Patterns — control

• Encryption with user-managed keys

  Use encryption in such a way that the service provider cannot decrypt the user's information because the user manages the keys.

• Discouraging blanket strategies

  Give users the possibility to define a privacy level from a range of options each time they share content.

• Reciprocity

  Let users benefit according to the contributions they make.

• Incentivized Participation

  Users are more willing to contribute valuable input when they can do so without leaking personal data, or perceive an equal or greater exchange in value either monetarily or socially.

• Outsourcing [with consent]

  “The controller has to obtain additional specific, informed, explicit, and freely given consent before outsourcing data processing to a third party.“

• Personal Data Store

  Subjects keep control on their personal data that are stored on a personal device.

• Sign an Agreement to Solve Lack of Trust on the Use of Private Data Context

  Services of a controller may require users to sign contracts that stipulate their obligations and processing purposes for which users must consent to use the service. This ensures that users can trust the controller as it is bound to the contract it signs.

• Single Point of Contact

  The Single Point of Contact is a security authority who protects the privacy and security of sensitive data stored online by validating the authority of requests and ensuring secure communication channels.

• Enable/Disable Functions

  Allow users to decide granularly what functions they consent to before the function is used.

• Obtaining Explicit Consent

  Controllers require consent to be given willingly and specifically when in any way processing the personal data of their users.

• Decoupling [content] and location information visibility

  Allow users to retroactively configure privacy for location information with respect to the content's contextual privacy requirements.

• Selective access control

  Allow users to specify who may access the content they generate, both during and after submission.

• Pay Back

  Give users some benefits in exchange for providing information or content.

• Negotiation of Privacy Policy

  Over time, build user preferences from a privacy-preserving default semi-automatically, through opt-in/opt-out, semantics, and informed solicitations.

• Reasonable Level of Control

  Let users share selectively (push) and make available (pull) specific information to predefined groups or individuals.

• Masquerade

  Let users filter out some or all personal information they would otherwise provide to a service.

• Buddy List

  By default, isolate users to a selection of social connections in a user-defined circle of trust. Allow them to expand this circle or create new ones based on the existing members.

• Lawful Consent

  A crucial element in privacy protection is ensuring that all sensitive processing is preceded by the acquisition of freely given, informed, specific, and explicit consent.

• Informed Consent for Web-based Transactions

  This pattern describes how controllers can inform users whenever they intend to collect or otherwise use a user's personal data.

• [Support] Selective Disclosure

  Many services (or products) require the collection of a fixed, often large, amount of personal data before users can use them. Many users, instead, want to freely choose what information they share. This pattern recommends that services Support Selective Disclosure, tailoring functionality to work with the level of data the user feels comfortable sharing.

• Private link

  Enable sharing and re-sharing without wide public visibility or cumbersome authenticated access control.

• Active broadcast of presence

  Users may actively choose to automatically provide updates when they want to share presence information, to increase both the relevance of, and control over, their sharing.