Technical Specifications
Detailed technical specifications defining the protocols, data structures, and APIs that form the foundation of transparency-by-default infrastructure. These specifications enable interoperability and ensure consistent implementation across organisations and jurisdictions.
Core Standards and Protocols
The foundational specifications that define how transparency infrastructure operates at the technical level.
1
Human Consent Protocol Specification v1.0
Complete technical specification for consent exchange patterns including Anchored Notice pattern, Consent Receipt structure aligned with ISO/IEC 27560, consent token infrastructure, API endpoint definitions, data format schemas, and integration patterns for enterprise systems.
2
TPI-R Methodology Specification
Transparency Performance Indicator Report scoring and evidence collection framework. Defines four evaluation dimensions (Timing, Completeness, Access, Security), scoring methodology on -1 to +1 scale, evidence collection procedures, multi-jurisdiction legal mapping, regulatory complaint format, and alignment with ISO/IEC 29100 and Convention 108+.
3
ANCR Profile for ISO/IEC 27560
Anchored Notice and Consent Receipt profile for consent record information structure. Specifies required and optional fields, Controller-ID integration mechanisms, notice anchoring protocols, consent token generation procedures, micro-credential formats, and alignment with W3C Verifiable Credentials standards.
View Profile → | Submit to ISO December 6, 2025
API Documentation
Comprehensive API reference for Open Privacy Network infrastructure, including authentication flows, endpoint specifications, and data format standards.
Open Privacy Network API Reference
Complete API documentation covering consent management, notice retrieval, rights requests, and third-party disclosure tracking. Includes OAuth 2.0 and OpenID Connect authentication, W3C Verifiable Credentials for consent receipts, JSON-LD for machine-readable notices, and ISO/IEC 27560 structure for consent records.
Key Endpoints: GET /controller/{controller-id}/notice · POST /consent/create · GET /consent/{consent-id} · PATCH /consent/{consent-id}/revoke · GET /user/consent-history · GET /user/third-party-disclosures · POST /rights/access-request
Open-Source Tools
Production-ready open-source implementations, developer utilities, and testing infrastructure to accelerate your transparency implementation. These tools provide reference implementations of core protocols and enable rapid development and testing.
Reference Implementations
Battle-tested implementations of core protocols in multiple programming languages, ready for integration into your technology stack.
consent-receipt-py
Python library providing ISO/IEC 27560 consent receipt generation, DPO signature verification, consent token creation, and comprehensive event logging infrastructure for enterprise applications.
ancr-js
JavaScript implementation featuring Anchored Notice pattern, browser-based consent receipt handling, Controller-ID resolution, and client-side verification for web applications.
opn-java-sdk
Enterprise-grade Java SDK for OPN integration with gateway services implementation, Spring Boot integration, and JakartaEE support for large-scale deployments.
consent-gateway-go
High-performance Go implementation optimised for gateway services, real-time status synchronisation, protocol translation, and regional hub infrastructure.
Developer Tools
Essential utilities for implementing and testing transparency infrastructure during development and quality assurance phases.
- Controller-ID Generator – Generate and validate Controller-IDs with online and CLI tools
- Consent Receipt Validator – Verify ISO/IEC 27560 structure and cryptographic signatures
- Notice Structure Checker – Validate machine-readable notice completeness and regulatory compliance
- TrustMark Simulator – Test active-state signalling before production deployment
Sandbox Environment
Full OPN infrastructure for development and testing, including mock Controller Registry, test Notice Event Ledger, sandbox gateway services, validation test suites, and performance testing tools.
Conformance Test Suite
Automated testing for protocol compliance covering Anchored Notice pattern tests, consent receipt validation, API endpoint conformance, security and cryptography verification, and multi-jurisdiction compliance testing.
Download Test Suite → | GitHub →
Research Publications
Peer-reviewed research, white papers, and case studies documenting the theoretical foundations, practical implementations, and measurable impacts of transparency-by-default infrastructure. These publications provide the evidence base for policy development and organisational decision-making.
White Papers
1
Digital Transparency by Default: Privacy Model and Patterns
Comprehensive introduction to the Glass-Box Meta-Governance Model and Digital Transparency by Default framework, establishing the conceptual foundations for transparency infrastructure.
2
Consent Token Infrastructure: Market Opportunity Report
Analysis of the $200B+ digital twin and generative AI market convergence, demonstrating how consent infrastructure serves as an essential enabler for ethical AI development and deployment.
3
Consent Token Infrastructure: Social Impact Report
Comprehensive social impact analysis quantifying lives saved through improved healthcare data sharing, dementia care economics, financial inclusion benefits, AI safety improvements, and enhanced democratic participation.
4
Regulatory Capacity & Sovereignty Infrastructure
Framework for regulatory oversight at internet scale through transparency infrastructure and co-regulation models that enable effective enforcement whilst respecting organisational autonomy.
Academic Papers
Rigorous academic research establishing the technical, legal, and social foundations of transparency infrastructure.
- ANCR TPI Report for Digital Transparency – Methodology for measuring transparency performance (Kantara Initiative, 2025)
- Secondary Purpose Processing: Glass Box Model – Framework for ethical secondary use governance and AI training data provenance
- Multi-Lateral Enforcement: Commonwealth Coordination – Policy framework for coordinated enforcement across Commonwealth nations
- Glass-Boxed Governance Model: Technical Architecture – Complete technical architecture specification
Case Studies
Quebec Law 25: Collective Google Chrome Complaint
First application of TPI-R methodology for regulatory enforcement action, documenting evidence collection procedures, TPI-R scoring results, regulatory filing process, multi-jurisdictional coordination, and lessons learnt from pioneering transparency enforcement.
HABNI TrustMark Pilot: Australian Organisations
Results and learnings from early TrustMark implementation pilots with Australian organisations, demonstrating practical benefits and implementation challenges.
DPO Certification: PACC Partnership
Implementation of Digital Privacy Officer certification programme with Privacy and Access Council of Canada, establishing professional standards and accountability mechanisms.
Read Case Study →
Standards Documents
International standards, treaty frameworks, and technical specifications that provide the normative foundation for transparency infrastructure. These documents establish interoperability requirements and legal alignment across jurisdictions.
International Standards
Ratified international standards providing the technical and legal framework for privacy and consent management infrastructure.
ISO/IEC 29100: Privacy Framework
Core international security and privacy framework providing foundational concepts and architecture patterns. Available through free and open access for implementers worldwide.
ISO/IEC 27560: Consent Record Information Structure
International standard defining the data structure and required elements for consent receipts, enabling interoperable consent management across systems and jurisdictions.
Convention 108+
Modernised Council of Europe data protection convention establishing international legal requirements for privacy protection and cross-border data flows.
W3C Data Privacy Vocabulary
Standardised terminology and semantic definitions for privacy concepts, enabling machine-readable privacy policies and automated compliance verification.
W3C Verifiable Credentials
Infrastructure standard for verifiable digital claims and micro-credentials, providing the cryptographic foundation for tamper-evident consent receipts and transparency tokens.
Standards in Development
Two critical standards are currently under development by multi-stakeholder working groups, with drafts expected in January 2026 following the Task Force Sprint.
Digital Transparency Code of Conduct
Professional ethics, accountability standards, and regulatory cooperation duties for Digital Privacy Officers. Establishes professional obligations and enforcement mechanisms.
Expected: January 2026
Digital Transparency Code of Practice
Technical implementation standards, risk assessment methodologies, and transparency performance indicators for organisations deploying privacy infrastructure.
Expected: January 2026
Join Development →
Legal and Regulatory Resources
Legal frameworks, regulatory partnership documentation, and jurisdictional analysis supporting the deployment of transparency infrastructure across different legal regimes. These resources enable organisations to navigate complex multi-jurisdictional requirements whilst maintaining consistent transparency practices.
Regulatory Partnership Documents
Formal frameworks establishing collaboration between transparency infrastructure organisations and regulatory authorities worldwide.
PACC Partnership Framework
Digital Privacy Officer certification partnership with Privacy and Access Council of Canada, establishing professional standards and accountability mechanisms for privacy practitioners.
DGSI Standards Alignment
Partnership with Digital Governance Standards Institute for standards harmonisation, ensuring consistency across technical specifications and regulatory frameworks.
Australian Implementation Roadmap
Phased approach for implementing transparency infrastructure aligned with Australian Privacy Principles, developed in consultation with regulatory authorities.
UK Coordination Framework
ICO partnership and UK GDPR alignment documentation for European deployment, establishing regulatory cooperation mechanisms and compliance pathways.
Legal Analysis
Comprehensive legal research supporting multi-jurisdictional deployment of transparency infrastructure.
Convention 108+ Implementation Guide
Jurisdictional mapping and detailed implementation guidance for treaty obligations across Council of Europe member states and observer nations.
Multi-Jurisdiction Legal Mapping (Table 2)
Cross-jurisdictional legal analysis aligning GDPR, PIPEDA, Law 25, Convention 108+, and Australian Privacy Principles. Demonstrates regulatory equivalence and interoperability.
Consent Validity Requirements by Jurisdiction
Comparative analysis of what constitutes valid consent across legal frameworks, enabling organisations to implement compliant consent mechanisms for global operations.
View Analysis →
Newsletter & Updates
Stay informed about the latest developments in transparency infrastructure, including new research publications, implementation guides, standards updates, regulatory developments, and community events.
Monthly Newsletter
Comprehensive monthly digest featuring latest research findings, new implementation guides, standards development updates, regulatory news, upcoming events, and community highlights delivered directly to your inbox.
RSS Feed
Automatic updates on new resources and publications as they're released. Subscribe to receive real-time notifications about documentation, tools, and research papers.
Social Media
Follow us across social media platforms for announcements, insights, and community engagement.
LinkedIn
GDTA Group Page – Professional updates and thought leadership
Twitter
@GDTAgroup – Real-time updates and community conversations
GitHub
gdta-org – Open-source code, specifications, and technical discussions
Contact
Connect with the transparency infrastructure community for technical support, research collaboration, partnership opportunities, and media enquiries. Our team is here to support your transparency implementation journey.
Technical Support
Implementation questions, troubleshooting, and architectural guidance
Research Inquiries
Academic collaboration, research partnerships, and publication coordination
Partnership Opportunities
Explore collaboration opportunities for regulatory partnerships, technology integration, standards development, or certification programmes.
Media Requests
Journalists and media professionals seeking information about transparency infrastructure, interviews, or background briefings.
Response Time: Technical support enquiries typically receive responses within 2 business days. For urgent implementation issues, please join our Discord community for real-time assistance.