Established 2026  ·  England and Wales

Open Proof
Standards Foundation

OPSF  ·  opsf.org

The independent not-for-profit governing body for machine-readable proof and data obligation standards.

Proof Claims Token specification v0.1 now published  ·  Public comment period open until 30 June 2026

About the Foundation

The Open Proof Standards Foundation exists to develop, steward, and promote open standards that enable proof and data protection obligations to be expressed, enforced, and evidenced in machine-readable form.

Proof compliance has reached an inflection point. Regulators are no longer accepting documentation as evidence of compliance. They are asking whether obligations are operationally effective, enforceable at the data level, and evidenced in real time. The OPSF provides the infrastructure to make that possible — as a genuinely independent, practitioner-led, not-for-profit body.

What we do
01

Steward the Standard

We govern the Proof Claims Token specification — an open standard for portable, cryptographically signed, machine-readable data obligation tokens.

02

Certify Practitioners

We oversee the PCT practitioner certification programme, establishing the professional credential for those who implement the standard.

03

Build the Community

We convene the practitioners, lawyers, and technologists who contribute to the standard and advance the profession's understanding of machine-readable compliance.

The Standard

The Proof Claims Token

The PCT is a signed, portable token that attaches to data and travels with it through every system that handles it, carrying the legal and regulatory obligations that govern how that data may be processed, transferred, and used.

When a system attempts to process data, it verifies the PCT first. When a transfer would violate a jurisdictional restriction, the system blocks it. When an audit record is needed, the token provides a tamper-evident basis for it automatically.

Read the specification View specification on GitHub

Current coverage

  • GDPR and UK GDPR
  • EU Artificial Intelligence Act
  • HIPAA (US Healthcare)
  • DORA (EU Financial Services)
  • PECR (UK Electronic Communications)
  • UK Data Use and Access Act

v0.2 draft adds 60+ jurisdictions including CCPA, LGPD, India DPDP Act, PIPL, POPIA, and frameworks across Asia Pacific, Middle East, Africa, and Latin America.

Comment period open  ·  Closes 30 June 2026

Help shape the standard

We are inviting proof professionals, lawyers, and practitioners to review the specification and tell us what we have got right, what we have got wrong, and what is missing. No technical knowledge required.

Read the specification Submit your review
Founding Membership

Be part of governing this standard

The OPSF is governed by the organisations whose data pipelines, cloud environments, and AI systems implement it — not by the vendors that sell to them. We are currently constituting our founding membership.

Founding Members hold guaranteed board seats, shape the certification criteria, and have their names permanently associated with establishing the standard that will govern machine-readable compliance globally.

Enquire about Founding Membership
Where we are
Complete

PCT specification v0.1 published

Core standard covering GDPR, UK GDPR, EU AI Act, HIPAA, DORA, PECR, and UK DUAA published on GitHub under Creative Commons licence.

Complete

opsf.org domain secured

The Open Proof Standards Foundation registered and domain secured.

In progress

Founding member conversations

Invitations extended to a select group of enterprise organisations, legal practitioners, and independent experts.

In progress

PCT v0.2 draft open for review

Extension namespaces covering 60+ jurisdictions open for practitioner review until 30 June 2026.

Forthcoming

OPSF formally constituted

Registration as a Charitable Incorporated Organisation in England and Wales.

Forthcoming

PCT certification programme launch

Practitioner accreditation and implementation conformance certification programmes to launch alongside PCT v0.2.