Privacy Profile: Difference between revisions

Revision as of 00:04, 22 April 2020

A profile of a possible Privacy configuration as communicated from a Relying Party to a User.

The OECD privacy guidelines have some good defintions and principles.

"data controller" means a party who, according to domestic law, is competent to decide about the contents and use of personal data regardless of whether or not such data are collected, stored, processed or disseminated by that party or by an agent on its behalf;
"personal data" means any information relating to an identified or identifiable individual (data subject);
"transborder flows of personal data" means movements of personal data across [jurisdictional] borders.

Collection Limitation Principle = There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.
Data Quality Principle = Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.
Purpose Specification Principle =The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use limited to the fulfilment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose.
Use Limitation Principle = Personal data should not be disclosed, made available or otherwise used for purposes other than those specified in accordance with [the purpose] except:
1. with the consent of the data subject; or
2. by the authority of law.

The primary use case for this profile is a user navigating to the web site of a Relying Party and deciding whether to share private information with that web site.

Users can Authenticate in a manner that gives a Relying Party a consistent Identifier that can be sued from session to session without the need for sharing any User Private Information.
To be fully compliant with the various Privacy legislation like the GDPR or the California legislation the Relying Party may first require that the user establish a channel back to the user for the performance of required Redress and Recovery operations.
Only then should the Relying Party be in a position to request additional Attributes from the User.

@@ Line 11: / Line 11: @@
 # Data Quality Principle = Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.
 # Purpose Specification Principle =The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use limited to the fulfilment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose.
-#Use Limitation Principle = Personal data should not be disclosed, made available or otherwise used for purposes other than those specified in accordance with Paragraph 9 except:
+#Use Limitation Principle = Personal data should not be disclosed, made available or otherwise used for purposes other than those specified in accordance with [the purpose] except:
 ## with the consent of the data subject; or
 ## by the authority of law.