Difference between revisions of "Wiki for Privacy Standards and Privacy Projects"

From IPEN Wiki
Jump to: navigation, search
 
(128 intermediate revisions by 6 users not shown)
Line 1: Line 1:
== <span style="font-size:larger">IPEN - Internet Privacy Engineering Network</span> ==
+
== <span style="font-size:larger">Objective of this Wiki</span> ==
  
<span style="line-height: 1.6">The purpose of IPEN ([http://www.engineeringprivacy.eu/ www.engineeringprivacy.eu]) is to bring together developers and data protection experts with a technical background from different areas in order to launch and support projects that build privacy into everyday tools and develop new tools which can effectively protect and enhance our privacy.</span>
+
The objective of this Wiki is to be a tool allowing stakeholders interested in privacy engineering and standardisation to find resources and to identify and seek harmonisation and convergence opportunities.
  
== <span style="font-size:larger">Objective of WIKI</span> ==
+
== <span style="font-size:larger;">Content</span> ==
  
During the IPEN workshop held in Leuven on June 5th 2015 ([https://secure.edps.europa.eu/EDPSWEB/edps/site/mySite/lang/en/IPEN_Workshop_2015 https://secure.edps.europa.eu/EDPSWEB/edps/site/mySite/lang/en/IPEN_Workshop_2015]), it was agreed that the IPEN community would benefit from the creation of a repository of information on activities related to privacy engineering standards
+
{| border="1" cellspacing="1" cellpadding="1" style="width:27cm;"
 +
|-
 +
| style="background-color: rgb(102, 255, 255); vertical-align: top; width: 33%;" | <p style="text-align: center;">'''Privacy standards'''</p>
 +
*[https://ipen.trialog.com/wiki/IETF_Activities <span style="color:#1020AA">CEN-CENELEC-ETSI</span>]
 +
*[https://ipen.trialog.com/wiki/IETF_Activities <span style="color:#1020AA">IETF Activities</span>]
 +
*[https://ipen.trialog.com/wiki/IEEE_Activities <span style="color:#1020AA">IEEE standards</span>]
 +
*[https://ipen.trialog.com/wiki/ISO <span style="color:#1020AA">ISO/IEC</span>]
 +
*[https://ipen.trialog.com/wiki/ITU_Activities <span style="color:#1020AA">ITU standards</span>]
 +
*[https://ipen.trialog.com/wiki/OASIS <span style="color:#1020AA">OASIS</span>]
 +
*[https://ipen.trialog.com/wiki/W3C_Activities <span style="color:#1020AA">OpenID Foundation</span>]
 +
*[https://ipen.trialog.com/wiki/W3C_Activities <span style="color:#1020AA">W3C Activities</span>]
 +
*[https://ipen.trialog.com/wiki/National_Level_Activities <span style="color:#1020AA">National Level Standards</span><br />]
  
The objective of this wiki is to be a tool allowing stakeholders interested in standardisation to identify and seek harmonisation and convergence opportunities
+
| style="background-color: rgb(102, 255, 0); vertical-align: top; width: 33%;" | <p style="text-align: center;">'''Privacy engineering projects'''</p>
 +
*[https://ipen.trialog.com/wiki/App_PETs <span style="color:#1020AA">APP Pets (ULD project)</span>]
 +
*[https://ipen.trialog.com/wiki/AN_ON_Next <span style="color:#1020AA">AN.ON-Next (ULD project)</span>]
 +
*[https://ipen.trialog.com/wiki/CREDENTIAL <span style="color:#1020AA">CREDENTIAL (EC project completed)</span>]
 +
*[https://ipen.trialog.com/wiki/DNT_Guide <span style="color:#1020AA">DNT Guide</span>]
 +
*[https://ipen.trialog.com/wiki/PARIS <span style="color:#1020AA">PARIS (EC project completed)</span>]
 +
*[https://ipen.trialog.com/wiki/pdp4e <span style="color:#1020AA">PDP4E (EC project on-going)</span>]
 +
*[https://ipen.trialog.com/wiki/PRIPARE <span style="color:#1020AA">PRIPARE (EC project completed)</span>]
 +
*[https://ipen.trialog.com/wiki/PRISMACLOUD <span style="color:#1020AA">PRISMACLOUD (EC project completed)</span>]
 +
*[https://ipen.trialog.com/wiki/NIST_privacy_framework <span style="color:#1020AA">Privacy framework (NIST project on-going)</span>]
 +
*[https://ipen.trialog.com/wiki/Privacypatterns <span style="color:#1020AA">Privacypatterns</span>]
 +
*[https://ipen.trialog.com/wiki/Signatu <span style="color:#1020AA">Signatu</span>]
 +
*[https://ipen.trialog.com/wiki/SCOR <span style="color:#1020AA">Secure Covid Research Security and Privacy task force</span>]
  
== <span style="font-size:larger">How to be a member of the wiki</span> ==
+
| style="background-color: rgb(255, 255, 0); vertical-align: top; width: 33%;" | <p style="text-align: center;">'''Reports, Events, Presentations'''</p>
 +
*[https://ipen.trialog.com/wiki/DPIA_and_PIA_Guidelines <span style="color:#1020AA">DPIA and PIA guidelines</span>]
 +
*[https://ipen.trialog.com/wiki/Studies <span style="color:#1020AA">Studies</span>]
 +
*[https://ipen.trialog.com/wiki/OWASP <span style="color:#1020AA">OWASP</span>]
 +
*[https://ipen.trialog.com/wiki/Business_Process_CB <span style="color:#1020AA">Business Process Cookbook</span>]
 +
*[https://ipen.trialog.com/wiki/Events <span style="color:#1020AA">Events</span>]
 +
*[https://ipen.trialog.com/wiki/Presentations <span style="color:#1020AA">Presentations</span>]
  
IPEN members can register to this wiki
 
  
*as observers (i.e. getting information)
 
*as contributors (i.e. providing information and comments on privacy standards activities).
 
  
<span style="background-color:#FFFF00">Contact Antonio Kung (antonio.kung@trialog.com) or Olivier Maridat (olivier.maridat@trialog.com) with topic [IPEN privacy standards] to request access, and indicate whether you want to be an observer or a contributor</span>
+
|}
  
== <span style="font-size:larger">Rules for contributors</span> ==
+
{| class="mw-collapsible mw-collapsed autocollapse"
 +
|-
 +
| style="background-color: rgb(102, 255, 255);" | More info on privacy standards<br/>
 +
|-
 +
|
 +
*The&nbsp;[https://ipen.trialog.com/wiki/ISO ISO], International Organization for Standardisation, has standards on e.g. Privacy Engineering or BigData
  
'''Rule 1: '''It is important to respect copyrights rules of all information contained in this wiki:
+
|-
 +
|
 +
*The&nbsp;[https://ipen.trialog.com/wiki/OpenId_Foundation_Activities OpenID Foundation]&nbsp;is a non-profit international standardization organization and has Workingroups regarding e.g. privacy and health related data
  
*Concerning existing standards, the wiki can contain
+
|-
**link to standardisation bodies pages
+
|
**analyses and comments that you provide as contributor
+
*The&nbsp;[https://ipen.trialog.com/wiki/OASIS OASIS], Organization for the Advancement of Structured Information Standards, is e.g. working on Standards for Privacy Management Reference Model and Methodology.
**public presentations or documents
+
*Concerning standards in the making, the wiki can contain
+
**link to standardisation bodies pages
+
**<span style="line-height: 1.6">information about the status</span>
+
**information on meetings
+
**public presentations of documents
+
  
'''Rule 2''': Separate official information from analysis/opinions/comments. It is also advised to give your name when comments are provided.
+
|-
 +
|
 +
*The&nbsp;[https://ipen.trialog.com/wiki/W3C_Activities W3C Activities], World Wide Web Consortium, has a privacy group working e.g. on Tracking Protection.
  
<span style="line-height: 1.6">Contributors are free to create new pages either to provide extended analysis or to cover other topics</span>
+
|-
 +
|
 +
*The&nbsp;[https://ipen.trialog.com/wiki/IETF_Activities IETF Activities], Internet Engineering Taskforce, is working on the RFC 6973&nbsp;[https://tools.ietf.org/html/rfc6973 "Privacy Considerations for Internet Protocols"]
  
== <span style="font-size:larger">Content</span> ==
+
|-
 +
|
 +
*The&nbsp;[https://ipen.trialog.com/wiki/IEEE_Activities IEEE Activities]
  
The wiki will contain the following dedicated pages
+
|-
 +
|
 +
*The&nbsp;[https://ipen.trialog.com/wiki/ITU_Activities ITU Activities]
  
=== <span style="font-size:larger">ISO activities</span> ===
+
|-
 +
|
 +
*There exist diverse&nbsp;[https://ipen.trialog.com/wiki/National_Level_Activities National Level Standards]&nbsp;regarding privacy, some with which IPEN members are involved, can be found&nbsp;[http://ipen.trialog.com/wiki/National_Level_Activities here].
  
{| style="line-height: 20.7999992370605px; width: 900px" border="1" cellpadding="1" cellspacing="1"
 
 
|-
 
|-
| <span style="line-height: 20.7999992370605px;">Link to the page</span><br/>
+
|  
| [http://ipen.trialog.com/wiki/ISO http://ipen.trialog.com/wiki/ISO]<br/>
+
*The European commission has issued a mandate to&nbsp;[http://ipen.trialog.com/wiki/CEN-CENELEC-ETSI_Activities European Standardisation Organisations], ESOs, to work on standards relating to privacy management of security products and related services.
|-
+
 
| Contributors
+
| Antonio Kung, Irene Kamara<br/>
+
 
|}
 
|}
  
=== <span style="font-size:larger">OASIS activities</span> ===
+
{| class="mw-collapsible mw-collapsed autocollapse"
 
+
{| style="line-height: 20.7999992370605px; width: 900px" border="1" cellpadding="1" cellspacing="1"
+
 
|-
 
|-
| Link to the page
+
| style="background-color: rgb(102, 255, 0);" | More info on privacy engineering projects.
| [http://ipen.trialog.com/wiki/OASIS http://ipen.trialog.com/wiki/OASIS]<br/>
+
 
|-
 
|-
| Contributors
+
|  
| <span style="line-height: 20.7999992370605px">John Sabo?, Dawn Jutla?</span><br/>
+
*With its&nbsp;[https://ipen.trialog.com/wiki/App_PETs APP Pets]&nbsp;project the&nbsp;[https://www.datenschutzzentrum.de/ Datenschutzzentrum (ULD)]&nbsp;is working on privacy enhancing technologies for smart device apps
|}
+
  
=== <span style="font-size:larger">W3C activities</span> ===
+
|-
 +
|
 +
*The goal of&nbsp;[https://ipen.trialog.com/wiki/AN_ON_Next AN.ON-Next]&nbsp;by the&nbsp;[https://www.datenschutzzentrum.de/ Datenschutzzentrum (ULD)]&nbsp;is to integrate processes for anonymization into the internet infrastructure.
  
{| style="line-height: 20.7999992370605px; width: 900px" border="1" cellpadding="1" cellspacing="1"
 
 
|-
 
|-
| Link to the page
+
|  
| <span style="line-height: 20.7999992370605px;">&nbsp;</span>[http://ipen.trialog.com/wiki/W3C_Activities http://ipen.trialog.com/wiki/W3C_Activities]<br/>
+
*The&nbsp;[https://ipen.trialog.com/wiki/CREDENTIAL CREDENTIAL]&nbsp;project's goal is to enable end-to-end security and improved privacy in cloud identity management services for managing secure access control.
 +
 
 
|-
 
|-
| Contributors
+
|  
| Ninja Marnau?
+
*The&nbsp;[https://ipen.trialog.com/wiki/DNT_Guide DNT Guide]&nbsp;aims at helping website owners to implement the Do Not Track (DNT) standard.
|}
+
  
=== <span style="font-size:larger">IETF activities</span> ===
+
|-
 +
|
 +
*With the&nbsp;[https://ipen.trialog.com/wiki/PARIS PARIS]&nbsp;project sets out to define and demonstrate a methodological approach for the development of a surveillance infrastructure which enforces the right of citizens for privacy, justice and freedom.
  
{| style="line-height: 20.7999992370605px; width: 900px" border="1" cellpadding="1" cellspacing="1"
 
 
|-
 
|-
| Link to the page
+
|  
| [http://ipen.trialog.com/wiki/IETF_Activities http://ipen.trialog.com/wiki/IETF_Activities]<br/>
+
*[https://ipen.trialog.com/wiki/Pdp4e PDP4E]&nbsp;connects privacy engineering with model driven engineering tools.
 +
 
 
|-
 
|-
| Contributors
+
|  
| <span style="line-height: 20.7999992370605px">Steven Farrell?</span><br/>
+
*The mission of&nbsp;[https://ipen.trialog.com/wiki/PRIPARE PRIPARE]&nbsp;is to facilitate the application of a privacy and security-by-design methodology and to foster a risk management culture through educational material.
|}
+
  
=== <span style="font-size:larger">CEN-CENELEC-ETSI activities</span> ===
+
|-
 +
|
 +
*The&nbsp;[https://ipen.trialog.com/wiki/PRISMACLOUD PRISMACLOUD]&nbsp;produces tools to enable end-to-end security and thus allowing users to protect their privacy by cryptographic means.
  
{| style="line-height: 20.7999992370605px; width: 900px" border="1" cellpadding="1" cellspacing="1"
 
 
|-
 
|-
| Link to the page
+
|  
| [http://ipen.trialog.com/wiki/CEN-CENELEC-ETSI_Activities http://ipen.trialog.com/wiki/CEN-CENELEC-ETSI_Activities]<br/>
+
*The&nbsp;[https://ipen.trialog.com/wiki/Privacypatterns Privacypatterns]&nbsp;project provides building blocks for developers to advance privacy and data protection by design.
 +
 
 
|-
 
|-
| Contributors
+
|  
| Antonio Kung (CEN-CENELEC JWG8), Claude Tételin (CEN TC225), Irene Kamara, Carmine Rizzo (ETSI)<br/>
+
*The [https://www.nist.gov/privacy-framework privacy framework]&nbsp;project from NIST will be a voluntary tool for organizations to better identify, assess, manage, and communicate about privacy risks so that individuals can enjoy the benefits of innovative technologies with greater confidence and trust
|}
+
  
=== <span style="font-size:larger">OpenID Foundation activities</span> ===
+
|-
 +
|
 +
*[https://ipen.trialog.com/wiki/Signatu Signatu]&nbsp;provides a service for companies to MAP their data processing activities, to create privacy policies and to track their users consent or consent withdrawal.
  
{| border="1" cellpadding="1" cellspacing="1" style="line-height: 20.7999992370605px; width: 900px;"
+
|}
 +
 
 +
{| class="mw-collapsible mw-collapsed autocollapse"
 
|-
 
|-
| Link to the page
+
| style="background-color: rgb(255, 255, 0);" | More info on reports, events, presentations
| [http://ipen.trialog.com/wiki/OpenId_Foundation_Activities http://ipen.trialog.com/wiki/OpenId_Foundation_Activities]<br/>
+
 
|-
 
|-
| Contributors
+
|  
| Nat Sakimura (OpenID Foundation)<br/>
+
*Multiple institutions have worked on&nbsp;[https://ipen.trialog.com/wiki/DPIA_and_PIA_Guidelines Guidelines]&nbsp;for Privacy and Data Protection Impact Assessments.
|}
+
  
=== <span style="font-size:larger">National level activities</span> ===
+
|-
 +
|
 +
*You can find various&nbsp;[https://ipen.trialog.com/wiki/Studies Studies on Privacy and DP here.]
  
{| style="line-height: 20.7999992370605px; width: 900px" border="1" cellpadding="1" cellspacing="1"
 
 
|-
 
|-
| Link to the page
+
|  
| <span style="line-height: 20.7999992370605px;">&nbsp;</span>[http://ipen.trialog.com/wiki/National_Level_Activities http://ipen.trialog.com/wiki/National_Level_Activities]<br/>
+
*The&nbsp;[https://ipen.trialog.com/wiki/OWASP OWASP Top 10 Project]&nbsp;lists the current top 10 privacy risks.
 +
 
 
|-
 
|-
| Contributors
+
|  
| Alan Shipman (BSI)<br/>
+
*The&nbsp;[https://ipen.trialog.com/wiki/Business_Process_CB Business Process Cookbook]&nbsp;is an open repository to integrate Privacy and DP by design into business processes.
|}
+
  
=== <span style="font-size: larger;">Other activities</span> ===
+
|-
 +
|
 +
*Privacy related&nbsp;[https://ipen.trialog.com/wiki/Events Events]: see past and upcoming events in Europe
  
{| style="width: 900px; line-height: 20.79px;" cellpadding="1" cellspacing="1" border="1"
 
 
|-
 
|-
| Link to the page
+
|  
| [http://ipen.trialog.com/wiki/Other_Activities http://ipen.trialog.com/wiki/Other_Activities]<br/>
+
*&nbsp;[https://ipen.trialog.com/wiki/Presentations Presentations]&nbsp;or interest on privacy
 +
 
 
|-
 
|-
| <span style="line-height: 20.7999992370605px;">Contributors</span>
 
 
|  
 
|  
<span style="line-height: 20.7999992370605px;">Antonio Kung (Smart grid DPIA template, CNIL PIA methodology, ENISA landscape document, NIST privacy risk management framework),</span>
+
*The&nbsp;[http://iwpe.info/ International Workshop on Privacy Engineering]&nbsp;is a yearly event to share and discuss the lates reaserch in the field.
  
<span style="line-height: 20.7999992370605px;">Florian Stahl (OWASP Top 10 Privacy Risks Project)</span>
+
|}
  
<span style="line-height: 20.7999992370605px;">Matthieu Grall (CNIL PIA analysis)</span>
+
== <span style="font-size: larger;">Membership</span> ==
  
|}
+
IPEN members can register to this Wiki as contributors&nbsp;(i.e. providing information and comments on privacy standards activities). If you wish to contribute please read the&nbsp;[https://ipen.trialog.com/Rules%20for%20Contribution Rules for Contribution].
  
== <span style="font-size:larger"><span style="line-height: 1.6">Sponsors and Support</span></span> ==
+
<span style="font-size: medium;">'''Contact&nbsp;[https://ipen.trialog.com/Special%3AContact Antonio Kung]&nbsp;to become a contributor.'''</span>
  
This wiki is sponsored by Trialog and supported by the PRIPARE project
+
== <span style="font-size: larger;">More on IPEN - Internet Privacy Engineering Network</span> ==
  
[[File:LOGO TRIALOG 200 small 2.png|LOGO TRIALOG 200 small 2.png|link=http://www.trialog.com/]]
+
<span style="line-height: 1.6;">The purpose of IPEN ([http://www.engineeringprivacy.eu/ www.engineeringprivacy.eu]) is to bring together developers and data protection experts with a technical background from different areas in order to launch and support projects that build privacy into everyday tools and develop new tools which can effectively protect and enhance our privacy.</span>
  
[[File:Logo Pripare-Large-clear.png|Logo Pripare-Large-clear.png|link=http://pripareproject.eu/]]
+
During the&nbsp;[https://secure.edps.europa.eu/EDPSWEB/edps/site/mySite/lang/en/IPEN_Workshop_2015 IPEN workshop held in Leuven on June 5th 2015], it was agreed that the IPEN community would benefit from the creation of a repository of information on activities related to privacy engineering initiatives and standards. The wiki was further extended in 2016 to cover privacy engineering projects
 +
<span style="line-height: 1.6;"></span>
 +
== <span style="font-size:x-large">Sponsors and Support</span> ==
 +
 
 +
This Wiki is sponsored by ''[https://trialog.com TRIALOG]'' and supported by the [http://pripareproject.eu/ PRIPARE] project
 +
 
 +
{| style="text-align: center; width: 100%" align="center" border="0" cellpadding="1" cellspacing="1"
 +
|-
 +
| style="width: 50%" | [[File:Logo trialog 2.png|500px]]<br/>
 +
| [[File:Logo Pripare-Large-clear.png|Logo Pripare-Large-clear.png|link=http://pripareproject.eu/]]<br/>
 +
|}

Latest revision as of 16:50, 6 November 2020

Objective of this Wiki

The objective of this Wiki is to be a tool allowing stakeholders interested in privacy engineering and standardisation to find resources and to identify and seek harmonisation and convergence opportunities.

Content

Privacy standards

Privacy engineering projects

Reports, Events, Presentations


More info on privacy standards
  • The ISO, International Organization for Standardisation, has standards on e.g. Privacy Engineering or BigData
  • The OpenID Foundation is a non-profit international standardization organization and has Workingroups regarding e.g. privacy and health related data
  • The OASIS, Organization for the Advancement of Structured Information Standards, is e.g. working on Standards for Privacy Management Reference Model and Methodology.
  • The W3C Activities, World Wide Web Consortium, has a privacy group working e.g. on Tracking Protection.
  • The European commission has issued a mandate to European Standardisation Organisations, ESOs, to work on standards relating to privacy management of security products and related services.
More info on privacy engineering projects.
  • The CREDENTIAL project's goal is to enable end-to-end security and improved privacy in cloud identity management services for managing secure access control.
  • The DNT Guide aims at helping website owners to implement the Do Not Track (DNT) standard.
  • With the PARIS project sets out to define and demonstrate a methodological approach for the development of a surveillance infrastructure which enforces the right of citizens for privacy, justice and freedom.
  • PDP4E connects privacy engineering with model driven engineering tools.
  • The mission of PRIPARE is to facilitate the application of a privacy and security-by-design methodology and to foster a risk management culture through educational material.
  • The PRISMACLOUD produces tools to enable end-to-end security and thus allowing users to protect their privacy by cryptographic means.
  • The Privacypatterns project provides building blocks for developers to advance privacy and data protection by design.
  • The privacy framework project from NIST will be a voluntary tool for organizations to better identify, assess, manage, and communicate about privacy risks so that individuals can enjoy the benefits of innovative technologies with greater confidence and trust
  • Signatu provides a service for companies to MAP their data processing activities, to create privacy policies and to track their users consent or consent withdrawal.
More info on reports, events, presentations
  • Multiple institutions have worked on Guidelines for Privacy and Data Protection Impact Assessments.
  • Privacy related Events: see past and upcoming events in Europe

Membership

IPEN members can register to this Wiki as contributors (i.e. providing information and comments on privacy standards activities). If you wish to contribute please read the Rules for Contribution.

Contact Antonio Kung to become a contributor.

More on IPEN - Internet Privacy Engineering Network

The purpose of IPEN (www.engineeringprivacy.eu) is to bring together developers and data protection experts with a technical background from different areas in order to launch and support projects that build privacy into everyday tools and develop new tools which can effectively protect and enhance our privacy.

During the IPEN workshop held in Leuven on June 5th 2015, it was agreed that the IPEN community would benefit from the creation of a repository of information on activities related to privacy engineering initiatives and standards. The wiki was further extended in 2016 to cover privacy engineering projects

Sponsors and Support

This Wiki is sponsored by TRIALOG and supported by the PRIPARE project

Logo trialog 2.png
Logo Pripare-Large-clear.png