Consent & Information Sharing Work Group (CISWG)
This Work Group operates under the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND)
This working group has been evolving since 2009, starting out as the Information Sharing WG focused on catalysing a rich flow of consent based personal information - from a CRM perspective - actual demand data (as opposed to predicted demand) can be engineered with better personal data control then could be found in any traditional CRM products and departments. The first work stream was led by Joe Andrieu and Iain Henderson, which produced the Information Sharing Label Notice for people.
In 2012, Open Notice Initiative, (now the Kantara Liaison Partner Open Consent Group), presented a paper Opening up the Online Notice Infrastructure An ‘Open Notice’ Call For Collaboration, at the W3C Do Not Track & Beyond Conference.
The result of this effort was the proposal to Kantara, ISWG to focus on a consent work stream, which resulted in this WG name change to the Consent & Information Sharing WG (CISWG). This work stream has focused on making an identity management usable consent record called the "Consent Receipt", driven largely by major contributions from Mary Hodder, John Wunderlich, Iain Henderson and Mark Lizar who brought the spec to a v.1, with a special thanks to David Turner and extra special effort of Andrew Hughes to bring together the release of V1.1 to be published on May 25, 2018 . This specification is now growing adoption in the EU and US healthcare, consent management, policy frameworks, smart contracts.
This Workgroup is open for interested participants, the work product that is produced is under a Royalty Free (openly usable) RAND license. The work produced is provided for review by industry, public sector, regulators, other standards organisations like the ISO of ISO/IEC JTC 1/SC 27/WG 5, and community partners; like Project VRM, who have supported the long term development of tools for individual autonomy over personal information.
The WG members often meet at conferences and workshops in the US and EU, which happen annually for those who want to meet in person.
- May & Oct - IIW Internet Identity Workshop - Mountain View, California
- May EIC European Identity Conference - Berlin Germany
- June - Identiverse (Boston 2018)
- August 29-31 MyData Helsinki
This blog post on the Personal Data Eco-system is useful background and context for this working group.
Download the Consent Receipt Overview
- Jim Pasquale - Chair
- John Wunderlich - Vice-Chair
- Andrew Hughes - Vice-Chair
- Mark Lizar - Liaison
User Submitted Terms: Wednesdays - 16:00 BST; 08:00 PDT; 11:00 EDT
Consent Receipt: Thursdays - 15:30 BST, 07:30 PDT, 10:30 EDT
Please join my meeting from your computer, tablet or smartphone.
Please join my meeting from your computer, tablet or smartphone.
You can also dial in using your phone.
United States: +1 (669) 224-3318
Access Code: 323-930-725
More phone numbers
Australia: +61 2 9091 7603
Austria: +43 1 2530 22500
Belgium: +32 28 93 7002
Canada: +1 (647) 497-9376
Denmark: +45 32 72 03 69
Finland: +358 923 17 0556
France: +33 170 950 590
Germany: +49 692 5736 7300
Ireland: +353 15 360 756
Italy: +39 0 230 57 81 80
Netherlands: +31 207 941 375
New Zealand: +64 9 282 9510
Norway: +47 21 93 37 37
Spain: +34 932 75 1230
Sweden: +46 853 527 818
Switzerland: +41 225 4599 60
United Kingdom: +44 330 221 0097
A quick note that the Consent Receipt Specification has been approved by the Consent and Information Sharing WG to move to All Member Ballot and final publication.
Working through a few heavier topics - WG consensus to slip one more week in the schedule.
Due to vacations etc. we are updating the sprint schedule by shifting one week. The image shows the new dates.
Due to national holidays at the beginning of July, the WG decided to shift the Sprint dates by one week.
As usual, the github project for v1.1 is at:
The WG is trying out a new way to organize the work on Consent Receipt v1.1. We are using the concept of "Sprints" from the Agile world, along with github issues and comments.
The issues backlog is here: https://github.com/KantaraInitiative/CISWG/issues
The general schedule for the work is represented in the diagram (click for a larger view). Issues are selected from the overall backlog and scheduled for specific Sprints, using the "Milestone" feature of github.
The workshop on Real Consent was a great success. Even with such short notice, the room was full and we had a great set of speakers attend.
The Workshop started with an introduction from Michele Nati @digicatapult about the Personal Data & Trust Network. .
The Speaker Arrangements:
First up was Mark Lizar form the Open Consent Group. Discussing Real and Open Consent
Second was Richard Beaumont from Govenor technologies, Presenting on consent in the GDPR
Third was Liz Col from Citizens Advice - Presenting on Consumer Research
Last up was Dr. Andrew McStay from Bangor University - Presenting on Consent and the tracking of intimate emotions
Mark Lizar @Smartopian - gave a introduction about #RealConsent as an achievable goal, in which he covered Open Consent Standards (including the consent receipt and UMA), Trust Services & Consent Technology being key to the developing consent marketplace.
Richard Beaumont @Richard_TCC covered the GDPR consent elements and discussed a few of the many ways in which these may be interpreted once the legislation becomes active.
Liz Col @elcoll discussed the citizens perview of this space and noted that people love the internet but not one of them brought up the word consent.
To learn more about what was really discussed you can find the notes at http://tinyurl.com/RealConsent
As well, feel free to fill in the short survey, which can be found at http://tinyurl.com/RealConsentNotes).
We are now hunting for dates for the next workshop in March where we hope to start tackling the models of practice for consent and design. If you are interested in speaking please get in touch.
- MVCR V0.7 The Alpha I now posted on GitHub and attached here
- Comments can be made as issues in GitHub or on the comment form attached.*MVCR - Comment Sheet.doc
- Consent Receipt Server Straw man on display at http://api.consentreceipt.org,
- WG Example and dog food Implementation
- CIS-WG join form:https://kantarainitiative.org/signup/?selectedGroup=3)
Lots of CIS appreciation goes out to Domenico
MVCR Road Map 2015
(Functional Requirements Specifications)
(Technical Requirement Specifications)
This includes: MVCR Core Receipt Profile; Tables: Fields, Definitions, technical Logic, Appendix tables,
Implementation Review: WG Review and Issues List Generation, Issues Prioritization, Issues Resolution,
This includes: Documentation Development, Demonstrator review and revision list.
Kantara Community Review: -Collect and Address Comments, Final Review,
Public Review & Acceptance of V1
This is a note to let everyone know that you can find the next version of the consent receipt at this link. Minimum Viable Consent Receipt Specification - v 0.6
This is the beginning of the list of the 'why' and 'how' of the Consent Reciept. The intention is to develop, discuss and refine this list going forward.
Values, Benefits and Claims of Minimum Viable Consent Receipt
- The MVCR number one purpose is dramatic usability of consent. For example, to be used by people to see (and if desired verify) compliance level and to engage in personal data control
- provide a foundation for the less educated and less advantaged technically to engage in the control and choice of how personal information is accessed.
- usabilty promoted as a key missing component of privacy and security is addressed by the MVCR
- The method and rationale behind the term 'minimum viable' is aimed to distill the most common regulatory requirements of a consent token, and to present it as an understandable receipt which demonstrates basics of trusted consent. This requiers the abiity to demonstrate with a consent token a basic level of self asserted compliance compliance across jurisdictions.
- A consent receipt designed well should show compliance and usability clearly, and provide the consent provider control and independent privacy with how this information is used.
- As a common token format - A Minimum Viable Consent Reciept is Schema that will enable the consent requester to demonstrate scalable levels of trust and the ability for people to assert privacy regulation independently of a service providers platform.
- The MVCR is specifically designed to provide the minimum amount of common compliance to legal requirements across jurisdictions.
- The presence of a consent receipt in and of itself demonstrates a capacity by the providing organisation for the legal management of consent. The act of providing a consent receipt demonstates the self asserted level of compliance and the ability for the individual to check the links provided enables the individual to see if the reciept deserves its self asserted value.
- Trust facilitated networks like those facilitated by TAS3, ID3, Respect Network and personal data control protocols (UMA) and so on would automate the trust process and can enable maximum personal data control and customisation.
- Consent Legal Framework - The MVCR Core Extension specifically refers legal context and terminology of existing legislation in the relevant jursidiction (s).
- The standardization of the consent requirements (in the Consent Legal Framework) enable an open source way to build tools that aggregate consent and policy information across jurisdiction
- Adding requirements from multiple jurisidictions is as easy as appending additional context and requiremetns to the existing token. This way additional context and requiremetns can be specified and third parties can then proxy and policy the use of personal data. This architecture provides the method to standardise the communication of consent management requests across jurisdictions (with the potential ability to address SafeHarbour Requirements).
- Irrespective of the medium used, as long as the minimum viable consent receipt contains the minimum viable information, it is usable to verify the self asserted claim of compliance and a channel to communicate with an organisation if their is an issue with consent.
- The MVCR Core extension will reflect regulator changes
- A consent receipt can be used to manage consent on aggregate. E.g. withdraw consent, or negotiate consent of multiple service providers
- With the ability to manage consent by extension of the spec the ability to negotiate terms for service delivery is also possible with a consent receipt.
- To negotiate TOU within context. Specifically, to negotiate terms of personal data use as well as control the use of Sensitive Personal and access/use by third parties, consent can be modified and specified by the con
- This becomes especially significant in the context of Trust Protocols like UMA and trust services like XpressRules (see list email)
- The quality of consent can be measured by how much the usability of consent has evolved in the context of the provisioning organisation.
- The consent token format can be used as a standard approach to scaling the usability of consent and associated policy across jurisdictions and the internet.
- Extensions will need to in include Trusted Services and the like (as defined in the v.06 of the MVCR spec) This requires audits of third party trust services so they can be represented in the context of the specification (e.g. verified to effect legal compliance in x way and for the stated purpose)
- For a consent receipt to become a consent transaction token, it needs to be linked to the log of all previous consent changes by the user. For instance an UMA log or an XDI chain.
- The issuance of a consent receipt itself illustrates an enhanced compliance that also advertises the ability to communicate with those that wish to manage consent themselves. The receipt provides the mechanism to engage. (there fore demonstrating discovery through organisations self asserting compliance)
- people are then able to use the receipt to independently communicate about policy with receipt provider
- The receipt itself needs to be flexible. It needs to be able to self assert the most basic and minimal use of personal data, to the most vouched for or prolific and open use of personal data, a data subject might have.
- The most minum viable consent receipt should not have any personal data associated but the which was the identifier provided. The individual should have the choice of masking this on his/her device of choice and as a preferences with the provider.
Coming out of the Convergathon in October, it seems that the data flows for the open notice registry will be an integral part of open notice. This data flow and description is my understanding of the first cut at this.
Privacy Notice Service
It is the case that most countries that have a data protection regime have some form of notice and consent regime. We propose a privacy notice service to provide participating entities with a common protocal and service to publish their privay notices. This enables the following:
- Regulators to validate that notice and consent guidelines are being met
- Users to proactively determine which entities to deal with before provide personal information
Adoption of a privacy notice service would also encourage competition and innovation in data protection.
Privacy Notice Service
Contents of service
- "noticeTS":1420642200 # Time that notice was created
- "noticeType": "Asserted|Validated|Found" # notice could be asserted by entity, validated by third party, or scraped from web site
- "noticeTxt":"We only collect information about you with your consent, except for web browser information which is retained in our logs for 2 weeks."
- "consentReceipt":TRUE|FALSE # whether the site provides consent receipts
Open Notice Registry
This would be a service on the Internet. Open Notice Registry (ONR) servers would be repositories of privacy notices and could communicate with each other to provide redundancy. A preferred model of this would also have a governance model to allow for validation of notices.
We Had A Great Event (Feb 8/9 2014)
A community interested in developing personal data control came together, hacked all weekend long and initiated project hacks, to evolve the control of personal data. The ability to control our own data is seen as an effective way to save the free internet. This event has really started something, the scale and size of this first event was remarkable. Mary Hodder, and I (Mark Lizar) got involved exactly 30 days before the event and if it wasn't for the huge out-pouring of support such a great event could never of happened. Thank you so much everyone who got involved! With a special thanks to Judi Clark for rejoining the CISWG and helping make the San Francisco event a massive success.
We had some great visitors, one of which was a cameo of Kantara's very own Eve Maler talking about consent. (video link here)
The Three Winning projects
- London - Consent Receipt Request Form - Presented by Reuben Binns & Valentino Spataro
- New York - Ghost Drop - Presented by Max Giraldo
- San Francisco - Privacy Visualisation - Presented by Nick Doty
The judges are currently being invited to voting on Best of Show next week Feb 17. Let us know which one you think is best (comment below)!
Come join developers, lawyers, policymakers, and academics as we collaborate to build technology solutions to challenging legal and policy issues. $1,000 prize for the best privacy hack at NYC | London | San Francisco locations. See the contest rules for restrictions.
Step 1: Register for a Location
To participate in person, please sign up with Eventbrite to help us plan space and food. To participate remotely, check out the rules.
Step 2: See What's Happening
Twitter Tag #LegalHack | #PrivacyHack
Step 3: Participate!
Join HackerLeague to get updated information about the event, list your project group, locations and topics, as well as find folks to collaborate with...
Judges & Speakers
Hon. Ann Aiken (District of OR), Susan Herman (ACLU), Johnathan Askin (Brooklyn Law School), David Wainberg (AppNexus), Wilfried De Wever (HiiL), Doc Searls (VRM Harvard Berkman Center), K. Krasnow Waterman (MIT), Amyt Eckstein (Moses & Singer), Jason Tenenbaum (Rashbaum Associates), Dona Fraser (ESRB), Solon Barocas (Doctoral Candidate, NYU), Sol Irvine (Yuson & Irvine), Heather Federman (Online Trust Alliance), David Pashman (Meetup)
Dr. Ian Brown (Oxford Internet Institute), Dr. Ian Walden (Queen Mary University), John Cummings (Innovation Partners), Stefan Magdalinski (Mydex), Wilfried De Wever - Senior Justice Adviser / Justice Investment Program Manager (HiiL)
K. Krasnow Waterman (MIT)
Brian Behlendorf (Mozilla Board)
Michelle Dennedy, author of the new book: The Privacy Engineer's Manifesto (McAfee)
John Buckman (EFF Chairman)
Data Privacy Legal Hack-A-thon
This is an unprecedented year documenting our loss of Privacy. Never before have we needed to stand up and team up to do something about it. In honour of Privacy Day, the Legal Hackers are leading the charge to do something about it, inspiring a two-day international Data Privacy Legal Hackathon. This is no ordinary event. Instead of talking about creating privacy tools in theory, the Data Privacy Legal Hackathon is about action! A call to action for tech & legal innovators who want to make a difference!
We are happy to announce a Data Privacy Legal Hackathon and invite the Kantara Community to get involved and participate. We are involved in not only hosting a Pre-Hackathon Project to create a Legal Map for consent laws across jurisdictions, but the CISWG will also be posting a project for the Consent Receipt Scenario that is posted in on the ISWG wiki.
The intention is to hack Open Notice with a Common Legal Map to create consent receipts that enable ‘customisers' to control personal information If you would like to get involved in the hackathon, show your support, or help build the consent receipt infrastructure please get involved right away -- you can get intouch with Mark (dot) Lizar (at)gmail (dot) com, Hodder (at) gmail (dot) com, or join the group pages that are in links below.
Across three locations on February 8th & 9th, 2014, get your Eventbrite Tickets Here:
This two-day event aims to mix the tech and legal scenes with people and companies that want to champion personal data privacy. Connecting entrepreneurs, developers, product makers, legal scholars, lawyers, and investors.
Each location will host a two-day “judged” hacking competition with a prize awarding finale, followed by an after-party to celebrate the event.
The Main Themes to The Hackathon Are:
- Crossing the Pond Hack
- Do Not Track Hack
- Anti-Surveillance & Transparency Hacks
- Revenge Porn Hack
There are pre-hackathon projects and activities. Join the Hackerleague to participate in these efforts and list your hack:
- A Consent Legal Map & Schema Project to create a legal map of the consent laws as a legal hackers tool for the event and projects posted at the event (many volunteers needed)
- Brainstorming List of Hacks - Add your ideas
- Share Tech and Links Page - Share your Knowledge
- Hacks (Project) Page - Propose or Join a project
- IRC Channel for Discussion
Sponsorship Is Available & Needed
Any organization or company seeking to show active support for data privacy and privacy technologies is invited to get involved.
- Sponsor: prizes, food and event costs by becoming a Platinum, Gold or Silver Sponsor
- Participate: at the event by leading or joining a hack project
- Mentor: projects or topics that arise for teams, and share your expertise.
Contact NYC sponsorship: Phil Weiss email or @philwdjjd
Contact Bay Area sponsorship: Mary Hodder - Hodder (at) gmail (dot) com - Phone: 510 701 1975
Contact London sponsorship: Mark Lizar - Mark (dot) Lizar (at)gmail (dot) com - Phone: +44 02081237426 - @smarthart