Overview#

Privacy is the ability of an individual or group to keep their lives and personal affairs out of public view, or to control the flow of information about themselves.[3]

Privacy is distinct and separate from Security.

Privacy implies Confidentiality which implies Security and while security can exist without privacy, privacy cannot exist without security.

Privacy is sometimes related to anonymity although it is often most highly valued by people who are publicly known. Privacy can be seen as an aspect of security—one in which trade-offs between the interests of one group and another can become particularly clear vs IDM The User Dilemma

Simple Philosophies#

“right to be left alone.” - United States Supreme Court Justice Louis Brandeis

"There’s a simple philosophy around privacy — a system should only know as much about you as it needs to for that application." Nymi founder Karl Martin

"Privacy, a core American value, is not a partisan thing. Democrats fight for it and Republicans fight for it too, maybe even more. So I am very shocked that the Republican party has managed to suggest that it should be trashed; if anyone follows up on this direction, there will be a massive pushback – and there must be a massive pushback!" Tim Berners-Lee

"When it comes to privacy and accountability, people always demand the former for themselves and the latter for everyone else." -Peltaire

“the desire by each of us for physical space where we can be free of interruption, intrusion, embarrassment, or accountability and the attempt to control the time and manner of disclosures of personal information about ourselves.” - Robert Ellis Smith, editor of the Privacy Journal

Privacy Paradox#

News folks. some security folks and Regulatory

Privacy is a fundamental human right[4]#

Privacy is a fundamental human right recognized in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights and in many other international and regional treaties.

Privacy underpins human dignity and other key values such as freedom of association and freedom of speech. Privacy has become one of the most important human rights issues of the modern age.

Privacy definitions from standards and Others#

• Privacy is a state each of us enjoys to the degrees others respect it
• ISO/IEC 2382 - Freedom from intrusion into the private life or affairs of an individual when that intrusion results from undue or illegal gathering and use of data about that individual.
• ISO 7498 - The right of individuals to control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
• American Health Information Management Association (AHIMA) - The quality or state of being hidden from, or undisturbed by, the observation or activities of other persons, or freedom from unauthorized intrusion; in HealthCare-related contexts, the right of a patient to control disclosure of Protected Health Information.
• Countries like Canada -
  • (1) The claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others. Defined by uses this definition from A.F. Westin, Privacy and Freedom (1968). Basis for United States Privacy Act of 1974 (Public Law 93579; 5 U.S.C. § 552a).
  • (2) The right of an individual to live free of intrusive monitoring of their personal affairs by third parties not of their choosing.

A Taxonomy of Privacy [1]#

Daniel J. Solove, George Washington University Law School, in his paper A Taxonomy of Privacy states: Privacy is a concept in disarray. Nobody can articulate what it means. As one commentator has observed, privacy suffers from an embarrassment of meanings. Privacy is far too vague a concept to guide adjudication and lawmaking, as abstract incantations of the importance of privacy do not fare well when pitted against more concretely-stated countervailing interests.

He goes on and identifies 16 different activities that could qualify for Privacy.

The Privacy and Economics[2]#

The Economics of Privacy is an academic paper which concludes:

Personal information has both private and commercial value, and often (though not always) exploiting its commercial value entails a reduction in private utility and sometimes even in social welfare overall. Consumers have good reasons to be concerned about unauthorized commercial application of their private information. Use of individual data may subject an individual to a variety of personally costly practices, including price discrimination in retail markets, quantity discrimination in insurance and credit markets, spam, and risk of identity theft, in addition to the disutility inherent in just not knowing who knows what or how they will use it in the future. Personal data — like all information after all — is easily stored, replicated, and transferred, and regulating its acquisition and dissemination is a challenging undertaking for individuals and governments alike.

Privacy Sites#

Some Privacy Sites can help try to maintain personal Privacy

• Privacy Rights Clearinghouse
• Remove Yourself from All Background Check
• World Privacy Forum
• And a longer List

Privacy Frameworks #

• NIST Privacy Framework

Privacy Laws#

There are huge number of United States Laws and regulations.

Why do privacy "folks" feel that more Laws will help?

Here are a few LIST of Privacy Laws:

• Privacy Laws, Regulations, and more
• United States Privacy Laws
• U.S. privacy law
• Protecting Consumer Privacy
• General Data Protection Regulation

More Information#

There might be more information for this subject on one of the following:

• API Registry
• Aadhaar
• Applied Cryptography
• Attack
• Attestation
• Attribute Provider Statement
• Attribute references
• Best Practices For Unique Identifiers
• Biometric Sample Processing
• Blinding Identity Taxonomy
• Blockchain
• Bob Blakley
• Childrens Online Privacy Protection Act
• Consent Mechanism
• Consent Receipts
• Cookie
• CyLab Usable Privacy and Security Laboratory
• DNS over HTTPS
• DNT
• Dat Protocol
• Data Breach
• Data Metadata
• Data Ownership
• Data Privacy
• Decentralized Identity
• Direct Anonymous Attestation
• Enhanced Privacy ID
• FIDO Standards
• Fair Credit Reporting Act
• Fair Information Practices
• Family Educational Rights and Privacy Act
• Fast Healthcare Interoperability Resources
• Fast IDentity Online
• Financial API
• Financial-grade API
• Glossary Of LDAP And Directory Terminology
• Governance Risk Management And Compliance
• Grin
• HHSOCR
• HIPAA Covered Entity
• HIPAA Privacy Rule
• Health Insurance Portability and Accountability Act
• Hyperledger Indy
• IDM The Application Developers Dilemma
• ISO 24745
• ISO 29100
• Ian Glazer
• Identity Custodian
• Identity Ecosystem Framework
• Identity Token
• Independent Identity
• Informed Pull
• Instant Messaging
• Law Enforcement Consideration
• Loyalty Card
• MimbleWimble
• Modular Open Source Identity Platform
• Monero
• NIST Privacy Framework
• NIST.SP.800-53
• NISTIR 8062
• Next Generation Identification
• OASIS Privacy by Design Documentation for Software Engineers
• OAuth 2.0 JWT Secured Authorization Request
• Observer
• OpenPDS
• Palantir Gotham
• Patient matching
• Privacy
• Privacy And Security Conflicts
• Privacy Considerations
• Privacy Considerations Distributed Ledger Technology
• Privacy Enhancing Technologies
• Privacy Law
• Privacy Paradox
• Privacy and Economics
• Privacy by Design
• Private data
• Pseudonymous
• Reputation System
• Responsive Organizations
• Revised Uniform Fiduciary Access to Digital Assets Act
• Rich Credential
• Right to Financial Privacy Act
• SAML
• SCIM externalId
• SCIM id
• Security
• Sovrin
• Standard Disclaimer
• System for Cross-domain Identity Management
• TLS Client Authentication
• Telemarketing and Consumer Fraud and Abuse Prevention Act
• The Onion Router
• Token Binding Protocol
• Tracking Cookie
• Trust Framework
• Trust Framework Provider
• U-Prove
• Universal Declaration of Human Rights
• User-Managed Access
• Verifiable Credentials
• Web Authentication API
• Web Blog_blogentry_031118_1
• Web Blog_blogentry_071019_1
• Web Blog_blogentry_091018_1
• Web Blog_blogentry_111017_1
• Web Blog_blogentry_130518_1
• Web Blog_blogentry_190617_1
• Web Blog_blogentry_280717_1
• Web Blog_blogentry_290417_1
• Web Blog_blogentry_310717_1
• World Privacy Forum
• Zcash
• Zero Trust

---

• [#1] - A Taxonomy of Privacy - based on information obtained 2016-02-04-
• [#2] - The Economics of Privacy - based on information obtained 2016-03-08
• [#3] - Privacy - based on information obtained 2016-03-08
• [#4] - PRIVACY AND HUMAN RIGHTS - based on information obtained 2016-03-08
• [#5] - The Privacy Engineer's Manifesto: Getting from Policy to Code to QA to Value - based on information obtained 2019-10-26