Difference between revisions of "User Information"

From MgmtWiki
Jump to: navigation, search
(References)
(References)
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
==Full Title or Meme==
 
==Full Title or Meme==
Any information about the user, such as, [[Identifier]]s, [[Attribute]]s [[Validation]]s presented to an [[Authorization]] service to control access to a resource, typically digital but possibly physical.
+
Any information about the user, such as, [[Identifier]]s, [[Attribute]]s [[Validated|Validation]]s presented to an [[Authorization]] service to control access to a resource, typically digital but possibly physical.
  
 
==Context==
 
==Context==
There are many different terms used to address user information. See the references for some of the ones tracked here.
+
* There are many different terms used to address user information. See the references for some of the ones tracked here.
  
 
==Problems==
 
==Problems==
 +
* There are two categories of [[User Information]]:
 +
# [[User Private Information]] which is specifically related to identifying the user. This is similar to the ISO term [[Personally Identifiable Information]].
 +
# [[User Public Information]] which traditional democratic societies have determined to be a matter of public record, such as name changes, property deeds, bankruptcy records and prison records.
 +
* Given the effort in Europe to allow a [[Right to be Forgotten]], the distinction between private and public information has become blurred, at least in the EU.
  
 
==Solutions==
 
==Solutions==
Line 11: Line 15:
 
==References==
 
==References==
 
# [[User Private Information]] is the information about a user that the user wishes to remain private, as opposed to User Public Information which is accessible online, irrespective of the user's wishes that it were not so. It seems that the [[GDPR]] with [[Right to be Forgotten]] does not allow for the concept of user Public Information.
 
# [[User Private Information]] is the information about a user that the user wishes to remain private, as opposed to User Public Information which is accessible online, irrespective of the user's wishes that it were not so. It seems that the [[GDPR]] with [[Right to be Forgotten]] does not allow for the concept of user Public Information.
# [[Personally Identifiable Information]] (PII) is a term from ISO
+
# Personal Data is used by the [[GDPR]] in a way that seems to mean information.
 +
# [[Personally Identifiable Information]] (PII) is a term from ISO. Given that any information about the user can be used to exclude some portion of the population. It is amazing how few attributes are needed to limit the population to a single person who has those attributes.
  
  
 
[[Category:Glossary]]
 
[[Category:Glossary]]
 +
[[Category:Identity]]
 +
[[Category:Privacy]]

Latest revision as of 12:16, 19 December 2018

Full Title or Meme

Any information about the user, such as, Identifiers, Attributes Validations presented to an Authorization service to control access to a resource, typically digital but possibly physical.

Context

  • There are many different terms used to address user information. See the references for some of the ones tracked here.

Problems

  • There are two categories of User Information:
  1. User Private Information which is specifically related to identifying the user. This is similar to the ISO term Personally Identifiable Information.
  2. User Public Information which traditional democratic societies have determined to be a matter of public record, such as name changes, property deeds, bankruptcy records and prison records.
  • Given the effort in Europe to allow a Right to be Forgotten, the distinction between private and public information has become blurred, at least in the EU.

Solutions

References

  1. User Private Information is the information about a user that the user wishes to remain private, as opposed to User Public Information which is accessible online, irrespective of the user's wishes that it were not so. It seems that the GDPR with Right to be Forgotten does not allow for the concept of user Public Information.
  2. Personal Data is used by the GDPR in a way that seems to mean information.
  3. Personally Identifiable Information (PII) is a term from ISO. Given that any information about the user can be used to exclude some portion of the population. It is amazing how few attributes are needed to limit the population to a single person who has those attributes.