3.1: Privacy and Transaction Security

Improve privacy and transaction security through fair and responsible management of information and solutions.

Other Information:

Implementation of the Identity Ecosystem Framework must provide strong privacy and security protections to individuals in addition to creating clear rules and guidelines concerning the circumstances under which a service provider or relying party may share information and the kinds of information that they may share. These protections support the general obligation to protect users from online threats and assure individuals of the protections to facilitate willing participation in online transactions. Efforts in this area will address inconsistencies in the way that service providers manage information across transactions in the current environment. New privacy protections will shift the current model of application-specific collection of identity information to a distributed, user-centric model that supports an individual’s capability to assert personal attributes without being required to provide all identifying data. Service providers should use, collect, share, and retain information only as required to accomplish the purposes of the transaction. In addition, the Federal Government should work with state governments and the private sector to establish redress mechanisms to adjust inaccurate personal data and provide consumers with a streamlined ability to change incorrect data in one place and have it propagated to the providers of their choice.

Indicator(s):

Indicator:1

Content