Topic-specific policies
ISO/IEC TS 27560


Search this site
 
ISMS templates

< Previous standard      ^ Up a level ^      Next standard >

 

ISO/IEC TS 27560:2023 — Privacy technologies — Consent record information structure
(first edition)

 

Abstract

“This document specifies an interoperable, open and extensible information structure for recording PII principals' consent to PII processing. This document provides requirements and recommendations on the use of consent receipts and consent records associated with a PII principal's PII processing consent, aiming to support the: provision of a record of the consent to the PII principal; exchange of consent information between information systems; management of the life cycle of the recorded consent.”
[Source: ISO/IEC TS 27560:2023]
 

Introduction

This Technical Specification specifies an interoperable, open and extensible information structure for recording and potentially sharing PII Principals' (data subjects') consent to data processing.

 

Scope of the standard

In addition to the specification, the standard provides requirements and recommendations on the use of consent receipts and consent records associated with a PII Principal’s data processing consent to support the:

  • Provision of a record of the consent to the PII Principal;
  • Exchange of consent information between information systems; and
  • Management of the lifecycle of the recorded consent.

The standard does not specify an exchange protocol for receipts and records, nor an exact data structure for such exchanges.

 

Content of the standard

The two main sections cover:

  1. Overview
  2. Consent record structure and consent receipt

With 8 appendices.
 

Status

The Technical Specification was published in 2023.

 

Personal comments

I have nothing to add ... other than “I have nothing to add”, which is in fact something, so I lied.

[Aside: perhaps someone would kindly explain to this confused pedant why (on TV at least) suspects repeatedly say “No comment” in police interrogations, rather than simply exercising their “right to remain silent” by not reacting to questions, statements and allegations in any way whatsoever, remaining poker-faced with the thousand-yard stare. Perhaps the answer is that those who do remain totally silent and unresponsive don’t exactly make for gripping TV footage. And I guess the police want to encourage suspects to respond, even if only by saying “No comment”, in the hope of them revealing some useful snippet of evidence.]

[Another aside: seems I did have something else to add after all. Sorry. I’ll stop now, or rather “Now in a minute” as my grandmother used to say with a twinkle in her Welsh eye (just the one).]

 

< Previous standard      ^ Up a level ^      Next standard >

Copyright © 2024 IsecT Ltd. Contact us re Intellectual Property Rights