The ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) recently published the ISO/IEC TS 27560:2023 technical specification on consent record information structure. The specification aims to assist organisations in managing records of consent regarding the processing of personal data and to provide this information to concerned individuals in the form of a novel idea called ‘Consent Receipts’. Where ‘consent records’ have been required to be maintained by organisations to comply with regulations such as GDPR, ‘consent receipts’ will provide transparency and accountability by providing information back to individuals in a manner similar to how customers receive a receipt after paying a bill.
ADAPT academic and Assistant Professor at the School of Computing at DCU, Dr. Harshvardhan J. Pandit, has had an active role in the development of this specification through the National Standards Authority of Ireland (NSAI). Dr. Pandit has played a pivotal role in aligning the specification with Irish and European regulations, specifically GDPR, and assisting with providing technical guidance for its implementation. Specifically, ISO/IEC 27560:2023 features an example using the Data Privacy Vocabulary (DPV) of which Dr.Pandit is the lead author. Dr. Pandit’s contributions were based on his PhD, which he completed in 2020 within the ADAPT Centre at Trinity College Dublin, and from the outputs of his IRC Government of Ireland Postdoctoral Scholarship.
Dr. Pandit and the ADAPT Centre welcome further discussions and collaborations on the continued development of this work.
Further References:
3. Consent Through the Lens of Semantics: State of the Art Survey and Best Practices (2021) https://doi.org/10.3233/SW-210438 – Kurteva, Chhetri, Pandit, and Fensel