Standard Transparency for Data Control with Consent

After over a decade of work in the Kantara Initiative ANCR WG, we Introduce a standard two factor receipt notice in an informal session to the ISO JTC1 SC27 WG 5 committee comprised of international privacy and identification expert and liaisons.  This proposes to update the existing 27560 standard, which confuses permission with consent as a. standard record information strucure to  repalce - check box opt-ins to policies like terms and conditions and contract based privacy policies with real privacy law.  Solving the biggest lie on the internet by replacing service agreements, licenses and privacy policies that people can’t possible read and track online, with a receipt people can consent with. 

Background : Scaling 3rd Party Trust

Humans evolved with an innate need to communicate, collaborate and synchronize, driven by our ancient need for survival, social cohesion and the benefits of collective effort. Trust was fundamental, because it ensured that individuals could rely on one another, fostering cooperation and reducing the fear of exploitation or betrayal. Yet trust began to have limitations as societies and economies grew more complex. A receipt was devised as a simple method to extend trust further. A receipt was used as a record of trust, honour and reputation, a record that extended trust to a third party. 

Trust has always been a key component of human interaction. A receipt, as a record of this trust, has been the inclusive, non-discriminatory method that has evolved over time as a tool to scale trust to more than one party. As a record, it a reliable, transparent, and verifiable way to document exchanges, ensuring that all parties could rely on a shared understanding. Today, a  notice receipt is required but disguised as a cookie, or meta-data record.

As records and receipt enabled governance to be advanced, so too did trade and commerce, through the distribution of benefits that came with transparent and regulated marketplaces. 

The first receipts, circa 3200 BCE, were preserved on clay tablets, a key development in the evolution of writing and record-keeping. They are the first example of a distributed identifier expressed as an attribute that represented an asset and verified through keeping a record of the asset and its trading activity.  

This ritual of creating a record of an interaction brought with it enlightenment, and advanced financial exchanges, where receipts evolved into a commercially signed paper and eventually into currency.  An invention that first began with a notarised banking promissory notice, to be used between two banks, the security of commercial paper advanced quickly with the printing press to special paper and an unique identifier printed on each bill. Receipts were then used when currency was exchanged, to share the record of exchange, wherein the receipt and a ledger were used to track financial transactions.   This ledger served to log the transaction so that the transaction can be used as evidence by both parties, and/or kept by a third party, which became a bank.  

Decentralising data governancem simply refers to providing people with an anonymous notice receipt, which a person can use to access privacy rights directly, use to access services without having to have a username or login,  It is a proof of knowlege that simplifies privacy with a standard open privacy policy for data rights and enables individuals to have their own source of clean and private data people can trust.   

Much like a paper receipt that can be used to return faulty and unwanted items; it enables interacting parties to mitigate risks independently, and as a evidence for legal  approaches to privacy enforcement.   Like a paper receipt it is a tool to co-regulate and enable peer to peer security and privacy infrastructure, extending trust with its assurance.

As a tool to self-identify with, and interact anonymously, it enables personal data control so that data protection is not needed, dramatically increasing security and privacy for people.

The Result


The presentation went over quite well and with this milestone accomplishment we have started the Global Privacy Rights company.   To this end we are now looking for partners and sponsors that align with the Global Privacy Rights mission to make standard tansparency public digital infrastructure of the internatiomal data commons.    If you are interested in getting involved, get in touch at info at globalprivacyrights.com,  Lets make  standardised transparency and consent.