Versions Compared

Old Version 1

changes.mady.by.user Venkat

Saved on

compared with

New Version Current

changes.mady.by.user John Wunderlich

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Statement: Verifiers must publicly state the purposes for collection

Review Meeting(s):

Status:
Status
subtletrue

...

title

...

Optional comments about the requirement may be entered here

Draft

Verifiers must publicly state the purposes for collection

Statement (Single phrase or sentence)

Verifiers must

attest their use-cases - which in turn defines the data they will need to collect and its retention policyDescriptionVerifiers must share in a public forum which data elements they will collect and how they expect to retain and use the data.  This assertion should be associated with their form of identification. This will enable providers/users to understand in advance of any presentations what the implications of sharing are and ensure broader accountability.

publicly state the purposes for collection.

Description

Scope (applies to)

  •  Part A: Verifiers
  •  Part B: Issuers
  •  Part C: Providers

Select the Primary Consideration

  •  CC (Consent and Choice)

  •  PL (Purpose legitimacy and specification)

  •  CL (Collection limitation)

  •  DM (Data minimization)

  •  UR (Use, retention, and disclosure limitation)

  •  AQ (Accuracy and quality)

  •  OT (Openness, transparency, and access)

  •  IA (Individual access & participation)

  •  AC (Accountability)

  •  IS (Information Security)

  •  PS (Privacy compliance)
Select the Identifiers
  •  Direct
  •  Indirect
  •  Unique
Reference (Scope_Consideration_Ref #)Related RequirementsExplanatory Notes (Text or Link)

Reference

Privacy Principles

For descriptions see ISO/IEC 29100

#AbbreviationPrinciple1CCConsent and Choice2

PL

Purpose legitimacy and specification

3

CL

Collection limitation

4

DM

Data minimization

5

UR

Reference

06_V_UR

Other considerations

  •  CC (Consent and Choice)
  •  PL (Purpose legitimacy and specification)
  •  CL (Collection limitation)
  •  DM (Data minimization)
  •  UR (Use, retention, and disclosure limitation
6

AQ

  • )
  •  AQ (Accuracy and quality
7

OT

  • )
  •  OT (Openness, transparency, and access
8

IA

  • )
  •  IA (Individual access & participation
9

AC

Accountability

10

IS

Information Security

11

PS

Privacy compliance
  • )
  •  AC (Accountability)
  •  IS (Information Security)
  •  PS (Privacy compliance)

Related Requirements


Explanatory Notes (Text or Link)


Page Tasks

  •  Venkat (Unlicensed) to update requirement to narrowed set as per discussion
  •  Tom Jones to create a new requirement for stating data use and retention on a per purpose basis
  •  John Wunderlich to update status and proof after Venkat