《ISO IEC TS 27560-2023.docx》由会员分享,可在线阅读,更多相关《ISO IEC TS 27560-2023.docx(13页珍藏版)》请在三一办公上搜索。
1、TECHNICA1.SPECIFICATIONISO/IECTS27560editionFirst2023-08Privacytechno1.ogiesConsentrecordinformationstructureTechno1.ogiespourIaprotectiondeIavieprve-StructuredeVinformationd1.enregistrementduConsentementCOPYRIGHTPROTECTEDDOCUMENTISO/1EC2023IUirhM*hedbdi1.iUedotherwiseupdhi.o啪InPSd1.Mc;GeatrOn1.fifi
2、U81.andonnet8CH-1214Vernier,GenevaPhone:M1.22749O1.11觥ftte:丽丽BQrgPub1.ishedinSwitzer1.andISO/IEC2023-A1.1.rightsreservedPrivacytechno1.ogiesConsentrecordinformationstructure1ScopeThisdocumentspecifiesaninteroperab1.e,openandextensib1.einformationstructureforrecordingP1.1.0ropaifconsentrecW11ocOTntTh
3、isrecor(isahuicrt1.rkraFMdpdPiIrec0fwndi11mn3nntaimingtosupportthe:provisionofarecordoftheconsenttotheP1.1.principa1.;exchangeOfconsentInfonnationbetweeninformationsystems;2 -NOWhHVfe,Jftherecordedconsent丁麻翻Ift内9riMr)jkaftw1.ybbroR三rirrne(1.bout1.)guouttauathQrncahv1.6tthdjRtHtit11)fHI,principa1.agr
4、eementtothisprocessing.Note2totransfer,entry:ProcessingofP1.1.referstooperationssuchasitsco1.1.ection,use,disc1.osure,storage,erasure,orSOURCE:ISO/iEC29100:2011,2.4,modified-Notes1and2toentryhavebeenadded)B.2.4ConsentnotgivenorrefusedBasedonthenoticeandrequest,theP1.1.principa1.maychoosetonotindicat
5、eacceptanceorrefuseto0rT%ha)nt.consent.Inthiscase,thePIIcontro1.1.ermaychoosetocreateaconsentrecordfordocumentingAtypica1.Eventfie1.dref1.ectinganotgivenofrefusedconsentstatewou1.dcontain:e0tff119yesBfishedwKW)consentw4trefuf,iIttrijtheP1.1.principa1.,orthetimeatwhichtheP1.1. entity.id:identifieroft
6、heentitythatrefusedconsente.g.PIIprincipa1.orthePIIcontro1.1.erestab1.ishingconsentwasnotgiven; type:thetypeofconsentrequestede.g,exp1.icit*orregu1.ar;R1.2.5state:C册照M3伐献/回OkedPOinte.g.notgivenorrefused*.3秘带虎曲ftg栩若身的H1.ftfftJwreco1.revious1.ygivenconsent.Inthiscase,thePIIcontro1.1.erAtypica1.Eventfi
7、e1.dref1.ectingwithdrawa1.orrevocationofconsentwou1.dcontain: event_time:1.imeatwhichconsentwaswithdrawnbytheP1.1.principa1.; entityjd:identifierOftheentitythatwithdreworrevokedconsente.g.P1.1.principa1.ortheirrepresentativeorde1.egate(e.g.parent);tjnchitekbG*atuu11ctortyht0cocds6ingdbciTOtfngthisev
8、entAreaffirmedconsentsha1.1.sti1.1.fu1.fi1.therequirementsforgivenconsent,andthereforecanbeconsideredassuch.ThatisJtcanbeindicatedasconsentbeinggiven(again)forthesameP1.1.processing.Underthesecircumstances,thePIicontro1.1.ermaychoosetoterminatetheear1.ierconsentanduti1.izethisasanewconsentinstanceor
9、updatetheear1.ierconsentrecordtomaintaincontinuation.TheP1.1.FW1.WftWWYna1.som能丽的HIar的限in磁的依佩9ttMrhttenthnBdeq,iet1.1.ijra(niuoJrds)tIieiitfidhrepewdha!danntttwdsipandaj!am,approximate1.y11recordspersecond.Eachnewrecordpotentia1.1.ysha1.1.be1.inkedtoexistingrecordsfortheSameuser,system,purposeorapp1
10、.icationconsentpoint.Thisintroducesthepossibi1.ityofracestructures.fi5%tRti0nsFi甘&管aineM取即!情tingtheunder1.yingdataf三阳WbI愀阳徐橱四眼峪based*裕f册北岸nga喇酬油ti蹄ec曲则1三1.两R阳旭iH林施andMsystemcapacityandthroughputsha1.1.bep1.annedaccording1.y.Cross-1.inkingoffine-grainedconsentsisthenusedinordertocreatemeaningfu1.cons
11、entreceiptsandtheneedtosupportthisistakeninto联杰tR曲曲me的蹄雄睢。nnctwrhwkmgifisUwnHikUtt1.parateym11由卬IeCONaOerfetgrdhWircanbetemporari1.yinconsistent.C.2.5DesigningForconsistentconsentexperiencesTakentogether,theconsentsystemimp1.ementationcha1.1.engesrequireverycarefu1.consideration.11s11ent4htesfwsmdap
12、pfe3aj11Dhersdowh1.eWHibnrHxptbedurtakeintoaccountspecia1.casehand1.ingofcritica1.consentswhentheyarerevokedorwithhe1.d.C.2.6Acceptab1.epropagation-timede1.ay1.imitsForanyconsentrecordhand1.ingsystem,whetheritincorporatesin-1.ineconsent-checkingfunctiona1.itywhiprue8tedb3kRdsystenpfp1511iiCde1.aysWh
13、h5111mHtjConwter,ob(tsexamp1.e!Consentreceiptsgenerated-Themaximumpropagationtime,betweenusersgivingorrevokingconsentandthenewconsentstatusbeingCXPeCtaUOnS.usedbya1.1.app1.ications,sha1.1.beaddressedonacasc-by-casebasis,tosatisfyuserIftherearemandatedpropagationde1.ay1.imits,orimp1.icitsocieta1.expe
14、ctations,itisadvisab1.eto冰幽域9拼I用inth麻柚ftV腌喉SignreIated*ia1.orregu1.atoryrequirementsareC.2.7F1.exibi1.ityandevo1.vabi1.ityFororganizationswithmanyapp1.ications,considerationsha1.1.begiventothe1.ike1.yrateofchangeinorqujBttroocf1.asupMniuAIIyeXaIDIpkpmk&ighnewc1.fiMek)na1.ityendtonau)11sHe-acqrettdRn
15、MifcrtiPXent,exp1.icit1.y1.inkedtoothersuchrecords.A1.ternative1.y,theconcreterepresentationoftheconsentrecordTab1.eG.3(continued)Additiona1.guidancespecifiedinISO/IEC27701:2019App1.icabi1.itytothisdocument(iSO/IEC27S60)ajkh)f11ui5n5sottns2fd11enP1.HiPIIE1.qHbatfrtbdna0)ictarttpr(1.ytae(6h(AerPIIn供匕
16、(的,皿叫砍打恂冲倒用力口小刖rrd“如小M啰N电7.3.3PrOVidinginformationtoP1.1.principa1.srIi)HnjedjiaktonMiiabr11jF1!j(icp也祝rt中川IkOftheirPI1.ti!st1111ff1.tr0(htajd11ffitraccdsstn1.dhtprocessbe(tq(kdMPMeMHq”改n)rdB5kubMNthhua市“拣r11edu所c(ts1.加M1.7.3.5 PrOVidingmechanismtoobjecttoPHprocessingPriKKih:oHCtiImiCw必作岫小的,CaxnSj期m
17、tdMiJrdtbfirRIftr用7.3.6 Access,correctionand/orerasureTheorganizationshou1.dimp1.ementpo1.icies,proce-K砰仙“加以grm的触MI如蚓rcr与r电阴nedmsnMMrH1.f“H1.2时玲弁叫QCa*r*xa障MEI*M:叫DqMiRbtheP1.1.thatconsistentwithanyexistingConsentReceiptoricRcu.p11ncpa.isPrOCCSSeawncnrcqucsteDytncrTab1.eG.3(continued)Additiona1.guida
18、ncespecifiedinISO/IEC27701:2019App1.icabi1.itytothisdocument(ISO/IEC27560)decisionprocessing.Ij1.Bnv11hccrg疝2611fahrshB11由EkIm力IIJAeMkQMrj1.risdWhiCh752CountriesPIIcanbca11dtransfetcdintc11ationa1.or11izatiostoTheorganizationshou1.dspecifyanddocumentthe7.5.4RecordsofP1.1.disc1.osuretothirdpartiesThe
19、organizationshou1.drecorddisc1.osuresofP1.1.tooccurred.ifatransfcrofP1.1.tooneormorethirdpartieshasw11nwrem11amsWnan1.naSneenascosea,to48Tab1.eG.4Additiona1.guidanceregardingISO/IEC27002forPI!ProcessorsAdditiona1.guidancespecifiedinISO/IEC27701:2019App1.icabi1.itytothisdocument(ISO/IEC27560)aoftttsv
20、ititrr11htt0jj11Sf1.iedfdtoi!ffiiitiepiiuxiitsob1.igations.principa!s-themeanstocomp1.ywithitsob1.igationsre1.atedtoedhy1.egs1.aton.toP1.1.pria1.siyregu1.ationadorbycontract.(urBd1.ct1.onswtIDsuctanAran狂thecuscomershou1.dhwthe4tywhf8.52CountriesPIIanbndtransrrcdintemx1.ona1.ormutonsto血检f1.U堂XmXdEK改妞
21、加E1.8.5.3RecordsofP1.1.disc1.osuretothirdpartiesTheorganizationshou1.drecorddisc1.osuresofP1.1.toUUrUnPIrWIhvnic1.udingwhatE1.1.hastxx11disc1.osed,toAnnexH(informative)MappingtoISO/IEC29184EftEGIC4vdesaninformativemappingbetweenthec1.ausesofthisdocumentandthosefromTab1.eH.1.C1.ausemappingtoISO/IEC29
22、184Subc1.auscinthisdocumentSubc1.auscinISO/IEC29184:20203.1consent5.2.4 Mu1.1.i-Hngua1.notice5.2.5 Appropriatetiming5.2.6 Appropriate1.ocations6.3.4.13retention.peridS.3.11Retentionperiod6.3.4.14p11cessing-1.ocations539Geo-IocationCand1.ega1.jurisdictionover,storedP1.1.SOTab1.eH,1.(continued)Subc1.a
23、uscinthisdocumentSubc1.auscinISO/IEC29184:20206.3.4.15geographic.restrictions5.3.9Geo-Iocationof,and1.ega1.jurisdictionover,storedPi1.RHnexprihBpa1.s4Hr1111nranstn1网(4I567P1.101112(13(141151116(17(18Bib1.iographymovementofsuchdata,andrepea1.ingDirective95/46/EC(Genera1.DataProtectionRegu1.ation)http
24、s:/data.europa.eu/e1.i/reg/2016/679/ojISO639-1:2002,CodesfortherepresentationofnamesOf1.anguagesPartI:A1.pha-2codeR*8601-1:2019,DateandtimeRepresentationsforinformationinterchangePart1:Basic?F06F5z2O19,DateandtimeRepresentationsforinformationinterchangePart2:CodesfortherepresentationofnamesOfcounthe
25、sandtheirsubdivisionsPart抬W枚”(WqM密训限册而梆砌附切仔加ecM(yMdp小0cypm优加-InformationytCcPP1(Pi?2,022fInformationsecurity,cybersecurityandprivacyprotectionInformation枚V三!加1.例9;蜒即用限CM郴曲山嗷的即也盼联:27001andISO/IEC27002forActontheProtectionofPersona1.Information,(ActNo.57of2003)(thewAPP),JapanNoRepubIicActr10173,(the44
26、DataPrivacyct*).Repub1.icofthePhi1.ippinesIc3PUKCTVh1.;2Q18rabuhecommunityoftheKantaraInitiativeInchttps:/kantarainitiative.org/down1.oad/7902/W3CDataPrivacyVocabu1.ary(DPV)rDraftCommunityGroupRePorthttfH.w3iddpvG1.oba1.PrivacyContro1.https:/g1.oba1.privacycontro1.org/Ca1.iforniaConsumerPrivacyActof
27、,2018(CCPA)PaISO19160-4tAddressing-Part4:Internationa1.posta1.addresscomponentsandtemp1.ate1.anguageP.Resnick,EdJInternetMessageForma匕RFC5322,October2008和U。CE耳,网阖辞命J毒阳Hff阴幽的冰可A切栩醛,&用阶dW闻诧?岫切昭MAft,晶W府辆,麻te1.ephoneserviceKyM喻咿泗皿吗啡时眇曲MirC幽业饮的住i8H抬出咖ee7001QndISOIEC27002forIJWithdrawn.2Underpreparation.Stageatthetimeofpub1.icationISO/IECDIS27701:2023.ISO/IEC2023-A1.1.rightsreserved
