برای مطالعه بیشتر:
برای مطالعه بیشتر:
2 نوشته به مبحث موجود منتقل شد: قوانین و سیاستهای مرتبط با داده در ایران
فهرست اولیهای در اینجا گردآوری شده:
️نکته: برخی از لینکها البته قدیمی شده و دیگه کار نمیکنه، ولی خب متوجه میشیم که چیزی بوده و میشه با جستجو راحت پیداش کرد
فهرست دیگری مربوط به ایالتهای آمریکا:
️نکته: ویژگی این فهرست این است که از منظر مؤلفههای ذیل هر سیاست هم اینجا تحلیل وجود دارد
در خبرنامه جدید بنیاد سانلایت هم پیشنویس سیاستهای دو شهر برای بررسی و دریافت بازخورد عمومی به اشتراک گذاشته شده است:
اولی شهر Baton Rouge:
دومی شهر کلرادو ایالت دنور:
موارد دیگری در پاسخ به این سوال، که البته کمارتباطتر هستند:
- گفتگویی پیرامون تفاوت Policy و Law
- راهنمای سیاست داده باز (Open Data Policy Gudelines) از Sunlight که مباحث خوبی را مطرح کرده است:
- سایت Project Open Data هم مباحث و بعضا مثالهای خوبی را مطرح کرده است:
در پایگاه زیر هم مطالب مناسبی یافت میشود:
معرفی و توضیح هم در مطلب زیر آمده است:
National Science Foundation Open Government Page:
tactical-data-engagement.pdf (2.1 مگابایت)
قانون حفاظت از دادههای خصوصی در چین:
اگر نیاز به توضیح انگلیسی داشتید:
Privacy by design
We want to use privacy principles to make sure that data privacy is an integral part of the design process. This is commonly referred to as a “privacy by design” approach and essentially means that we are thinking about data privacy problems and solutions from the earliest stages of the design process. We are also examining and addressing various ethical considerations throughout the process using the Data Ethics Framework. This enables us to build privacy-friendly features in the most efficient way.
Our guiding privacy principles
UK law provides a baseline of things we must do and must not do, and we go into more detail below on that, but we’ve also been looking beyond our legal obligations. We’ve been thinking about how we want the GOV.UK Account to operate from an ethical point of view - doing the right thing for individuals. So at an early stage, we developed a set of data privacy principles which we use to guide and inform the design of a GOV.UK account.
1. Put users first
When developing the GOV.UK Account, we make sure that the data privacy expectations of our users are front and centre. So when we design the product’s features we consider the potential privacy impact they could cause for our users. We then identify the steps we need to take to minimise that impact.
2. Give users control over how their data is processed
This is key to a privacy-friendly approach and to enabling us to cater for the full spectrum of user needs and preferences - from those users that want to share as little information as possible to those that want to share more to get that personalised experience. We give users the choice of saving information to their account, to opt in or out of cookies and email notifications, and we also enable users to access, update and delete their data.
3. Keep users informed
We aim to be as transparent as possible about how a GOV.UK account uses personal data. That’s why we’re writing blog posts on our work and why at the start of the sign-up process we have included a clear summary on the use of personal data. This page provides an overview of the key points we think users should know but also links to the full GOV.UK accounts privacy notice should users want to know more.
4. Limit what data is used
We only collect and process personal data where there is a genuine need and a clear purpose, and when we do, we strive to use as little personal data as possible. We carefully consider what data is actually needed for a GOV.UK account to function, which then determines what data we ask our users for. For example, for the trial account we’re running on the Brexit Transition Checker, we only need an email address, which becomes your username, and a telephone number for additional security, so that’s all we asked for.
We use reports based on a version of GOV.UK accounts data which has had all personal identifiers removed to help us improve the account. These reports do not directly identify any GOV.UK account holders, but instead can show trends in use such as how many account users are students.
5. Keep information secure
We take security seriously and any information a user submits is securely held. We have put in place security measures that defend against the kinds of threats that GOV.UK accounts could face. For example, all data is encrypted between us and a user’s web browser using HTTPS, a secondary security code is required to log into an account, and accounts lock out after a set number of failed login attempts. Access to user data is strictly restricted to the service team, when there is a clear business need. There are rigorous data security controls in place where this need arises. These measures will be continuously re-assessed as the GOV.UK account develops.
6. Seek oversight and consultation
We ensure that the development of the GOV.UK Account is subject to internal oversight and governance. For example, we engage accountable risk owners and the Cabinet Office Data Protection Officer (DPO) via our Data Protection Impact Assessment (DPIA) processes. We also value external views of the work we’re doing and we speak to users through our user research work and to organisations like the National Cybersecurity Centre and the Privacy and Consumer Advisory Group.