Difference between revisions of "Privacy Harms"
From MgmtWiki
(→Context) |
(→Context) |
||
| Line 6: | Line 6: | ||
* This page is about the risk to the [[Subject]] of the data that is disclosed. | * This page is about the risk to the [[Subject]] of the data that is disclosed. | ||
* The [[Exploit]] of using the [[Subject]]'s private data can be any of a variety of entities, inlcuding the [[Entity]] that acquired the data from the [[Subject]]. | * The [[Exploit]] of using the [[Subject]]'s private data can be any of a variety of entities, inlcuding the [[Entity]] that acquired the data from the [[Subject]]. | ||
| − | * As in many web transactions, the benefit of the transaction typically accurs to the [[ | + | * As in many web transactions, the benefit of the transaction typically accurs to the [[Enterprise]] and the cost to the [[Subject]]. |
===Taxonomy== | ===Taxonomy== | ||
Revision as of 18:35, 17 March 2023
Full Title or Meme
Privacy Harms takes the view of the Subject in a privacy Exploit.
Context
- Normally the Privacy Risk of any transaction is measured in terms of the risk to the Enterprise that holds the user data.
- This page is about the risk to the Subject of the data that is disclosed.
- The Exploit of using the Subject's private data can be any of a variety of entities, inlcuding the Entity that acquired the data from the Subject.
- As in many web transactions, the benefit of the transaction typically accurs to the Enterprise and the cost to the Subject.
=Taxonomy
- Enterprise in the instance means either of (1) the data controller, (2) the data processor, or (3) the attacker, which in this case covers all of the other entities that my benefit from having the Subject's data.
