Consented and Time-Bounded Authority Delegation
Authority is not imposed: it is delegated, the delegate accepts it, and it expires on its own.
Framework / standard: ISO/IEC 38505-1 (Authority) · GDPR Art. 5(2)
Governance authority should not be imposed without the responsible person knowing. In Linedat a delegation is consented to by the delegate, time-bounded and revocable, with a full audit trail.
Consented and time-bounded
The delegator creates the delegation with a validity window; the delegate must explicitly accept it (pending → accepted). It is only effective if it has been accepted, not revoked and is within the window. It defends against the classic "I did not know I was responsible".
Revocable and audited
The delegation can be revoked at any time, with a record of who, when and why. The full lifecycle is audited.
The limits (what we do not claim)
V1 is a consented, audited record, NOT a runtime permission grant: domain access control does not yet consult delegations (follow-up). The "effective/pending" predicates are evaluated at read time, not persisted.
How Linedat helps
Linedat makes authority delegation a consented, time-bounded and traceable act — defensible before a regulator, not a silent assignment.
Related capabilities
Access with a typed purpose and an expiry date. Not "just because".
3-Level RBAC with Separation of DutiesThe person who operates the data is not the person who governs it. By design.
Governance Committees with Traceable EvidenceThe committee does not decide in a Word document: it decides with evidence linked to the data.
