Privacy/Privacy protection principles

From W3C Wiki

Abstract

This document offers principle and guidance for privacy protection in the web environment. It aims to make designers, implementers, and those who deploy W3C specifications aware of privacy protection principles and help them put these principles into practice effectively.

Privacy protection principles

Clear purpose principle

The purpose of collecting and processing private information should be clear, specific and reasonable.

Determine the purpose

Risk assessment

Purpose change handling

Fake name processing

Agreement principle

The purpose, method and scope of collecting and processing private information should be noticed and agreed by the information owner beforehand.

Notice beforehand and provide selection option

Get agreement from information owner

Anonymous processing

Minimum usage principle

Only the minimum information should be collected and processed to achieve the usage purpose. After the usage purpose is achieved, private information should be deleted as soon as possible. The usage scope should be limited and the purpose should not be changed without noticing the information owner. [I think this sentence belongs under usage: --Charles McCathie Nevile (talk) 17:36, 15 September 2016 (UTC)]

Question: What if the purpose is to collect, and hold long-term, information about the user?

Question: What if the purpose is to monetise information about the user in order to fund a service?

Define the minimum elements

Minimize accessing privacy information

Privacy information preserving limitation

Clear communication principle

The information owner should be told, in clear and easy to understand language.

  • What information will be collected, and how.
  • How it will be used, when it will be combined with other information or shared with others, and when it will be deleted

Notice methods

Notice time

Notice before disclosure

Exceptions without notice

Accident notice

Quality guarantee principle

During the collecting and processing of privacy-sensitive information, the quality should be guaranteed to assure integrity, usability and timeliness.

Guarantee the quality of privacy-sensitive information

Verify the modification request from information owner

Security assurance principle

Management measures and technical methods adapted to the security risks should be adopted to protect private information. Private information should be protected against unauthorized disclosure.

Security rules

Privacy protection strategies and processes

Security protection measures

Incident disposition and incident response

Security auditing

Individual participation principle

Simple and convenient mechanisms should be provided to the information owner to query, update and delete his/her private information.

Individual participation mechanisms

Query mechanism

Update mechanism

Delete mechanism

Retrieval mechanism

Clear responsibility principle

The responsibility should be made clear during the collecting and processing private information. And corresponding measures should be taken for the responsibilities.

Legal verification

Security incident notice

Security incident report

Disclosure limitation principle

When the information is disclosed, the agreement from information owner should be obtained, or the information should be anonymized.

Disclosure condition

Delegation handling

Third party disclosure

Author

Edited by Kepeng Li, kepeng.lkp@alibaba-inc.com some comments and edits by Chaals McCathie Nevile, Yandex

Retrieved from "https://www.w3.org/wiki/index.php?title=Privacy/Privacy_protection_principles&oldid=99839"