ANCHORED CONSENT RECEIPTS

Anchored Consent Receipts

A signed receipt for every consent event in a data subject's lifecycle — given, modified, or withdrawn. Three wire types cover the full consent lifecycle, including the Art. 7(3) right of withdrawal that auditors most often flag in CMP outputs.

ACR · Shipped3 wire typesApache-2.0 · CC0 spec
← All familiesVerify a receipt →

WIRE TYPES

ar.consent.v1

Records consent given by a data subject, binding a lawful basis, purpose set, and processing scope to a cryptographic commitment. The receipt the subject can independently verify existed before any processing began.

ar.modification.v1

Records a change in consent scope or purpose. The modification chain links back to the original consent receipt via the envelope's prev field — auditors can walk the full history.

ar.withdrawal.v1

Records consent withdrawn under GDPR Art. 7(3). Flips the predecessor consent's Status List bit to revoked — any future verification of the original consent shows it has been superseded.

WHAT IT PROVES

  • Consent was recorded before processing began (Merkle inclusion proof).
  • The consent receipt was signed by a registered issuer key (Ed25519 signature check).
  • A withdrawal or modification links to a specific prior consent receipt (prev chain walk).
  • The current status of any consent receipt — active, modified, or withdrawn (Status List 2021 lookup).

WHAT IT DOESN'T PROVE

  • The consent was freely given, specific, informed, and unambiguous (Art. 4(11) substance).
  • The data subject understood the notice presented before consenting.
  • The controller actually limited processing to the declared purpose.
  • The data subject's identity beyond a stable pseudonymous commit.

COMPOSES WITH

ACR receipts reference other family members via body-level composition pointers — verifier-coordinated, not signature-mandated.

ANRAnchored Notice Receipts

ACR proves informed consent by referencing the ANR receipt for the notice the subject saw. Mandatory on v1.2+ ACR issuers.

ARRAnchored Retention Receipts

A consent withdrawal may trigger an ARR erasure event — the ARR trigger_receipt field anchors the 30-day Art. 12(3) window.

Verify any
ACR receipt.

verify.dekimu.com ↗

Paste any claim ID to verify a receipt, check its anchor, and inspect the issuer signature.

REFERENCES

GDPR Art. 7 — Conditions for consent (EUR-Lex)
GDPR Art. 7(3) — Right to withdraw consent (EUR-Lex)
GDPR Art. 4(11) — Definition of consent (EUR-Lex)

Anchored Consent Receipts are cryptographic provenance and privacy-lifecycle protocols. verify.dekimu.com is a reference implementation, not a qualified trust service under Regulation (EU) No 910/2014 (eIDAS) or successor.