Browse Prior Art Database

A Mechanism for Providing and Enforcing Privacy Policy Information to Data Users

IP.com Disclosure Number: IPCOM000019966D
Original Publication Date: 2003-Oct-14
Included in the Prior Art Database: 2003-Oct-14

Publishing Venue

IBM

Abstract

Information systems and their users are being confronted increasingly with issues of Data Privacy (meaning issues of who has what rights to information for what purposes). Data Users of information systems (sometimes referred to as subjects) must be able to easily view the privacy policy for information they are viewing (or attempting to view) in order to understand what they should and should not do with the information. At the current time, there are insufficient techniques for conveying such information. An example is the use of a field to mark a message as "confidential". Such a field does not include the rich set of distinctions involved in Privacy standards such as P3P. Even if lengthier text descriptions of the privacy policy associated with data are provided, these can be difficult for a human data user to understand, and rely on human interpretation for compliance. A technique which both conveys to a human reader what privacy policy is associated with a data item and can be used to allow or restrict actions that a data user could carry out on the data is required for meaningful privacy implementation in information systems.