| ID | 8.1.1 |
| Title | Restricted and parametrizable access to user profile/ data |
| Expert | Luca Galli (NEOS) Juan Lara (TELEFONICA) |
| Priority | mandatory |
| Description | User must be able to define a policy of access to his/her profile with respect to any other third party that might require to access it. A default policy setting must be available. |
| Rationale | Users feel almost as physical damage the intrusion in their profile, which may contain their preferences, observed behaviour as well as many other personal data. This holds specially in case of medical type of data. |
| Type | functional |
| Depends on | 1.5.1 - Legal requirements Privacy - Permission to process private data by law or by declaring consent 1.5.2 - Legal requirements Privacy - Sensitive data 1.5.3 - Legal requirements Privacy - Key Principles of Data Processing 1.5.4 - Legal requirements Privacy - Rights of the Data Subject and Obligantions to the Data Controller 1.5.5 - Legal requirements Privacy - Transferring data to third countries 8.1.5 - No user location tracking w/o user's explicit consent |
| Child dependencies | 1.4.3 - Portability of user profile 3.1.3 - User rules 6.3.1 - User privacy management 7.3.1 - User Policies and Provider Policies 8.1.5 - No user location tracking w/o user's explicit consent |
| Environment | Legal status w.r.t to user data manipulation. |
| Other_info | dependency - 8.1.5 since user location or an extract thereof might form part of user's profile. |
| Category | user;technical |
| Subcategory | |
| Subcategory2 | |
| Scenario_scene | unified.scene8 unified.scene11 unified.scene12 |
| SPICE_value | service execution;service creation |
| Demo | |
| Keywords | profile;privacy;access |
| Home |