Privacy Req 4

From IDESG Wiki
Jump to: navigation, search

<< Back to Baseline Functional Requirements Index

PRIVACY-4. CREDENTIAL LIMITATION

Entities MUST NOT request USERS’ credentials unless necessary for the transaction and then only as appropriate to the risk associated with the transaction or to the risks to the parties associated with the transaction.

SUPPLEMENTAL GUIDANCE

Intermediaries may not have a direct relationship with individuals who move through their systems, but should facilitate endpoints' ability to conform to this Requirement.

See the IDESG Functional Model for definition of Transaction Intermediation for the scope of “intermediaries.” The functional model describes Transaction Intermediation as “Processes and procedures that limit linkages between transactions and facilitate credential portability." This includes functions defined as “Blinding,” “Psuedonymization/Anonymization,” and “Exchange.”

See Requirements PRIVACY-1 (DATA MINIMIZATION) and PRIVACY-2 (PURPOSE LIMITATION) on the application of limitations to, and scope of, individual transactions and data exchanges.

See also Privacy Req 4 Supplemental Guidance.

REFERENCES

Further reference materials to aid organizations interested in conforming to these Requirements can be found at the wiki page Supplemental Privacy Guidance; this has been archived at https://workspace.idesg.org/kws/public/download.php/56/Supplemental-Privacy-Guidance.docx

APPLIES TO ACTIVITIES

REGISTRATION, CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION

KEYWORDS

CREDENTIAL, IDENTIFIER, LIMITATION, PRIVACY, PURPOSE, RISK



Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |