Privacy

Overview

The right to privacy is a fundamental right in many contexts. Privacy protection or preservation can be ensured in an application by adopting a privacy friendly design stance.

What is privacy and privacy protection?

Privacy takes many forms. From an identity system perspective, the confidentiality of identity information and anonymity when using the identity offers privacy.

MOSIP views the identity system as a custodian of the individual's data. This data has to be protected in order to protect the individual from privacy and security risks. Privacy protection measures include data protection, transparency, user control, confidentiality, selective disclosure, user anonymity and intrusion protection.

Privacy design elements

MOSIP addresses privacy design at four levels.

  1. Functional privacy

    • Selective disclosure

    • Anonymization

    • Need to know

    • Encryption

    • Tokenization

  2. Security

  3. User centricity

    • User control

    • Consent

    • Usability

    • Inclusion

  4. Transparency

    • Openness

    • Verifiability

    • Governance

These design principles have resulted in features as well as development practices in MOSIP that enhance privacy protection. A typical example for a practice is how PII (Personally Identifiable Information) is dealt with when creating application or audit logs. An example of a feature is how our Datashare policies allow selective sharing of information.

Last updated

Copyright © 2021 MOSIP. This work is licensed under a Creative Commons Attribution (CC-BY-4.0) International License unless otherwise noted.

#300: Mock Services -1st draft

Change request updated