Ministry of Interior Czech Republic

PI Principal natural person to whom the PI relates, is used for explicit consent in which the person is identified, Principal ID, is the primary (often principal choses) identifier for linking automatic processing to a persona, and/or collection of attributes provided at point of consent, which are used to identify the PI Subject are shared.

Purpose Termination - defines the duration of consent and/or its condition of termination. Purpose Preference and Purpose termination are designed to be used in tandem and are put into Scope(s) Section (if machine readability is required)

Capacities listed by manufacturers are not necessarily relative to each other, as no uniform standart exists to determine these. In general, the industrial grade rod ends listed herein can be grouped as having similar capacities. For heavy duty applications please refer to the RACE CAR SERIES which are more suitable for higher loading and shocking applications (eg racing car suspension). For applications of a difficult nature please consult our technical department.

Most industrial rod ends are available in a studded design as shown with either male or female body design. Studs are male right hand, and of the same thread form and diameter as the shank. Dimensions P & K are listed in the viewing tables. Ordering example – VMS 8 (Bronze lined male right hand with 1/2″ UNF stud)

Statewide Linear Bearings can supply a large range of studded rod ends including male to male, female to male in various liner and load capabilities.

The Basic MVCR conformance requirements are intended to make a consistent receipt and to provide people with this receipt as to make this record Open in both; a common format and common practice. As a result it is a requirement that both the individual and organisation have a record of the consent. The receipt can be used by the individual to validate and communicate and manage the consent by both parties.

Other purposes may be uses as appropriate for the specific context of each jurisdiction and the site, application or service.

This specification identifies the consent requirements necessary to record a personal information (PI) sharing transaction and provide this record as an independent receipt.

Non-Explicit Consent (includes self-asserted and externally defined consent type), MVCR Lite Mode demonstrates receipt conformance with the MVCR, but is limited to conformance, and makes no compliance claims, but can demonstrate conformance with MVCR using defined consent types.

(d)whether he is a member of a trade union (within the meaning of the M1Trade Union and Labour Relations (Consolidation) Act 1992),

The provision of a record of a consent with valid contact information is what is defined in this specification as Open Consent.

Https wwwmvcrcz mvcren

. (additional categories G & H needed to be added to Sensitive Data List as sensitive data that requires and explicit consent) (see below)

| Scope | Purpose | Example | Purpose Category | PI Category | Scope Reference (linked) | Scope Description | Confidentiality | | ------ | ------ | :------: | :------: | :------: | :------: | :------: | | Technical | share | network data | link to data list | Browser Data, IP Address. | security | READ access | medium | | Technical | Collect | , Health, Financial | health records | secuirty | Read | IP address is PII but has | low confidentiality | | | Physical address for deliveries | Read | | | | | | | | | Personal Health Information| Read + encrypted | linked to notice | | | | | | | Credit Card or payment information | Read + encrypted + specified 3rd party | | | | | | |

At the outset of the MVCR it was the intention to move, if possible, this specification to ISO, as well, it was recognized that

Personally Identifiable Information (PII) Personally identifiable information (PII), is defined in ISO/IEC 29100:2011. The abbreviation PII is widely accepted in OECD base FIPPs jurisdiction, but the phrase it abbreviates has four common variants based on personal / personally, and identifiable / identifying. Not all are equivalent, and for legal purposes the operational definitions can vary depending on the specific purposes for which the term is being used. the term used more often is "personal information", which may be somewhat broader. The specification, is able to reference PII Purpose Category directly to regulation, and in the context of identifiability for EXPLICIT consnet.

Note: (John) PII provided to vendors or suppliers to the PII Controller that is providing data processing services of PII to the PII Controller would not normally be considered disclosure or information sharing |

The BASIC MVCR provides an open consent format to not only Open Consent, but also to provide proof of consent, and enable consistent consent practices for dynamic consent (change consent preferences and withdraw consent). As the consent receipt is required to be provisioned at point of consent this specification addresses FIPPs and ISO Principles - "Openness, transparency, notice") and Consent (ISO Principle 1 - "Consent and Choice")

Repeat the creation of purpose, attached to a purpose category or not, these set of fields as many times as necessary to set out the purpose(s) and preferneces for data collection and use

Statewide Linear Bearings has been supporting the race car industry for thirty years by way of rod end and plain spherical bearing supply. The company stocks the broadest range of aircraft, race car and industrial styles in Australia and New Zealand, including brands such as NMB (Minebea) and Alinabal. Alternate brands can be sourced through our world wide network of suppliers.

PII Confidentiality Impact Levels These refer to low, medium, high confidentiality, or Not Applicable; which correspond to NIST controls sp800-122 and can be use for the organisation, the individual and the developer to ascertain on scale the level of risk and security.

| timestamp | alice@subject.com | Bob bob@bob.com | verbal consent |@bob | Not Sensitive | NO 3rd Party Sharing | Privacy Policy Read at point of Consent |

This table specifies requirements to fulfill conformance for each mode as defined. MVCR is for all types of implied and mixed consent contexts. EXPLICIT MVCR is for standardised consent contexts COMPLIANT MVCR is for specific privacy controls as defined by regulation or policy

privacy policy link - The privacy policy link is to the current policy, if there are materials changes to this policy then a new consent is required for sensitive data categories and various trust network requirements. (note: can be used for compliance- privacy policy can be attached to the receipt payload.

Purpose Specification A statement or series of statements that set out the purpose(s) for which PII has been collected. In the MVCR the purpose is intended to specify the context of use.

(h)any proceedings for any offence committed or alleged to have been committed by him, the disposal of such proceedings or the sentence of any court in such proceedings. " http://www.legislation.gov.uk/ukpga/1998/29/section/2

Https frs gov cz en ioff application Status

Although, through the spec work it has become apparent that we can borrow from ISO, this specification needs to have within it a specific terminology that is independent of other specifications. Even so, we adopted Personal Information (rather Personal Data) and like decisions to increase interoperability of this work with this framework. Similarily, where possible all fields and terms are referenced. as well, Here in lies the mapping of terminology and components.

Explicit 3rd Sharing: The degree that sharing is specified can be explicit. In the specification, the sharing purpose category SHOULD be listed, as well as the the third party at a minimum. But, this can further be explicitly specified with options that include sharing contract, preference, and termination fields, which are beyond minimum requirements.

PI Controller - that is accountable for compliance over the management of PII, A PII in ISO 29100 (for explicit consent) controller determines why (purpose) and how (means) the processing of PII takes place. The PII controller shall ensure adherence to the privacy principles during the processing of PII under its control (e.g., by implementing the necessary privacy controls). There may be more than one PI(I) controller for the same PI(I) set or set of operations performed upon PI(I). In this case the different PI(I) controllers SHOULD be listed in the MVCR, MUST be listed for Explicit CONSENT SHARING .

This section identifies the individual and company that is accountable for data protection and the privacy policy to which the consent is bound.

Out of Scope The Basic MVCR is used to provide a consent receipt that does not define sensitive personal information categories and is not used for compliance with out specific and explicit reference to laws and scope.

| Scope | scope name | PI Category | PI Purpose | PI Preference | Permission | Data Type | Example Data Input | Scope Description | Scope Purpose | Linked | | --- | --- | --- | --- | --- | --- | --- | --- | -- | -- | | Technical/Legal | withdraw consent | marketing | 3rd party sharing | YES | {purpose preference string} | data@subject.com, consent id, principal ID, purpose preference, terminate | technical scope | to terminate consent preference | linked to preference in profile |

# JSON Demonstrator: (editors note: normative for MVCR ALPHA V0.7 ) - update required) JSON example used for testing and developing conformance v0.7 to v0.8

The receipt has the Consent Type field, which can be externally defined, but, is defined by default as: 'Implied', 'Explicit', 'Opt-Out', 'Externally defined Consent Type'.

On Behalf - is used to delegate data controller and or data processing, which maps to the UK's as acting on behalf of the data controller, a third party analytics service would be a processor on behalf of the controller. When the site operator is acting on behalf of the Data Controller

The v0.8 draft is a MVCR specification candidate - this draft version is for peer review and not meant for distribution.

(move to appendix a) As a result, iterative changes or consent preferences can be developed and collected and managed on consent transaction level and with consent based change management, as long as it is linked to the original consent and iteratively logged.

Conformance terms To achieve conformance for a particular consent context, the MUST, SHOULD, and OPTIONAL fields extend to accommodate method of collection.

Sensitive PI Categories can be further utilized by linking authoritative requirements to the receipt in a way that can be proportionally validated to context. Providing a context mechanism for trust elevation that can be effectively programed by policy. ( editors note) Which is an inherent requirement for IOT i.e. video surveillance and trust.

Consent Receipt (CR) A record of a personal information consent transaction provided to the PI Principle at the time of Consent.

The extensions for conformance to laws and to explicit consent are at various levels of spec review and testing by the WG. (see conformance table Appendix A)

Context of Use Organisations should evaluate the context of use to provide the purpose for which the PI is collected, stored, used, processed, disclosed, or disseminated. The context of use may cause the same PI data elements to be assigned different PII confidentiality impact levels based on their use. For example, suppose that an organization has two lists that contain the same PI fields (e.g., name, address, phone number). The first list is people who subscribe to a general-interest newsletter produced by the organization, and the second list is people who work undercover in law enforcement. If the confidentiality of the lists is breached, the potential impacts to the affected individuals and to the organization are significantly different for each list.

The consent receipt can further be extended with a jurisdictional notice and consent field profile that links to compliance requirements. (See 6.4 Compliant) (note: can be delegated by the PI Controller or to 3rd party trust frameworks. using the link)

The numbering system usually identifies the construction, basic size, thread type (male/female – left/right hand) and whether imperial (inch), or metric (mm).

Note: The receipt MUST be selected as explicit consent, as well as determine the functional notice and consent requirements to be compliant. These can then be used to specify the such the 'other' field MUST NOT be present when the explicit consent type is selected. Requirements are supplied by jurisdiction and industry and is out-of-scope of the MVCR implied consent receipt specification.)

A consent receipt is used as a framework to bind policy to privacy controls (i.e. Do Not Track) that people can themselves administer. Operationally useful to technically address multiple Fair Information Practice Principles and likewise map PII management to ISO 29100 privacy framework.

Consent Notice Refers to a notice that is required to inform the consentor what they are consenting too, without it consent is not possible, the quality and usability of the consent notice is what is often used to classify if a consent is legally informed or not, but this varies by jurisdiction context and interpretation. Consent notices can vary from icons, short notices, direct communication, visceral notice and most often online a policy like terms of service and privacy policy.

Sensitive Personal Information (PI) Categories All Sensitive Information Categories require Explicit Consent Out of scope of the MVCR - See 6.5. Explicit Consent

PI PRINCIPAL (duplicate review) refers to the personal data shared by a person to an organisation for which the individual provides consent for PI use. See PII Principal in in ISO/IEC 29100:2011, also data subject (EC directive), consenter, PII PRINCIPLE in NIST 800, this refers to person providing their own personal information.

ISO/IEC 29100:2011 is applicable to natural persons and organizations involved in specifying, procuring, architecting, designing, developing, testing, maintaining, administering, and operating information and communication technology systems or services where privacy controls are required for the processing of PII."

Viable, in this scope, means a record of consent that can be retained and used separately by both issuer (PI Controller) and recipient (PI Principal) as proof of consent.

Sensitive Data Y/N This is a yes/no question: can be used for MVCR but for non-explicit consent only - which mean its not used for explicit or compliant MVCR's, in this context the "other" field is used to specify sensitivity.

This document is subject to the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable and Non-discriminatory (RAND)HTML version

The MVCR inherently provides proof of consent and enough notice to communicate about consent, in order for a receipt to be valid.

OPT-OUT Consent An example of 3 types of consent currently defined. Opt-Out is implied consent mechanism online that is used for an array of purpose specifications.

4.4 APPENDIX D

Explicit Consent Refers to explicit action taken by users in which consent is expressed, but, it is also in reference to explicitly stated purpose. I.e. A box was ticked, or an 'I agree' button pressed in relation to listed purpose or purpose category. In this specification, explicit elements can be extended i.e. by an explicit reference to authoritative policy and operational scope.

| - MUST - | - PI Controller, Core Purpose, Link to PP, Proportional Contact, Date & Time, Sensitive Y/N, Sharing Y/N, Principal ID | | SHOULD | - Jurisdiction, Consent Type, Collection Method, Service Name, Purpose Category, Purpose Termination, Sensitive Information y/n, 3rd Party Sharing y/n | | OPTIONAL | PI Categories, Purpose Preference, Confidentiality Level, Sharing Purpose, Sharing Contract, Sharing, Scope(s) | MAY | | MUST NOT | Sensitive Personal Information Categories |

(not usable for MINIMUM MVCR) Sharing sensitive personal information, is actively regulated and requires explicit consent by all OECD FIPPs based regulations, and for trade of information and technology between jurisdictions. Use of this field is subject to regulatory requirements. (Notes: This field provides the normative baseline for binding practice to laws and standards within an Open Consent. This category is specified, but also flexible so that it can expand to authoritative decisions about new categories and the definition of existing category, like the GDPR which requires consent to be both : “explicit” and evidenced by “a statement or by a clear affirmative action” ref GDPR - Doc )

EXPRESS Consent Refers to the context of a PI Principal making an unambigous agreement to consent. It is conceivable, in the context of this specification, that a consent can be expressed and contain explicit consent references to also be compliant (see council of Europe 5.4.4 https://goo.gl/JGPX2Y)

捷克 移民 局

Example, UK : "Sensitive personal data" in the UK, is a bit different. Sensitive PI Categories (Use only for Explicit Consent: used in MVCR for creating compliance claims)

Explicit Consent Reference Is best described as a directly linked field to a function, law, or authoritative policy ; consent regulation, privacy principles, other consent standards, or industry best practices.

Explicit Purpose: A term used to reference how a purpose is specified, each purpose is contained in a purppose category and is explicit if it conincides with a consent for that specific purpose category. i.e. a single purpose with a single check box.

Without providing details about what is sensitive, the basic consent receipt has a low risk of liability and provides enhanced consent once implemented. The Basic MVCR V.1 is not meant to be used for regulatory compliance.

The following table sets out the fields contained in a JWT that meets the information requirements for a Minimum Viable Consent Receipt.

This scope includes how to present the receipt fields in a receipt, the timing of the record, linking fields to external information, how to present the record fields, the data_type and order of fields.

(put in table here mapping elements of MVCR Spec to ISO 29100) (ref- FIPPs and (ISO Principles - "Openness, transparency, notice") and Consent (ISO Principle 1 - "Consent and Choice") are fundamental privacy principles, addressed with this specification. (editors note: - how should this be referenced and linked? )

Terminology herein leverages where possible, ISO/IEC 29100:2011 "Information Technology -- Security techniques -- Privacy Framework".

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.

Statewide Linear Bearings have a large range of metric series rod ends that include various liners and load capabilities.

v0.8 (this draft) meets the requirement of providing a BASIC MVCR, while also enabling the development a consistent 'consent framework' for personal data control.

Image

The purpose of this section is to set out administrative fields for the consent transaction. This section contains the following fields:

The purpose of this section is to provide the PII Subject with information about how their information is shared with third parties. In the MVCR this is a Y/N (binary on and off) flag, and if On, then the 3rd parties can be specified, using purpose and at the minimum the purpose categories for the sharing of PI.

| - MUST - | - Consent Type, Collection Method, Service Name, Purpose Category, PI Controller, Core Purpose, Link to PP, Proportional Contact, Date & Time, Sensitive Y/N, Sharing Y/N, Principal ID, Sensitive Information y/n, 3rd Party Sharing y/n | | SHOULD | - Jurisdiction, Purpose Termination, | | OPTIONAL | Sensitive PI, PI Categories, Purpose Preference, Confidentiality Level, Sharing Purpose, Sharing Contract, Sharing, Scope(s) | MAY | | MUST NOT | Sensitive Personal Information Categories |

This section specifies personal information categories, attributes, PI confidentiality level, PI Sensitivity for the purpose of explicit personal data tracking. (Note: Sensitive Information Category is used for Compliance Specification)

3rd Party Sharing A statement or series of statements that set out what information is shared with third parties and for what purpose(s).

Not IN Scope The General MVCR conformance profile is intended to provide flexibility for implementation and easier adoption by not having the burden of legal compliance obligations for the implementor. The MVCR v1 is not to be used for specifying sensitive personal data and compliance claims besides proof of consent.

A demonstration version of the MVCR can be found on the Example Consent Receipt Generator (CRG) page. The example site also contains API documentation. This server contains a consent receipt generation API. The API consists of a single endpoint at http://www.consentreceipt.org/mvcr/api. This endpoint accepts HTTP POST requests with input in the form of JSON (application/json) documents and returns output in the form of a signed JSON Web Token (application/jwt). The example site consists of two pages:

| Service | Third Party | Sharing Purpose | Sharing Purpose Category | Explanation | | ------ | ------ | :------: | :------: | | Tax Assist | taxassist.com | tax filing | Financial PI | to submit taxes | for pi_attributes | | Financial | Tax Authority | Required by Law Enforcement or Government | Financial institution required to disclose personal financial information for tax purposes | | Marketing Accountant Services | Accountant Network | Contact Details | Marketing Third Parties - Ad supported web site |

Rod ends are available in right or left hand thread, male or female design. Shank (thread) and eye (bore) diameters listed apply to most types in the tables. Spherical bearings are also listed. Other dimensions/size ranges/liner types may vary between manufacturers.

This specification identifies the common consent requirements to record and provision an independent record of consent in the form of a receipt to the individual.

For general use on websites for existing consent: legacy website based consent, context can vary widely depending on the METHOD of Collection and the sensitivity of the PI the MVCR encorporates the minimum MVCR requirements and adds additonal MUST requirements.

The API takes in a JSON document describing the consent transaction for which the receipt is to be generated. This object includes artifacts such as the presiding jurisdiction for the consent action, an identifier for the party consenting. The output of the API is a signed JSON Web Token (JWT) whose payload consists of all of the input data as well as several additional fields. The output JWT is signed by the server using the RS256 algorithm defined in JSON Web Signatures. The server's public key is published in JSON Web Key format at: http://www.consentreceipt.org/api

Image

The Consent Receipt Generator Input Example and Receipt Rendering page at which users can experiment with inputs and see the corresponding output. This may be used to help develop implementations and see how the consent receipt code is working. The code for this page can be found at https://github.com/bspk/cr_web.

Linked In this specification, this means that there is a field that linked to an external source, icon, and or reference structure.

Contact information used should be proportional to the method of collection and context. All contact infomratin should be verifiable at the point of reciept provision

field is optional, unless for compliance then it is required and linked to authoritative notice, references, and scopes - these are further specified by jurisdictional legislation, terminology. Even so, there are common sensitive data categories for personal information which are enforceable, listed here; The listing of a sensitive data category in this field indicates that this receipt links to requirements for binding compliance claims. TBF post v0.8 draft )

Table to map notice compliance requirements to specific consent legislation/policies/best practices, used to support the compliance claims made by the consent receipt.

Image

| Personal Data | Sensitive Data | Jurisdiction | - Policy (law, best practice, standard) - | Notice Requirements - | Description (list of notice elements to describing how these notice requirements are met) | List of Scopes operationally required to make compliant | Linked (can be to a third party icon)| | -- | -- | --| --| -- | -- | --| | medical records | Health | UK | DPA | Register at Data Controller Registry; include criminal records as sensitive data, map PI to data subject, | notice for use, store Encrypted, log access, | -- | --|

The list below contains a list of purposes for which Personally Identifiable Information (PII) has been collected, based on input from subject matter experts. This list is neither normative, in that none of these are required purposes in any given context, nor complete, in that each purpose for each collection by each entity is contextually specific. This list is provided for convenience and demonstration purposes. It is the case that in many jurisdictions, the entity collecting PII for identified primary purposes may not use that same information without the consent of the PII Subject for secondary purposes, unless required to do so by law, and it is the case that the PII Subject should be able to deny consent for secondary purposes while still receiving core functions from the site, application or service.

The term 'minimum' in the MVCR refers to the least amount of fields required to make a viable consent receipt for a number of different contexts;

Minimum Viable Consent Receipt (MVCR) Is a record of consent provided to the person providing consent for personal information sharing as a receipt.

These are the data attributes that are combined to create a category or data set. i.e. first and last name of PII Principal, = Name. PI Attributed can further be defined by permission, i.e. restricted access, read only, do not share, do not track, etc.