Privacy-Aware Network Client
Support minimization of data collection and distribution. Important when a service is collecting location data from or about a user, or transmitting location data about a user to a third-party.
use of dummies
This pattern hides the actions taken by a user by adding fake actions that are indistinguishable from real.
Data Breach Notification Pattern
This pattern assures that a certain minimum data breach notification delay is not exceeded.
Anonymous Reputation-based Blacklisting
Get rid of troublemakers without even knowing who they are.
An informational privacy dashboard can provide collected summaries of the collected or processed personal data for a particular user.
Layered Policy Design
Split privacy policies into nested, successively refined versions. Leave the legalese to the lawyers.
Handling unusual account activities with multiple factors
Use additional factors to notify users of unusual activities and authenticate when accounts may have been compromised.
Identity Federation Do Not Track Pattern
All information has been extracted from http://blog.beejones.net/the-identity-federation-do-not-track-pattern The Do Not Track Pattern makes sure that neither the Identity Provider nor the Identity Broker can learn the relationship between the user and the Service Providers the user us.
How can a service effectively provide notice to a user who gave permission once but whose information is accessed repeatedly (perhaps even continuously) over a long period of time? Proactively notify the user after the time of consent that information is being tracked, stored or re-distributed.
Trustworthy Privacy Plug-in
Aggregate usage records at the user side in a trustworthy manner.
This pattern provides unlinkability between senders and receivers by encapsulating the data in different layers of encryption, limiting the knowledge of each node along the delivery path.
Machine-readable policies are sticked to data to define allowed usage and obligations as it travels across multiple parties, enabling users to improve control over their personal information.
Hide the identity by using a pseudonym and ensure a pseudonymous identity that can not be linked with a real identity during online interactions.
A messaging service is enhanced by using a trusted third party to exchange the identifiers of the communication partners by pseudonyms.
Encryption with user-managed keys
Use encryption in such a way that the service provider cannot decrypt the user's information because the user manages the keys.
Protection against Tracking
This pattern avoids the tracking of visitors of websites via cookies. It does this by deleting them at regular intervals or by disabling cookies completely.
User data confinement pattern
Avoid the central collection of personal data by shifting some amount of the processing of personal data to the user-trusted environments (e.g. their own devices). Allow users to control the exact data that shares with service providers
Policy Matching Display
Give one careful thought to your privacy needs, then be always able to swiftly apply what you decided.
Attribute Based Credentials
Attribute Based Credentials (ABC) are a form of authentication mechanism that allows to flexibly and selectively authenticate different attributes about an entity without revealing additional information about the entity (zero-knowledge property).
This pattern aggregates multiple entities into a set, such that they cannot be distinguished anymore.
Privacy Color Coding
In a social networking site a user gets direct visual cues which privacy settings apply on which shared elements.
Added-noise measurement obfuscation
Add some noise to service operation measurements, but make it cancel itself in the long-term
Federated Privacy Impact Assessment
The impact of personal information in a federation is more than the impact in the federated
Active broadcast of presence
Users may choose actively when they want to share presence information, to increase both the relevance of, and control over, sharing.
Encrypt, aggregate and decrypt at different places.
Personal Data Store
Subjects keep control on their personal data that are stored on a personal device.
Strip Invisible Metadata
Strip potentially sensitive metadata that isn't directly visible to the end user.
Provide an ambient notice (unobtrusive, non-modal) when location is being accessed to increase awareness of ongoing tracking.
The pattern allows obligations relating to data sharing, storing and processing to be transferred and managed when the data is shared between multiple parties.