Privacy Profile: Difference between revisions

From IDESG Wiki
Jump to navigation Jump to search
Line 10: Line 10:


==Solutions==
==Solutions==
 
# Users can [[Authentication|Authenticate]] in a manner that gives a [[Relying Party]] a consistent [[Identifier]] that can be sued from session to session without the need for sharing any [[User Private Information]].
# To be fully compliant with the various [[Privacy]] legislation like the [[GDPR]] or the California legislation the [[Relying Party]] may first require that the user establish a channel back to the user for the performance of required [[Redress]] and [[Recovery]] operations.
# Only then should the [[Relying Party]] be in a position to request additional [[Attribute]]s from the [[User]].


==References==
==References==

Revision as of 22:20, 8 January 2019

Full Title or Meme

A profile of a possible Privacy configuration as communicated from a Relying Party to a User.


Preconditions

  • The primary use case for this profile is a user navigating to the web site of a Relying Party and deciding whether to share private information with that web site.

Problems

Solutions

  1. Users can Authenticate in a manner that gives a Relying Party a consistent Identifier that can be sued from session to session without the need for sharing any User Private Information.
  2. To be fully compliant with the various Privacy legislation like the GDPR or the California legislation the Relying Party may first require that the user establish a channel back to the user for the performance of required Redress and Recovery operations.
  3. Only then should the Relying Party be in a position to request additional Attributes from the User.

References