Privacy Req 2
<< Back to Baseline Functional Requirements Index
PRIVACY-2. PURPOSE LIMITATION
Entities MUST limit the use of personal information that is collected, used, transmitted, or stored to the specified purposes of that transaction. Persistent records of contracts, assurances, consent, or legal authority MUST be established by entities collecting, generating, using, transmitting, or storing personal information, so that the information consistently is used in the same manner originally specified and permitted.
Regarding "personal information", see Appendix A. Entities should also assure that their data controls reliably apply these limitations to their future actions.
See also Requirement PRIVACY-1 (DATA MINIMIZATION) on the application of limitations to, and scope of, individual transactions and data exchanges.
Please note the applicability of best practice INTEROP-BP-G (RECOMMENDED LEGAL COMPLIANCE) regarding limitations imposed by laws. Please note the applicability of best practice INTEROP-BP-F (RECOMMENDED FEDERATION COMPLIANCE) and Requirement INTEROP-6 (THIRD-PARTY COMPLIANCE) regarding limitations arising from the involvement of THIRD-PARTIES such as intermediaries, similar service providers, or FEDERATIONS.
See the IDESG Functional Model for definition of Transaction Intermediation for the scope of “intermediaries.” The functional model describes Transaction Intermediation as “Processes and procedures that limit linkages between transactions and facilitate credential portability. This includes functions defined as “Blinding,” “Pseudonymization/Anonymization,” and “Exchange.”
See also Privacy Req 2 Supplemental Guidance.
Further reference materials to aid organizations interested in conforming to these Requirements can be found at the wiki page Supplemental Privacy Guidance; this has been archived at https://workspace.idesg.org/kws/public/download.php/56/Supplemental-Privacy-Guidance.docx