UserPreferences

GssPolicies/DataProtectionPolicies

Data Protection Policies

  1. Introduction
  2. Security Policies
    1. Global Security Policy
    2. Community Security Policy
    3. GRS Authentication Policy
  3. Privacy Policies
    1. Minimum Information Policy
    2. Opt-In Policy
    3. Global Privacy Policy
    4. Community Privacy Policy
  4. Accountability Policies
    1. Global Accountability Policy
    2. Community Accountability Policy

1. Introduction

One of the most important goals of XDI infrastructure is to enable users to share data with strong [WWW]security, [WWW]privacy, and [WWW]accountability protections. The policies in this section establish the overarching data protection requirements which must be observed both by other GSS policies and by XDI.ORG Agents.

These policies provide a base set of data protection practices that are required of all XDI.ORG Agents (which include Global Service Providers and Registrars – see GssDefinitions.) These XDI.ORG Global Policies can then be inherited and extended by these Agents to declare their own more specific local practices, called Community Policies, which may not be in conflict with these Global Policies.

2. Security Policies

2.1. Global Security Policy

XDI.ORG and its Agents MUST use commercially reasonable efforts to protect the security of all XDI Data under their authority. Such security protection must at a minimum cover industry-standard authentication, authorization, and access control, and must further support all privacy and accountability controls that apply to the data.

Due the wide diversity and constantly evolving nature of computer security mechanisms and practices, XDI.ORG does not specify a precise set of security mechanisms and practices. Instead XDI.ORG and all Agents SHOULD adhere to the [WWW]ISO 17799 international standard for Information Security Management Systems (ISMS). It is further recommended that all XDI.ORG Agents SHOULD become ISO 17799 certified by a recognized certification authority.

2.2. Community Security Policy

All XDI.ORG Agents MUST publish their own Community Security Policy governing the XDI data transacted with them. At a minimum the Community Security Policy MUST agree to inherit the XDI.ORG Global Security Policy. Any additional terms and conditions of the Community Security Policy MUST NOT conflict with the XDI.ORG Global Security Policy.

The Community Security Policy for any XDI.ORG Agent MUST be available at the standard XDI address "{XDI.ORG-Agent-XRI}/(+security.policy)". Examples: 

        xri://@GSP-A/(+security.policy)
        xri://@GSP-B/(+security.policy)
        xri://@Example.Registrar.A/(+security.policy)
        xri://@Example.Registrar.B/(+security.policy)
        xri://!!1000/(+security.policy)
        xri://!!FFFF/(+security.policy)

2.3. GRS Authentication Policy

In the V1 GSS, a Registrar MUST authenticate GRS transactions on behalf of a Registrant by providing an Authentication Credential (also called a Shared Secret). This credential MUST meet the following minimum strength requirements:

Registrars MAY impose their own higher-strength requirements.

Registrants MAY also choose Public Trustee Service or another Trustee Service as an alternate means of safekeeping their GRS Authentication Credential(s). Registrants who enroll in Public Trustee Service MAY authenticate by meeting the requirements of the Public Trustee Service Authentication Policy as specified in GssPolicies/PublicTrusteePolicies and GssOpSpecs. If a Registrant meets these requirements, Public Trustee Service MUST share the Registrant's GRS Authentication Credential(s) either directly with the Registrant or with the Registrar(s) designated by the Registrant.

3. Privacy Policies

3.1. Minimum Information Policy

XDI.ORG, its Global Privacy Policy, and all other GSS policies and specifications MUST observe the privacy principle of always collecting and revealing only the minimum information possible to provide the desired service.

3.2. Opt-In Policy

XDI.ORG, its Global Privacy Policy, and all other GSS policies and specifications MUST observe the privacy principle of offering users the choice to opt-in to sharing of data or receiving of communications.

3.3. Global Privacy Policy

[Note to Scott Blackmer, XDI.ORG General Counsel: this section is intended to reuse as much content as possible from the current XDI.ORG privacy policy at [WWW]http://www.xdi.org/docref/legal/xdi-org-privacy-policy.html. The only change should be to repackage it into that which is "global", i.e., applies to XDI.ORG and all of its Agents, and that which is "local", meaning applies only to XDI.ORG.]

3.4. Community Privacy Policy

All XDI.ORG Agents MUST publish their own Community Privacy Policy governing the XDI data transacted with them. At a minimum the Community Privacy Policy MUST agree to inherit the XDI.ORG Global Privacy Policy. Any additional terms and conditions of the Community Privacy Policy MUST NOT conflict with the XDI.ORG Global Privacy Policy.

The Community Privacy Policy for any XDI.ORG Agent MUST be available at the standard XDI address "{XDI.ORG-Agent-XRI}/(+privacy.policy)". Examples: 

        xri://@GSP-A/(+privacy.policy)
        xri://@GSP-B/(+privacy.policy)
        xri://@Example.Registrar.A/(+privacy.policy)
        xri://@Example.Registrar.B/(+privacy.policy)
        xri://!!1000/(+privacy.policy)
        xri://!!FFFF/(+privacy.policy)

4. Accountability Policies

4.1. Global Accountability Policy

XDI.ORG Agents MUST provide: a) a means of identifying the real-world legal entity accountable for enforcement of the Community Policies established and published by that Agent, b) the legal jurisdiction(s) under which enforcement actions may be taken, c) one or more means by which a perceived violation of these policies can be brought for enforcement, and d) one or more means by which the XDI.ORG Agent can be notified of an enforcement action.

4.2. Community Accountability Policy

All XDI.ORG Agents MUST publish their own Community Accountability Policy governing the XDI data transacted with them. At a minimum the Community Accountability Policy MUST agree to inherit the XDI.ORG Global Accountability Policy. Any additional terms and conditions of the Community Accountability Policy MUST NOT conflict with the XDI.ORG Global Accountability Policy.

The Community Accountability Policy for any XDI.ORG Agent MUST be available at the standard XDI address "{XDI.ORG-Agent-XRI}/(+accountability.policy)". Examples: 

        xri://@GSP-A/(+accountability.policy)
        xri://@GSP-B/(+accountability.policy)
        xri://@Example.Registrar.A/(+accountability.policy)
        xri://@Example.Registrar.B/(+accountability.policy)
        xri://!!1000/(+accountability.policy)
        xri://!!FFFF/(+accountability.policy)