In time for the data privacy day the FIDO Privacy & Public Policy working group released their FIDO Privacy whitepaper. This new whitepaper is targeted at regulators, data protection authorities, and “policy makers”. Of course, everyone with interest in privacy is also welcome to take a look at it. Due to the primary audience it includes a high-level summary of the FIDO protocols and the value proposition of the FIDO technology.
In the main part of the whitepaper we compare the European privacy principles (as outlined in Directive 95/46/EC) with the functionality provided by FIDO. The FIDO privacy principles on which the FIDO specifications are built are relevant to this description. To avoid a European-bias we also compare the Identity Ecosystem Steering Group (IDESG) privacy requirements with the FIDO privacy principles.
The description should help to gain a better understanding of how FIDO meets current regulatory mandates.