Hannes Tschofenig

Personal blog about various IETF and Internet related activities

 
Feb
18
2016

FIDO & Privacy


FIDO Privacy Whitepaper

 

In time for the data privacy day the FIDO Privacy & Public Policy working group released their FIDO Privacy whitepaper. This new whitepaper is targeted at regulators, data protection authorities, and “policy makers”. Of course, everyone with interest in privacy is also welcome to take a look at it. Due to the primary audience it includes a high-level summary of the FIDO protocols and the value proposition of the FIDO technology.

In the main part of the whitepaper we compare the European privacy principles (as outlined in Directive 95/46/EC) with the functionality provided by FIDO. The FIDO privacy principles on which the FIDO specifications are built are relevant to this description. To avoid a European-bias we also compare the Identity Ecosystem Steering Group (IDESG) privacy requirements with the FIDO privacy principles.

The description should help to gain a better understanding of how FIDO meets current regulatory mandates.

In case you want to read more, take a look at the blog post with the title ‘There is No Privacy Without Security‘ and at the whitepaper itself. Let me or us know if you have some questions.

Leave a Reply