Privacy Profile: Difference between revisions
Jump to navigation
Jump to search
Line 16: | Line 16: | ||
==Preconditions== | ==Preconditions== | ||
* The primary use case for this profile is a user navigating to the web site of a [[Relying Party]] and deciding whether to share | * The primary use case for this profile is a user navigating to the web site of a [[Relying Party]] and deciding whether to share personal information with that website. | ||
==Problems== | ==Problems== |
Revision as of 00:06, 22 April 2020
Full Title or Meme
A profile of a possible Privacy configuration as communicated from a Relying Party to a User.
Context
The OECD privacy guidelines have some good defintions and principles.
- OECD definitions:
- "data controller" means a party who, according to domestic law, is competent to decide about the contents and use of personal data regardless of whether or not such data are collected, stored, processed or disseminated by that party or by an agent on its behalf;
- "personal data" means any information relating to an identified or identifiable individual (data subject);
- "transborder flows of personal data" means movements of personal data across [jurisdictional] borders.
- PART TWO. BASIC PRINCIPLES OF NATIONAL APPLICATION
- Collection Limitation Principle = There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.
- Data Quality Principle = Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.
- Purpose Specification Principle =The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use limited to the fulfilment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose.
- Use Limitation Principle = Personal data should not be disclosed, made available or otherwise used for purposes other than those specified in accordance with [the purpose] except:
- with the consent of the data subject; or
- by the authority of law.
Preconditions
- The primary use case for this profile is a user navigating to the web site of a Relying Party and deciding whether to share personal information with that website.
Problems
Solutions
- Users can Authenticate in a manner that gives a Relying Party a consistent Identifier that can be sued from session to session without the need for sharing any User Private Information.
- To be fully compliant with the various Privacy legislation like the GDPR or the California legislation the Relying Party may first require that the user establish a channel back to the user for the performance of required Redress and Recovery operations.
- Only then should the Relying Party be in a position to request additional Attributes from the User.