Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement a Future-Proof Dynamic, Geolocation-Based User Consent Mechanism Compliant with Global Privacy Regulations #84

Closed
nickvenezia opened this issue Oct 29, 2023 · 1 comment
Closed

Implement a Future-Proof Dynamic, Geolocation-Based User Consent Mechanism Compliant with Global Privacy Regulations #84

nickvenezia opened this issue Oct 29, 2023 · 1 comment

Comments

@nickvenezia
Copy link

nickvenezia commented Oct 29, 2023
edited

Implement a Future-Proof Dynamic, Geolocation-Based User Consent & Measurement Mechanism Compliant with Global Privacy Regulations

Objective:

The goal is to create a compliant framework for user consent that dynamically adapts to privacy regulations based on user geolocation. This solution should integrate seamlessly with existing security schemas.

Rationale:

As privacy laws evolve globally, it’s imperative that our system remains flexible enough to adapt to new requirements on a country-by-country and state-by-state basis. Implementing a robust, foundational layer now will mitigate the risk of accruing technical and compliance issues in the future.

Technical Specifications:

•	Integration: The solution should integrate smoothly with our existing security schema without causing disruptions or requiring significant modifications.
•	Standardization: Focus on standardizing the scopes of consent in a manner consistent with industry best practices.
•	OpenID Connect: Incorporate “user-consent” as an additional security scheme within OpenID Connect, aligned with current community guidelines and recommendations.

Deliverables:

1.	Architectural design document detailing the mechanism for dynamic consent adaptation.
2.	Code implementation of the new user consent framework.
3.	Test cases to ensure robustness and compliance with various privacy laws.
4.	Documentation on how to integrate the new consent mechanism into existing systems.

Success Metrics:

•	High adaptability to new privacy regulations without requiring code changes.
•	Zero compliance issues in a span of 12 months post-implementation.
•	Seamless integration with existing security schemas.

Timeline:

•	Architectural Design: 2 Weeks
•	Development: 6 Weeks
•	Testing and QA: 3 Weeks
•	Documentation and Roll-out: 1 Week

Ask
We’re looking for contributions and feedback to make this initiative successful. Thank you for your engagement and support.
@hdamker
Copy link
Collaborator

hdamker commented Nov 16, 2023

@nickvenezia as discussed within TSC Nov 16th this issue will be transfered to https://github.com/camaraproject/IdentityAndConsentManagement/ as you are already in discussion with them.

@hdamker hdamker transferred this issue from camaraproject/Governance Nov 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@AxelNennker @hdamker @nickvenezia