Status: In reviewed by the WG as 1 of x frameworks
This is a framework for person centric use cases, and relies on additional technical use cases and profiles for implementation.
The v1.2 consent receipt is a record of a notice, created when a person interacts with it, reads it online, or uses a QR code sign. It is used to mirror (twin) privacy and surveillance notices, notifications and disclosures (like cookie pop-ups) so that the user agent (like a browser) can remember the privacy preferences and valid consent state. This specification illustrates how a person (PII Principle) can generate a consent receipt for any service. The prefix of the receipt, called an ANCR record, is created first then used to generate a Consent Receipt. This helps people capture the state of notice and processing so it can be used by the PII Principal for proof of notice and the PII Controller (Service) as evidence of consent. Reducing contract frictions, costs, privacy risks and surveillance.