!!! Overview
[{$pagename}] is information relevant or pertaining to [privacy] aspects of a given [data] value
[{$pagename}] is the [relationship] between the [Data Collection] and [data disclosure] of [data] the [Data subject]'s expectation of [privacy], [legal] and political issues surrounding them.
[{$pagename}] involves [Data Protection] but is more concerned with the [Privacy]. [{$pagename}] is complex and often must be aligned with [Legal] and/or [Regulatory compliance] in addition to an [Organizational Entity]'s [Privacy Policy]
[{$pagename}] [Legal] and/or [Regulatory compliance] are largely based on "__Fair Information Practice__" that was first developed in the [United States] in the [1970s] by the [United States Department of Health and Human Services] (HEW). The basic principles of [Data Protection] are:
* For all [data collected|Data Collection] there should be a stated purpose.
* [Data Collection] from an [individual|Natural Person] cannot be disclosed to other organizations or individuals unless specifically authorized by law or by [consent] of the individual
* Records kept on an individual should be [accurate|Data Accuracy] and up to date
* There should be mechanisms for individuals to review data about them, to ensure accuracy. This may include periodic reporting ([Data Subject Access Request])
* Data should be deleted when it is no longer needed for the stated purpose ([Data Disposal])
* Transmission of personal information to locations where "equivalent" personal [Data Protection] cannot be assured is __prohibited__
* Some [data] is too [sensitive|Sensitive Data] to be collected, unless there are extreme circumstances (e.g., sexual orientation, [religion] or other [Civil Rights])
!! [Privacy Paradox]
[{$pagename}] is difficult to do and often the [Privacy Policy] may cause [Unintended consequence]
!! Individual [Consented|Consent]
[Relying Party] may have specific [legal], policy, or business requirements regarding whether a user [consented|Consent] to the release of a specific value. This element enables organizations to meet those requirements, ensuring that they’ve gained express consent from an [Entity]. Recommended values include:
* Yes - The individual [expressly consented|Express Consent] to the release of the attribute’s value for the purposes of the transaction.
* No - The individual has not expressly consented to the release of the attribute’s value.
* Unknown - It is not known by the [Data Processor] whether or not the individual has expressly consented to release of the [Attribute Value].
!! Date Consented
In addition to requiring information around whether the individual has consented to release of the [Attribute Value], some [Relying Party]s may wish to understand when that [consent] was received. Individual sentiments towards [privacy] and specific pieces of [data] may change over time. As a result, organizations may wish to employ the date consented metadata element when leveraging an attribute value in an access or eligibility decision. [GDPR] requires a [Express Consent] [date]
!! [Acceptable Uses]
This explains to [Relying Party]s what business cases the [metadata] can be used to support according to [Privacy Policy] restrictions conveyed by the [Attribute Provider].
For [example], the [Attribute Value] might purely be useful in [authorization], determining a user's eligibility for services; alternatively, values might be eligible for use beyond the initially intended purpose, or not eligible for any further disclosure. Additionally, [organizational Entity] or [Trust Frameworks] might also create their own categories of [Acceptable Use] based on their policies.
Recommended values for this element include:
* [Authorization] - The value can be used to determine user eligibility for services or privileges and can be used to provide those services.
* Secondary Use - The value may be used for purposes beyond that for which they were initially divulged. Additional use requires separate, explicit consent from user at initiation.
* No Further [Data disclosure] - The attribute value should not be passed on to other parties for any purpose unless required by law.
!! [Cache] [Time To Live]
This [metadata] element describes the length of time which a specific [Attribute Value] may reside in [cache] memory for use again in future transactions. Due to the sensitivity of certain attributes values, this metadata element enables the parties involved to properly cache and handle the values they are sending and retrieving as part of their transactions. Unlike many of the other metadata elements in this schema, the cache time to live enables attribute providers to express requirements to the RP around the protection of the information they are delivering as part of an assertion. In some cases the time to live may be dictated by regulation or law and this information needs to be relayed to RP systems so data are handled accordingly. The more sensitive an attribute value, the shorter time it will likely be enabled to live in temporary memory. As an example, the cache time to live for something like a credit card CVV may be just a couple of seconds, whereas the cache time to live for birth date may be substantially longer — potentially hours or days.
!! [Data Retention] [Date]
This refers to long-term holding of [data]. Minimizing [data], and indicating the retention time for this data, is a generally accepted privacy tenant. Some attribute values produce little to no privacy [risk] for individuals, and can potentially be used forever without producing any negative consequences. Other values are more likely to produce problems for individuals; a [Data Retention] [Date] ensures that this [Sensitive Data] is [disposed|Data Disposal] of at a certain point.
!! [Right of access]
[Right of access] provides the ability of the [Data subject] to obtain from the [Data Controller] confirmation as to whether or not [personal data] concerning him or her are being processed.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]