Privacy Req 1
<< Back to Baseline Functional Requirements Index
PRIVACY-1. DATA MINIMIZATION
Entities MUST limit the collection, use, transmission and storage of personal information to the minimum necessary to fulfill that transaction’s purpose and related legal requirements. Entities providing claims or attributes MUST NOT provide any more personal information than what is requested. Where feasible, IDENTITY-PROVIDERS MUST provide technical mechanisms to accommodate information requests of variable granularity, to support data minimization.
SUPPLEMENTAL GUIDANCE
Regarding "personal information," see Appendix A.
This requirement limiting the collection, use and storage will apply to every transaction where user private information is exchanged. [Entities are encouraged to address this issue by design, before run time, by limiting or applying controls or filters to classes of data.]
This requirement limiting the provisioning of personal information applies to the entire lifetime of data on the entity’s site.
The boundaries of a TRANSACTION between an entity and a user are defined during the interchange where the user is identified to the entity (for example from signin to signout of the user.) See PRIVACY-2 (PURPOSE LIMITATION).
See also Privacy Req 1 Supplemental Guidance.
REFERENCES
Further reference materials to aid organizations interested in conforming to these Requirements can be found at the wiki page Supplemental Privacy Guidance; this has been archived at https://workspace.idesg.org/kws/public/download.php/56/Supplemental-Privacy-Guidance.docx
APPLIES TO ACTIVITIES
REGISTRATION, CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION
KEYWORDS
LIMITATION, MINIMIZATION, PRIVACY, PURPOSE
Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |