Authors:
(1) Harshvardhan J. Pandit, ADAPT Centre, Dublin City University, Dublin, Ireland, and Cybersecurity and Data Protection Group, National Standards Institute, Ireland ([email protected])
(2) Jan Lindquist, Privacy and Security Group, Institute for Standards, Sweden ([email protected]);
(3) Georg P. Krog, Signatu AS, Oslo, Norway ([email protected]).
Table of Links
2 Overview of ISO/IEC TS 27560:2023
3 Comparing ISO-27560, ISO-29184, and GDPR
4 Consent Records and Receipts using DPV
6 Implementation Considerations and Future Work
6.2 Using Records and Receipts with eIDAS and EUDI Wallet
6.5 IEEE P7012 Machine-Readable Privacy Terms
A Example of Consent Record with both required and optional fields
B Example of Consent Receipt with required fields from consent record
6.5 IEEE P7012 Machine-Readable Privacy Terms
In addition to the above, we are also working with the IEEE P7012 group to develop a standard for machine-readable privacy terms which uses ISO-27560 and ISO-29184 with DPV to define the conditions under which the individual allows use or reuse of their personal data. The use of this standard will provide an efficient and optimal mechanism for data subjects to signal their consent or initiate an agreement with a service provider.
This paper is available on arxiv under CC BY 4.0 DEED license.