Child pages
  • Sequence Diagrams for Consent Receipt Interop demo
Skip to end of metadata
Go to start of metadata

High-level sequence diagram v1

Please use Comments to add clarifying notes and details. (you must be logged into Confluence to add a comment - see Create an account and get full access to the Kantara Wiki if you need to create an account)


Notes:

  • Diagram shows that Data Controller A integrates with Consent Platform 1 for consent management functions
  • Diagram shows that Data Controller B integrates with Consent Platform 2 for consent management functions
    • Controllers are not required to use Platforms (we should show both variants)
  • The 'Business Function' that Data Subject and Controller A perform is decided and designed by the demo participant (Controller A in this case) - so this could be any interaction that will result in generation of a Consent Receipt
  • Scenario 1 shows the case where Platform 1 handles all CR activities including display to Data Subject
  • Scenario 2 shows the case where the Data Subject uses the 'dashboard' / 'viewer' / 'reader' of their own choosing to interact with previously-generated CRs
  • The demo might show different CR transport mechanisms - anything from 'give it to the Data Subject to store somewhere', to 'Platform-to-Platform CR transmission'
  • The critical piece that probably requires developer effort is 'Export Consent Receipt' and 'Import Consent Receipt' - those steps externalize CRs and might need some work to transform internal representations into conformant CR representations

Sequence diagram was discussed: DRAFT 2018-07-05 Meeting notes (CR). General consensus that, at a high level, this is a reasonable, simple, demonstration. Much detail lies beneath each interaction line.

  • No labels

3 Comments

    • These scenarios assume that the Data Subject, Data Controllers and Consent Platforms have already done whatever steps are required to setup user accounts, establish profiles, provide privacy notices about legal justification etc.
    • The idea of these sequences is to show the ongoing relationship and interaction between Data Subject and Data Controller as the Data Subject performs Business Function
    • Remember that the immediate goal is to show a conference audience how the concept of Consent Receipts works and to demonstrate simple interoperability between applications
  1. Could we have a definition of "platform" (and/or give concrete examples)? That term is not defined in the CR specifications.

  2. Jim

    Hoping this link works for a share of a bunch of useful definitions with an end goal of creating more claritiy.

    https://wp.me/p2AShf-1eFy