Technical Approaches to Consent Management and Dynamic Access Management: Ping Identity

1 Introduction

The need to acquire consent from users for the use of their personal information has grown in recent years due to the passage of privacy regulations i ...

2 Highlights

• New regulations in many jurisdictions are improving consumer and personal privacy
• Organizations found to be in regulatory non-compliance may incur ...

3 The regulatory environment driving consent management

A number of regulations across the globe are forcing enterprises of varying types to evaluate and implement digital solutions for collecting and manag ...

3.1 The General Data Protection Regulation (GDPR)

The GDPR is perhaps the most well-known of the data privacy regulations around the globe. It has been applicable to organizations serving data subject ...

3.2 The California Consumer Protection Act (CCPA) and other US regulations

The California Consumer Protection Act is the major legislation in the United States that addresses online data privacy. The CalOPPA of the Business a ...

3.3 The Personal Information Protection and Electronic Documents Act (PIPEDA)

Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and came fully into force January 1, 2004. Its goal is to set up gove ...

4 How CIAM and Consent & Privacy Management solutions address these requirements

CIAM solutions are in common use by many organizations today. While originally designed to improve consumer experiences across all channels and facili ...

4.1 CIAM solutions for consent management

Consumer user interfaces are not specified in these regulations, but they are a key features of most CIAM and privacy and consent management solutions ...

4.2 Consumer-hosted consent store

Many business websites have UIs that fragment privacy management into steps: initial consent-giving in one format and location, updates or exercising ...

4.3 Privacy and consent management solution-hosted consent store

Privacy and Consent management solutions are available today. Their scopes are generally limited to a single enterprise, but they can excel in driving ...

4.4 Consent receipt with the Kantara Initiative and IAB Transparency and Consent Framework (TCF)

As implied in the above-described regulations, consent that is collected must be enforced throughout the organization and along the digital value chai ...

4.5 Kantara Initiative User-Managed Access (UMA)

The User-Managed Access (UMA) recommendation is made up of UMA2 Grant and UMA2 Federated Authorization specifications from the Kantara Initiative and ...

5 Use cases driving delegated access management

Delegated access management is a satisfactory and common model that CIAM and CPM solution vendors employ to address consent collection and management. ...

5.1 Use Cases in Banking

Each individual's financial actions are fraught with many different relationships, levels of trust, and the need to view the individual's personal dat ...

5.2 Use Cases in Retail

In a retail context, there are also many opportunities for delegated access management to support privacy and consent management.

In a User-to-User ...

6 The Ping Identity delegated access approach for consent management

Ping Identity offers a set of tightly integrated components that work together as a logically centralized delegated access control mechanism that can ...

7 Action plan for architecting consent and delegated access management

Consent management has become a core requirement for most organizations operating consumer facing businesses and non-profits, as well as government ag ...

8 Related Research

Leadership Compass: Privacy and Consent Management - 80199
Leadership Compass: Consumer Authentication - 80061
Leadership Compass: Identity API Platforms - 79012
Leadership Compass: Access Management and Federation – 71147