Data Controller Options

From MgmtWiki
Revision as of 09:44, 14 February 2021 by Tom (talk | contribs) (Context)

Jump to: navigation, search

Full Title or Meme

A description of a few of the ways that a Data Controller might give the required level of control to the user of their information.

Context

  • The GDPR started an effort by legal jurisdictions authority to limit the misuse of User Private Information.
  • Several "Member States" of the EU have defined the GDPR terms, for example Ireland.[1]

Obligations

  • The user is given increasingly control of their information as a reaction to the misuse of that informatin to track and annoy that user.

Solutions

In this wiki we will use two terms that together seem to meet most definitions of Data Controller and provide more context to discuss the practical solutions.

  1. A Identifier or Attribute Provider is the source of User Information in any covered transaction on the internet.
  2. A Relying Party is the sink of User Information in any covered transaction on the internet.

Besides the two entities above a User Object containing User Information may exist at other locations, sometimes under the control of one of the above, sometimes not. See the diagram on the User Object Page for an example were the User Object may even be in an Authentication Cookie residing on the User Device.

References

  1. Irish Data Protection Commission, Are you a "data controller"? https://www.dataprotection.ie/docs/Are-you-a-Data-Controller/y/43.htm

Other Materiel