Kantara Initiative Releases the First Open, Global Consent Receipt Specification; Meets GDPR Requirements, Free For Download
Kantara Initiative released today the first open, global consent receipt specification for use with the European Union's (EU) General Data Protection Regulation (GDPR). Kantara's Consent Receipt 1.0 (CR 1.0) allows businesses dealing with EU-based companies to demonstrate they meet the notice requirements of GDPR scheduled to be enforced on May 25, 2018. The specification is available today and free for download.
Kantara's CR 1.0 specification provides a common standard digital format for providing a record to consumers about privacy and what people have consented to. The creation and implementation of this standardized format will promote consistent, machine and human understandable consent practices, support consent management interoperability between systems internationally and enable proof of scalable consent.
In addition, Planning is well advanced for the first GDPR-ready consent receipt overlays for Verified Parental Consent and Advertising Technology. Future consent receipt specification updates will include these and subsequent GDPR-ready overlays in Kantara's newly created Consent Management Best Practices Work Group launching soon.
"Until CR 1.0 there was no effective privacy standard or requirement for recording consent in a common format and providing people with a receipt they can reuse for data rights. Individuals could not track their consents or monitor how their information was processed or know who to hold accountable in the event of a breach of their privacy," said Colin Walis, executive director, Kantara Initiative. "CR 1.0 changes the game. A consent receipt promises to put the power back into the hands of the individual and, together with its supporting API -- the consent receipt generator -- is an innovative mechanism for businesses to comply with upcoming GDPR requirements. For the first time individuals and organizations will be able to maintain and manage permissions for personal data."
About Consent Receipts And GDPR
Kantara's CR 1.0 is the first of a series of specifications planned for release by Kantara this year that go beyond the consent requirements of GDPR. GDPR harmonizes data privacy laws across Europe to protect and empower all EU citizens' data privacy and to reshape the way organizations across the region approach data privacy. Organizations doing business in the EU will be required to follow GDPR rules and regulations.
About Kantara Initiative
Follow Kantara Initiative on Twitter -- @KantaraNews