The right to privacy is a fundamental right in many contexts. Privacy protection or preservation can be ensured in an application by adopting a privacy friendly design stance.
Privacy takes many forms. From an identity system perspective, the confidentiality of identity information and anonymity when using the identity offers privacy.
MOSIP views the identity system as a custodian of the individual's data. This data has to be protected in order to protect the individual from privacy and security risks. Privacy protection measures include data protection, transparency, user control, confidentiality, selective disclosure, user anonymity and intrusion protection.
MOSIP addresses privacy design at four levels.
Functional privacy
Selective disclosure
Anonymization
Need to know
Encryption
Tokenization
Security
Trusted applications
Access control
User centricity
User control
Consent
Usability
Inclusion
Transparency
Openness
Verifiability
Governance
These design principles have resulted in features as well as development practices in MOSIP that enhance privacy protection. A typical example for a practice is how PII (Personally Identifiable Information) is dealt with when creating application or audit logs. An example of a feature is how our Datashare policies allow selective sharing of information.