Difference between revisions of "Wiki for Privacy Standards and Privacy Projects"

From IPEN Wiki
Jump to navigation Jump to search
Line 17: Line 17:
=== This section contains an overview of the content and short explanations to the items. ===
=== This section contains an overview of the content and short explanations to the items. ===


#
=== JoDiscussion on Privacy ===
=== JoDiscussion on Privacy ===



Revision as of 12:32, 17 April 2018

Objective of this Wiki

During the IPEN workshop held in Leuven on June 5th 2015, it was agreed that the IPEN community would benefit from the creation of a repository of information on activities related to privacy engineering initiatives and standards. The wiki was further extended in 2016 to cover privacy engineering projects

The objective of this Wiki is to be a tool allowing stakeholders interested in privacy engineering and standardisation to find resources and to identify and seek harmonisation and convergence opportunities.

Membership

IPEN members can register to this Wiki as contributors (i.e. providing information and comments on privacy standards activities).

If you wish to contribute please read the Rules for Contribution.

Contact Antonio Kung to become a contributor.

Content of the wiki

This section contains an overview of the content and short explanations to the items.

JoDiscussion on Privacy

Click expand to find links to information regarding discussion on privacy

Between the 29th of December and the 9th of January 2018 a mail conversation took place in the WG5 mailing list triggered by a question posted by Nat Sakimura regarding ” WG5 position to the definition of "privacy" for the ISO/IEC JTC 1/SC 27/AG 1”. The conversation grew fast. Encompassing over 100+ mails going in many different directions. A decision was made to propose summarize the discussion on a high level. Hans Hedbom promised to do the high level summary. In the ISO/IEC JST1/SC 27 meeting in Wuhan (April 2018). It was decided to publish the summary (and subsequent versions) in this wiki. Hans will moderate these pages.


Moderator's favourite quote: In 2018, it seems to me imperative that if international standards are to have any meaningful impact on actually providing privacy/data protection assurances, they must address the real world, where interconnected systems, storage, applications etc. don’t care about abstractions but run on and care only about code - that is where the privacy and data protection must live today. and where ISO can have real impact.  Abstract definitions are necessary, but with the recognition that they are far removed from the reality of actually delivering privacy in today’s IT environments.

John Sabo

Privacy Standards

Click expand to find links to information regarding various standardisation organizations and their work on privacy and data protection standards
  • The ISO, International Organization for Standardisation, has standards on e.g. Privacy Engineering or BigData
  • The OpenID Foundation is a non-profit international standardization organization and has Workingroups regarding e.g. privacy and health related data
  • The OASIS, Organization for the Advancement of Structured Information Standards, is e.g. working on Standards for Privacy Management Reference Model and Methodology.
  • The W3C Activities, World Wide Web Consortium, has a privacy group working e.g. on Tracking Protection.

Privacy Engineering Projects

Find in the following information on different projects that follow Privacy Engineering ideas such as privacy and data protection by design and by default.
  • The CREDENTIAL project's goal is to enable end-to-end security and improved privacy in cloud identity management services for managing secure access control.
  • The DNT Guide aims at helping website owners to implement the Do Not Track (DNT) standard.
  • With the PARIS project sets out to define and demonstrate a methodological approach for the development of a surveillance infrastructure which enforces the right of citizens for privacy, justice and freedom.
  • The mission of PRIPARE is to facilitate the application of a privacy and security-by-design methodology and to foster a risk management culture through educational material.
  • The PRISMACLOUD produces tools to enable end-to-end security and thus allowing users to protect their privacy by cryptographic means.
  • The Privacypatterns project provides building blocks for developers to advance privacy and data protection by design.
  • Signatu provides a service for companies to MAP their data processing activities, to create privacy policies and to track their users consent or consent withdrawal.

Other Privacy projects, Events and Presentations

Find in the following an overview of other privacy projects and events
  • Multiple institutions have worked on Guidelines for Privacy and Data Protection Impact Assessments.
  • Privacy related Events: see past and upcoming events in Europe

Content Overview table

Privacy Standards

Privacy Engineering Projects

Other Privacy Projects / Events / Presentations


 

 

More on IPEN - Internet Privacy Engineering Network

The purpose of IPEN (www.engineeringprivacy.eu) is to bring together developers and data protection experts with a technical background from different areas in order to launch and support projects that build privacy into everyday tools and develop new tools which can effectively protect and enhance our privacy.

Sponsors and Support

This Wiki is sponsored by TRIALOG and supported by the PRIPARE project

LOGO TRIALOG 200 small 2.png
Logo Pripare-Large-clear.png