REFEDS - Privacy and Data Protection
Work Item Leader: Andrew Cormack, JANET(UK)
Description of work
This work item aims to develop suggested good practice for identity
federation operators and participants to use federated technologies to
reduce the transfer of personal data while supporting accurate access
management decisions.
This will be informed by European law on personal
data, in particular Directive 95/46/EC and the Opinions of the Article
29 Working Party.
Documents
The list below contains the documents that have been produced by the REFEDS group.
Please note that the December 2008 documents 'Pseudonymous Identifiers', 'Good Practice for Federated Access Management' and 'Federations and Data Protection' are no longer valid and have been removed. The information they contained has been included in the new version of 'Federated Access Management' below.
- Federated Access Management [Nov 2011]
The document provides an overview and recommendations on how to implement Federated Access Management Systems in order to reduce the amount of personally identifiable data that is exchanged, in accordance with the Directive 95/46/EC.
Please note that the version issued in Nov 2008 is no longer valid.