Machine-readable policies are sticked to data to define allowed usage and obligations as it travels across multiple parties, enabling users to improve control over their personal information.
Multiple parties are aware of and act according to a certain policy when privacy-sensitive data is passed along the multiple successive parties storing, processing and sharing that data.
Data may be accessed or handled by multiple parties that share data with an organisation in ways that may not be approved by the data subject.
Service providers use an obligation management system. Obligation management handles information lifecycle management based on individual preferences and organisational policies. The obligation management system manipulates data over time, ensuring data minimization, deletion and notifications to data subjects.
The goal of the pattern is to enable users to allow users to control access to their personal information.
Beneﬁts: Policies can be propagated throughout the cloud to trusted organisations, strong enforcement of the policies, traceability. Liabilities: Scalability: policies increase size of data. Practicality may not be compatible with existing systems. It may be difficult to update the policy after sharing of the data and existence of multiple copies of data. It requires ensuring data is handled according to policy e.g. using auditing.
When data is shared by an organisation they can use privacy preserving policy to enforce respecting user privacy by third party organisations that use, process and store such data. For example, a hospital may share data with third party organisations requiring adhering to specific privacy policies associated with the data.