Generally Accepted Privacy Profiles
Full Title
Generally Accepted Privacy Profiles are created to give users a purpose for releasing private information.
Context
Years of concentrated effort on privacy have not had an appreciable effect on the user’s sense of privacy. If anything, users are more apprehensive today that in years past. The focus on giving users control of the release of their data and their attention seemed to be making some progress on smart phones, but the proliferation of requests by uncontrolled apps has made that into a user experience problem. The problem seems to be that the folks that gave us user control are doubling down and asking for more user control when that is already a burden that most are unhappy to accommodate. A new approach is needed.
Use Cases
The following is just a sampling for where purpose-of-use can be translated into the data required for transfer.
- One example would be that of a patient being referred to a eye doctor that needed to prescribe medicines to complete their function. It might not occur to the patient that allergies needed to be passed in such a purpose of use, but the potential for adverse reactions certainly indicates the need for that data. In this case the patient agrees to see the eye doctor and release “only the required data” for the purpose-of-use. The data transferred is obtained from the release.
Solutions
A document from the NCCEO DATA CLASSIFICATION PRACTICES Facilitating Data-Centric Security Management addresses classification of data by the damage release of the data would create for the data owner. In the following section I propose extending data classification to encompass release of private data by a similar method.
It is proposed that a specific governance process be created for industry sectors, like healthcare, to establish a data classification based on the necessity for release of the data to meet the intended purpose.
