues
The general schedule for the work is represented in the diagram (click for a larger view). Issues are selected from the overall backlog and scheduled for specific Sprints, using the "Milestone" feature of github.
The workshop on Real Consent was a great success. Even with such short notice, the room was full and we had a great set of speakers attend.
The Workshop started with an introduction from Michele Nati @digicatapult about the Personal Data & Trust Network. .
The Speaker Arrangements:
First up was Mark Lizar form the Open Consent Group. Discussing Real and Open Consent
Second was Richard Beaumont from Govenor technologies, Presenting on consent in the GDPR
Third was Liz Col from Citizens Advice - Presenting on Consumer Research
Last up was Dr. Andrew McStay from Bangor University - Presenting on Consent and the tracking of intimate emotions
Mark Lizar @Smartpian - gave a introduction about #RealConsent as an achievable goal, in which he covered Open Consent Standards (including the consent receipt and UMA), Trust Services & Consent Technology being key to the developing consent marketplace.
Richard Beaumont @Richard_TCC covered the GDPR consent elements and discussed a few of the many ways in which these may be interpreted once the legislation becomes active.
Liz Col @elcoll discussed the citizens perview of this space and noted that people love the internet but not one of them brought up the word consent.
To learn more about what was really discussed you can find the notes at http://tinyurl.com/RealConsent
As well, feel free to fill in the short survey, which can be found at http://tinyurl.com/RealConsentNotes).
We are now hunting for dates for the next workshop in March where we hope to start tackling the models of practice for consent and design. If you are interested in speaking please get in touch.
- MVCR V0.7 The Alpha I now posted on GitHub and attached here
- Comments can be made as issues in GitHub or on the comment form attached.*MVCR - Comment Sheet.doc
- Consent Receipt Server Straw man on display at http://api.consentreceipt.org,
- WG Example and dog food Implementation
- CIS-WG join form:https://kantarainitiative.org/signup/?selectedGroup=3)
Lots of CIS appreciation goes out to Domenico
MVCR Road Map 2015
(Functional Requirements Specifications)
(Technical Requirement Specifications)
This includes: MVCR Core Receipt Profile; Tables: Fields, Definitions, technical Logic, Appendix tables,
Implementation Review: WG Review and Issues List Generation, Issues Prioritization, Issues Resolution,
This includes: Documentation Development, Demonstrator review and revision list.
Kantara Community Review: -Collect and Address Comments, Final Review,
Public Review & Acceptance of V1
This is a note to let everyone know that you can find the next version of the consent receipt at this link. Minimum Viable Consent Receipt Specification - v 0.6
Values, Benefits and Claims of Minimum Viable Consent Receipt
- The MVCR number one purpose is dramatic usability of consent. For example, to be used by people to see (and if desired verify) compliance level and to engage in personal data control
- provide a foundation for the less educated and less advantaged technically to engage in the control and choice of how personal information is accessed.
- usabilty promoted as a key missing component of privacy and security is addressed by the MVCR
- The method and rationale behind the term 'minimum viable' is aimed to distill the most common regulatory requirements of a consent token, and to present it as an understandable receipt which demonstrates basics of trusted consent. This requiers the abiity to demonstrate with a consent token a basic level of self asserted compliance compliance across jurisdictions.
- A consent receipt designed well should show compliance and usability clearly, and provide the consent provider control and independent privacy with how this information is used.
- As a common token format - A Minimum Viable Consent Reciept is Schema that will enable the consent requester to demonstrate scalable levels of trust and the ability for people to assert privacy regulation independently of a service providers platform.
- The MVCR is specifically designed to provide the minimum amount of common compliance to legal requirements across jurisdictions.
- The presence of a consent receipt in and of itself demonstrates a capacity by the providing organisation for the legal management of consent. The act of providing a consent receipt demonstates the self asserted level of compliance and the ability for the individual to check the links provided enables the individual to see if the reciept deserves its self asserted value.
- Trust facilitated networks like those facilitated by TAS3, ID3, Respect Network and personal data control protocols (UMA) and so on would automate the trust process and can enable maximum personal data control and customisation.
- Consent Legal Framework - The MVCR Core Extension specifically refers legal context and terminology of existing legislation in the relevant jursidiction (s).
- The standardization of the consent requirements (in the Consent Legal Framework) enable an open source way to build tools that aggregate consent and policy information across jurisdiction
- Adding requirements from multiple jurisidictions is as easy as appending additional context and requiremetns to the existing token. This way additional context and requiremetns can be specified and third parties can then proxy and policy the use of personal data. This architecture provides the method to standardise the communication of consent management requests across jurisdictions (with the potential ability to address SafeHarbour Requirements).
- Irrespective of the medium used, as long as the minimum viable consent receipt contains the minimum viable information, it is usable to verify the self asserted claim of compliance and a channel to communicate with an organisation if their is an issue with consent.
- The MVCR Core extension will reflect regulator changes
- A consent receipt can be used to manage consent on aggregate. E.g. withdraw consent, or negotiate consent of multiple service providers
- With the ability to manage consent by extension of the spec the ability to negotiate terms for service delivery is also possible with a consent receipt.
- To negotiate TOU within context. Specifically, to negotiate terms of personal data use as well as control the use of Sensitive Personal and access/use by third parties, consent can be modified and specified by the con
- This becomes especially significant in the context of Trust Protocols like UMA and trust services like XpressRules (see list email)
- The quality of consent can be measured by how much the usability of consent has evolved in the context of the provisioning organisation.
- The consent token format can be used as a standard approach to scaling the usability of consent and associated policy across jurisdictions and the internet.
- Extensions will need to in include Trusted Services and the like (as defined in the v.06 of the MVCR spec) This requires audits of third party trust services so they can be represented in the context of the specification (e.g. verified to effect legal compliance in x way and for the stated purpose)
- For a consent receipt to become a consent transaction token, it needs to be linked to the log of all previous consent changes by the user. For instance an UMA log or an XDI chain.
- The issuance of a consent receipt itself illustrates an enhanced compliance that also advertises the ability to communicate with those that wish to manage consent themselves. The receipt provides the mechanism to engage. (there fore demonstrating discovery through organisations self asserting compliance)
- people are then able to use the receipt to independently communicate about policy with receipt provider
- The receipt itself needs to be flexible. It needs to be able to self assert the most basic and minimal use of personal data, to the most vouched for or prolific and open use of personal data, a data subject might have.
- The most minum viable consent receipt should not have any personal data associated but the which was the identifier provided. The individual should have the choice of masking this on his/her device of choice and as a preferences with the provider.
Coming out of the Convergathon in October, it seems that the data flows for the open notice registry will be an integral part of open notice. This data flow and description is my understanding of the first cut at this.
Privacy Notice Service
It is the case that most countries that have a data protection regime have some form of notice and consent regime. We propose a privacy notice service to provide participating entities with a common protocal and service to publish their privay notices. This enables the following:
- Regulators to validate that notice and consent guidelines are being met
- Users to proactively determine which entities to deal with before provide personal information
Adoption of a privacy notice service would also encourage competition and innovation in data protection.
Privacy Notice Service
Contents of service
- "noticeTS":1420642200 # Time that notice was created
- "noticeType": "Asserted|Validated|Found" # notice could be asserted by entity, validated by third party, or scraped from web site
- "noticeTxt":"We only collect information about you with your consent, except for web browser information which is retained in our logs for 2 weeks."
- "consentReceipt":TRUE|FALSE # whether the site provides consent receipts
Open Notice Registry
This would be a service on the Internet. Open Notice Registry (ONR) servers would be repositories of privacy notices and could communicate with each other to provide redundancy. A preferred model of this would also have a governance model to allow for validation of notices.
We Had A Great Event (Feb 8/9 2014)
A community interested in developing personal data control came together, hacked all weekend long and initiated project hacks, to evolve the control of personal data. The ability to control our own data is seen as an effective way to save the free internet. This event has really started something, the scale and size of this first event was remarkable. Mary Hodder, and I (Mark Lizar) got involved exactly 30 days before the event and if it wasn't for the huge out-pouring of support such a great event could never of happened. Thank you so much everyone who got involved! With a special thanks to Judi Clark for rejoining the CISWG and helping make the San Francisco event a massive success.
We had some great visitors, one of which was a cameo of Kantara's very own Eve Maler talking about consent. (video link here)
The Three Winning projects
- London - Consent Receipt Request Form - Presented by Reuben Binns & Valentino Spataro
- New York - Ghost Drop - Presented by Max Giraldo
- San Francisco - Privacy Visualisation - Presented by Nick Doty
The judges are currently being invited to voting on Best of Show next week Feb 17. Let us know which one you think is best (comment below)!
Come join developers, lawyers, policymakers, and academics as we collaborate to build technology solutions to challenging legal and policy issues. $1,000 prize for the best privacy hack at NYC | London | San Francisco locations. See the contest rules for restrictions.
Step 1: Register for a Location
To participate in person, please sign up with Eventbrite to help us plan space and food. To participate remotely, check out the rules.
Step 2: See What's Happening
Twitter Tag #LegalHack | #PrivacyHack
Step 3: Participate!
Join HackerLeague to get updated information about the event, list your project group, locations and topics, as well as find folks to collaborate with...
Judges & Speakers
Hon. Ann Aiken (District of OR), Susan Herman (ACLU), Johnathan Askin (Brooklyn Law School), David Wainberg (AppNexus), Wilfried De Wever (HiiL), Doc Searls (VRM Harvard Berkman Center), K. Krasnow Waterman (MIT), Amyt Eckstein (Moses & Singer), Jason Tenenbaum (Rashbaum Associates), Dona Fraser (ESRB), Solon Barocas (Doctoral Candidate, NYU), Sol Irvine (Yuson & Irvine), Heather Federman (Online Trust Alliance), David Pashman (Meetup)
Dr. Ian Brown (Oxford Internet Institute), Dr. Ian Walden (Queen Mary University), John Cummings (Innovation Partners), Stefan Magdalinski (Mydex), Wilfried De Wever - Senior Justice Adviser / Justice Investment Program Manager (HiiL)
K. Krasnow Waterman (MIT)
Brian Behlendorf (Mozilla Board)
Michelle Dennedy, author of the new book: The Privacy Engineer's Manifesto (McAfee)
John Buckman (EFF Chairman)
Data Privacy Legal Hack-A-thon
This is an unprecedented year documenting our loss of Privacy. Never before have we needed to stand up and team up to do something about it. In honour of Privacy Day, the Legal Hackers are leading the charge to do something about it, inspiring a two-day international Data Privacy Legal Hackathon. This is no ordinary event. Instead of talking about creating privacy tools in theory, the Data Privacy Legal Hackathon is about action! A call to action for tech & legal innovators who want to make a difference!
We are happy to announce a Data Privacy Legal Hackathon and invite the Kantara Community to get involved and participate. We are involved in not only hosting a Pre-Hackathon Project to create a Legal Map for consent laws across jurisdictions, but the CISWG will also be posting a project for the Consent Receipt Scenario that is posted in on the ISWG wiki.
The intention is to hack Open Notice with a Common Legal Map to create consent receipts that enable ‘customisers' to control personal information If you would like to get involved in the hackathon, show your support, or help build the consent receipt infrastructure please get involved right away -- you can get intouch with Mark (dot) Lizar (at)gmail (dot) com, Hodder (at) gmail (dot) com, or join the group pages that are in links below.
Across three locations on February 8th & 9th, 2014, get your Eventbrite Tickets Here:
This two-day event aims to mix the tech and legal scenes with people and companies that want to champion personal data privacy. Connecting entrepreneurs, developers, product makers, legal scholars, lawyers, and investors.
Each location will host a two-day “judged” hacking competition with a prize awarding finale, followed by an after-party to celebrate the event.
The Main Themes to The Hackathon Are:
- Crossing the Pond Hack
- Do Not Track Hack
- Anti-Surveillance & Transparency Hacks
- Revenge Porn Hack
There are pre-hackathon projects and activities. Join the Hackerleague to participate in these efforts and list your hack:
- A Consent Legal Map & Schema Project to create a legal map of the consent laws as a legal hackers tool for the event and projects posted at the event (many volunteers needed)
- Brainstorming List of Hacks - Add your ideas
- Share Tech and Links Page - Share your Knowledge
- Hacks (Project) Page - Propose or Join a project
- IRC Channel for Discussion
Sponsorship Is Available & Needed
Any organization or company seeking to show active support for data privacy and privacy technologies is invited to get involved.
- Sponsor: prizes, food and event costs by becoming a Platinum, Gold or Silver Sponsor
- Participate: at the event by leading or joining a hack project
- Mentor: projects or topics that arise for teams, and share your expertise.
Contact NYC sponsorship: Phil Weiss email or @philwdjjd
Contact Bay Area sponsorship: Mary Hodder - Hodder (at) gmail (dot) com - Phone: 510 701 1975
Contact London sponsorship: Mark Lizar - Mark (dot) Lizar (at)gmail (dot) com - Phone: +44 02081237426 - @smarthart
The Information Sharing Working Group is happy to announce that we have now officially changed our name from the ISWG to the Consent and Information Sharing Work Group (CISWG).
This enlarges the scope of the ISWG workgroup to include consent with information sharing. We welcome this additional mission to produce a consent schema for information sharing.
In every privacy legislated jurisdiction, consent is a requirement. In society, consent is what regulates all of us so that we can interact in proactive and collaborative ways. Right now, the broken and outdated policy and infrastructure we use is broken on all sides of these agreements. It works less and less to help people understand what will happen with their data, and less and less to regulate the one sided nature of those agreements. The infrastructure for people to express preferences and protect their own data is missing from the people side of the infrastructure.
The CISWG Charter has been updated to reflect this scope, and we invite any Work Groups whether at Kantara, or outside, and projects that deal with consent to get in touch. Our first consent project will create a Consent Legal Map and Schema. We would love to hear about projects doing similar work, and we are open to participation and collaboration with other projects working on this task.
If you do any consent work, or have some consent requirements, we want to hear about those. In fact, the CISWG Wiki is setup for adding scenarios for both Information Sharing and Consent use cases and projects.
We have calls every second Tuesday for the Consent project and our next call is on Tue Jan 28 at 5pm UK, 12 New York, 9AM PT, if you are interested in dropping in. If you want join the group, to lurk as a non-voting member, or be actively involved you are more than welcome. you can find all the infomration you need on the Information Sharing Wiki. https://kantarainitiative.org/confluence/display/infosharing/Home