HANCOCK PRIVACY FRAMEWORKInformation Created ByINDIVIDUAL USERSThe Hancock Privacy Pattern provides use-case frameworks to ethical data governance, standards and accreditations for data models that protect privacy, comply with laws, and improve our ability to make choices. The internet we use today was not designed to be secure or private. The internet’s architecture was created to keep 2-way communication open without a centralized network, even during disasters. The internet is a design philosophy and architecture expressed in protocols. Protocols are the rules and standards that ensure we can connect, communicate, and participate. Information and content about our location, device, application, and behaviors are transmitted via data packets. The data we create while online is combined with the data created by others such as social networks, schools, banks, and governments. These data are shared (duplicated) and used by many types of organizations. How data is used and by whom have life-long implications.
1. LOCATIONThe location of connection establishes the regulatory requirements and provides context for how data can be used by governments, industries, schools, health providers, financial services and others.o Legal frameworkso Compliance requirementso Enforcement expectationso Social norms and ethical choicesWhere is the individual? What nationality? What device and for what purpose?National, state, and local regulatory requirements. Network capacities and providers, government surveillance, consumer privacy and expectations, student and child privacy, health information, substance use and treatment info, reproductive health, advertising, cybersecurity capacity, and social norms.
2. NETWORKIP addresses provide geographic information establishing likely income, political and religious affiliation, ethnic background, purchasing power, and others.○ Legal requirements for providers and users.○ Security expectations.○ Consumer expectations.○ Security opportunities and weakness.What networks connect to the device selected by the consumer and by others?○ Point-to-point connections allow one device to directly communicate with exactly one other device.○ Broadcast/multicast connections allow a device to send one message out to the network and have copies of that message delivered to multiple recipients.○ Multipoint connections allow one device to directly connect and deliver messages to multiple devices in parallel.Fixed broadband, Wi-Fi hotspot, fixed wireless broadband, cellular, satellite internet, Virtual Private Network (VPN), Intranet, Local Area Network (LAN), Bluetooth, peer-to-peer, Serial port, USB, Infrared, clouds service, servers, and cloud services.
3. DEVICEIP address, unique device identifiers, digital fingerprints, and other device features provide information enriching users personal habits, identity, interests, and social networks.Personal information entered, collected, stored, processed, or shared via a device.o Requirements for device manufacturers and users.o Consumer expectations.o Security opportunities and weakness.o Default settings and consumer choices. Computers, mobile devices, motion sensors,automobiles, tablets, watches, smart home devices, cameras, locks, printers, modems, servers, HVAC, fences, blinds, Robots, payment devices and chips, SIM cards, USB drives, hard drives, RAM, Ports, personal health devices,What are the open ports, processes, and services? What information is stored, gathered, accessed, used, or shared via the device, network, or other connection?○ Unique Identifier○ Digital fingerprinting○ Facial ID○ Bio-metric such as fingerprints, eye scan, voice, walking metrics including distance and gate○ Passwords○ Geo-location capability○ Photos on the device with the location of photos identified○ IoT devices○ Smart home devices – locks, HVAC, fences, doors, windows, blinds○ Payment and financial info○ Firmware
4. APPLICATIONPreferred operating systems, personal preferences for entertainment, financial services, business applications, music styles, and preferences.Application software, platforms, operating systems○ Requirements for device manufacturers and users.○ Consumer expectations.○ Security opportunities and weakness.○ Default settings and consumer choices.What applications use open ports, processes, and services? What information is shared with the app platform and developers? What apps find, use, create, gather or share information via the devices? What are the default settings and what are consumer choices?○ Firmware○ Voice search○ Unique Identifier - behaviour○ Eye tracking○ Search algorithms○ Browsers ○ SEO○ Digital fingerprinting○ Backlinks○ Cross-device tracking ○ Machine learning and AI○ Cookies○ Web Beacons ○ Identity software and authentication○ GPS○ Bluetooth○ Smart home devices, services and platforms○ Real-time Ad dispatch software○ XAPI○ Dynamic Creative Optimization○ Learning management software○ Advertising technology platforms○ Identity software including two-step authorization○ Pixel○ Audience Segmentation○ Server, modem, router, software and switch○ Targeted Ads○ Facial recognition
5. HUMAN BEHAVIOROur behaviors create profiles of locations, friends, and family.Information includes strong emotional connections andfears, our closest friends and human networks. What we search for. The people that matter the most to us. Our human networks, reading speed, eye patterns, languages, and favorite activities.User’s choices on connected devices, social networks, platforms, activities, human and virtual networksTheir actions, preferences, permissions, keyboards and entry patterns, languages, fonts, privacy settings choices in browser, settings, plugins, software, operating systems.Behaviors, preferences, and interactions with connected devices○ Social networks○ Manage health and medical information and services○ Permissions and settings,○ Entertainment○ Usernames and passwords○ Creative content such as photos, artwork, videos, music, fanfiction, avatars, icons○ Game platforms and applications○ Financial, banking, investments, payments○ Education, attendance, schoolmanagement system, learning management software, flashcards, meal preferences, and purchases○ Maps, directions○ Calendars and schedules○ Smart home device usage, preferences, and habits○ Shopping patterns○ Travel patternsH A N C O C K P R I V A C Y F R A M E W O R K
LEARN HOW TO PROTECT PRIVACY & IMPROVEPERSONALIZATIONEP3 Foundation, a 501(c)3nonprofit, is a multi-sectorcommunity of standardsorganizations, industry leaders,researchers, and governmentagencies committed toprivacy-preserving data sharing.177 Park Avenue, Suite 200San Jose, CA 94113www.EP3Foundation.org info@e3pfoundation.orgOur mission is to improve health, education, and wellness by empowering people with data, privacy, and personalization.We believe that new data paradigms, architecture, and technologies offer actionable data. It is possible forindividuals and communities to find and aggregate,comprehensive data.New privacy networks bridge data silos needed to protectprivacy and ensure compliance while also giving peopledata intelligence to make decisions that improve ourhealth, education, and wellness outcomes.Attribution 4.0 International