Legal requirements, translated into technology
- Motivated by, e.g., EU directives on privacy and electronic
communications, 95/46/EC, 2002/58/EC
- Transparency
- Provide the individual with information regarding data collection
- Human and machine readable privacy policies and well-defined
mapping using ontologies
- Purpose limitation (proportionality):
- Collection/Use limitation of personal data to what is
necessary for original purpose
- Keep in identifiable form no longer than necessary for
original purpose
- Smart policy matching -- minimizing information released
- Security and data quality
- Provide adequate security against improper disclosure or use
- Realtime trust evaluation
- Assurance modelling
- Consent
- Standardized multi-language human readable translations of privacy
notices
- Conditions agreed to stored as obligations
-
Access
- Obligation management
- Tracking of previous data disclosures