The objective is to create an Active State active state of trust in surveillance, and digital identity , for dynamic data control and automated governance. The result must be the freedom to control your personal information, to choose who benefits from it, and be empowered with our own personal big data and AI.
AuthC specifies a two factor notice (2FN) and two factor Notice for Consent (2FC) flow for presenting digital privacy transparency, accountability and rights access.
2FN + 2FC ->2FC produces legal proofs (computational privacy) that can be used to enhanced access and mobility services so they can be better used directly by people. regardless of physical or digtial technology or data governance providence (digi-space). This The specification for 2FN is designed to produce 'Privacy Assurance', (versus the existing framework of IAL, AAL, FAL), a new category of eConsent and identity management.
The work builds on a decade of effort, much of it in Kantara workgroups. The Consent Receipt has been widely recognized and adopted, with iteration and implementations since the publication of the Consent Receipt and then is includesion its inclusion in the ISO/IEC 29184 annex.
2FN and -> 2FC specifies how how consent receipts be generated from a Notice Record to provide evidence of consent and can be used for any any legal justification for processing personal data. Most importantly, AuthC makes sense of presents how ANCR Records and Consent Receipts can be generated by either party (the PII Controller and the PII Principal) or by both stakeholders, for for active state privacy and security.