Public Privacy Infrastructure: Consent Tag Specification Proposal from Mark Lizar on 2013-08-22 (public-privacy@w3.org from July to September 2013)

From: Mark Lizar <info@smartspecies.com>
Date: Thu, 22 Aug 2013 13:20:54 -0700
To: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-Id: <D05D42BC-9A1D-4ABC-BBA6-4D7B2C64227F@smartspecies.com>

Hello Everyone, 

It seems the cat is just about out of the bag on the new effort we (Open Notice) are working hard to launch in September. 

There is a lot going on right now in the world of privacy, jurisdictional issues are becoming very important as trust and cyber-security is an international concern.  In this respect public infrastructure (standards) are needed for privacy, consent and information control.

Par Lannero and I co-founded Open Notice, which is an industry interest group about opening the closed privacy and TOU policies (notice) to make informed consent meaningful. (see paper: Open Notice: A call for participation<http://www.w3.org/2012/dnt-ws/position-papers/23.pdf> for useful background) 

The philosophy behind Open Notice is that these legally required policies elements should not be completely custom by each organisation and comprehension for the policy end user should not only be easy but functionally meaningful.  Common (and legally) required policy points should be external of the organisation and consent and privacy should be a public resource to manage consent and personal information.   Not wrapped up in closed polices that are custom for each service provider.  As data protection increasingly becomes more and more inefficient,  privacy needs to be in the hands of the public and modern privacy should be more an more about personal information control. 

To sum up, the Open Notice effort has moved forward over the last year and we are now proposing a specification work item called the ' Consent Tag Specification'  The aim of this is to enable people to tag a consent they provision, at the point of consenting, for post consent policy administration and enforcement.  The tag would consist of; links to policies, check list of legal requirements (depending on jurisdiction,)  and a registry of third party data sources  and services.  Services like the 'Common Terms Project, TOSBACK, TOS:DR, Ghostery, Disconnect Me and so on. 

For instance common (legally required) terms from the policies can be linked to the standard consent tag schema  fields so that existing policies are linked in a way that can be useful. 

For those that are interested  we would like to invite you to come and discuss, participate and volunteer.  The effort aims to start in September and we are currently scoping out what should be in a consent tag and the elements/references contained in the tag. In fact, a robust discussion on the entire topic would be whole heartily appreciated. 

If you are interested in taking an active role please sign the Kantara participation agreement and join the ISWG list where we will be incubating this specification with the aim to prepare it for the W3C.  Or get in touch with me or Par Lannero,

Kind Regards, 

Mark Lizar

FYI  This is the Consent Tag Specification Proposal to Kantara <https://dl.dropboxusercontent.com/u/1959097/Open%20Notice/OpenNoticeConsentTagSpecificationProposal.pdf>,  working towards putting the power and control of consent into the hands of the public.  Externalising common policy points.

Received on Thursday, 22 August 2013 20:30:07 UTC