Identity Trust Charter

Name
Trust for Identity

Charter Purpose
To advocate and facilitate open (not closed) internet policy notices and terms that control personal information. Enabling a rich ecosystem of granualr controls to set personal information free from its current privacy prison.

Both Consent and Notice are primary tools online used to legally control and administer the flow of rights when sharing information online. At this time this policy infrastructure is a relic of the industrial age and not usable for privacy rights in context with identity management.

Industrial Age Notice is the existing policy infrastructure that is easily identified by a check box or i agree button to administer the control and use of personal data and contract terms, but it is ad-hoc. Meaning that each organisation has its own policy in their own format, placed in various places on websites. The most typical sign of Industrial Age Notices is that the law in most countries in the world stipulates, that if an organization wishes to, they can require people to provide a written request for access to personal information. Thus restricting people to analog (not in context access to personal information) An issue, with a simple open notice format, could easily be addressed with a twitter address.

Practices
To work towards and with global frameworks for notice an consent. Collaborate and facilitate opportunities in the development of Notice and Consent online. Activities consist of posting articles of interest to the list and to share research pertaining to the advancement of notice and creation of consent management in identity management. Anyone can participate.

openconsent@googlegroups.com

At this time there are a lot of efforts in the space of identity management online. This charter calls for more focused discussion = on the core issues of consent and the use of notices in the control of personal information.

"Identity Trust Think Tank - Topic List"
 * User-Centric Consent tracking
 * Advocate for an Open Online Notice Standard for policy and consent notices
 * Support the evolution of Data Portability by digitizing and standardizing Legal Subject Access Requests
 * Analyzing/Measuring the new trust/privacy strategies and regulatory initiative (do they really work?)
 * Mapping Governance: tracing the control infrastructure of choice, consent, and policy notices
 * Exploring Consent and Notice Metrics for uniform enforceability across jurisdictions
 * Identity Rights Framework - How to independently measure the quality of rights protections in online information policy?
 * How to Regulate? What to Regulate? Where to Regulate?
 * Legal and Illegal use of notice and consent in surviellance

(Invitation, Please email topics to identitytrust@googlegroups.com)

History of Works
Notice & Consent for trust in the use of identity or : 'Identity Trust' Presented at IIW in 2006 by Mark Lizar & Louis Monvoisin

This presentation led to the creation of this Charter which champions the exploration of notice and consent as a governance framework that scales globally. This effort, along with the open privacy work, and the Privacy Icon's work led by Mary Rundle, made it's way to the OECD in 2007, and was presented to British Parliament.

[OECD - From Person Hood To Digital Identity] [Parlimentary Proceedings]

2012 Update: At this time people are not able to be aware of what privacy and terms of use policies they are subjected to at any one time. It is not clear that the existing notice and consent infrastructure is even legal for managing digital identity in multiple countries. While Regulators and Enterprise come to an understanding of what forms of regulation should be in place personal information isnt easily controllable or usable by people. Privacy is effectively restricting personal information, innovation, and collaboration.

The Open Notice Initiative, is a new project for advancing notice and consent standard to address the fake "I agree" and "I understand" online forms for taking peoples data.

Papers, Presentations & Hackathongs W3C Do Not Track and beyond - [Call for Collaboration] Mark Lizar and Reuben Binns ACM Paper Usable Consents - Mary Hodder & Mar Lizar New York Legal Hackers

2013 Report : After a lot of work, it has become clear 1. Privacy Laws Need to be updated 2. Standards for Consent are needed (Not Just Notice) 3. Laws for Notice and Consent Need to Be Enforced.

Consent Tag New effort Sept 2013 to Open Notice and Consent at the [Kantara ISWG].

2014: Minimum Viable Consent Receipt -

Consent & Information Sharing WG, - New combined effort with Information Sharing Work Group at Kantara to build a consent record standard. Rather than a consent label standard for internal ecosystem tagging, the Open Notice Initiative has moved its next effort to Kantara for the updated

Published 2016 - MVCR v0.7 - at the Kantara Initiative

Published 2018 - Consent Receipt v1.1

Related WG's and links
ISWG - Information Sharing Work Group ([Kantara Initiative] and [Identity Commons])

[TFMM] - Trust Framework Meta-Model Work Group (Kantara Initiative) (NEW)

[NSTIC-WG] - National Strategy for Trusted Identities in Cyberspace (Identity Commons) (NEW)

[PFWG] - Privacy Framework Sub-Work Group of the P3WG - Privacy and Public Policy Work Group (Kantara Initiative)

OIX WG - Open Identity Legal Analysis Work Group (Open Identity Exchange)

[UMA] - User Managed Access (Kantara Initiative)

Related Efforts: (Note: At this time their are a great deal of efforts, many disconnected. Please list efforts here) ISTPA APEC - CIPL - Accountability ISO 29100 & 29184 NASPO OASIS

Key Works
2007: International Privacy and Security Trust Alliance - (later contributed to inISO)

Anyone may contribute and comment at any time.

[if you are interested in more information or a private chat send an email to [openconsentgroup@gmail.com]]

Licenses and/or Restrictions on Usage of Work Product
Creative Commons Attribution-Share Alike

Current Meeting Schedule
There are no meetings scheduled as of yet.

Current Deliverable and Milestones
Step 1: Aggregate interest, material and ideas.

Step 2: Organize a call for papers and ideas based on Step 1

Current Stewards Council Representative and Alternate
Primary: Mark Lizar Alternate: Louis Monvoisin

This Charter effort is dedicated to the memory of Nick Givotovsky a co-founder. The first Steward of the initiative to generate trust in the use of Identity management. [RIP]

Original Charter Statement
This work group has been set up to develop a Master Controller Access to Consent Framework.[ Note 2006 was a long way to describe human centric privacy framework for identity management based on consent. This effort is still growing and influencing the development of global standards.]