Patterns — control

• Active broadcast of presence

  Users may actively choose to automatically provide updates when they want to share presence information, to increase both the relevance of, and control over, their sharing.

• Buddy List

  By default, isolate users to a selection of social connections in a user-defined circle of trust. Allow them to expand this circle or create new ones based on the existing members.

• Decoupling [content] and location information visibility

  Allow users to retroactively configure privacy for location information with respect to the content's contextual privacy requirements.

• Discouraging blanket strategies

  Give users the possibility to define a privacy level from a range of options each time they share content.

• Enable/Disable Functions

  Allow users to decide granularly what functions they consent to before the function is used.

• Encryption with user-managed keys

  Use encryption in such a way that the service provider cannot decrypt the user's information because the user manages the keys.

• Incentivized Participation

  Users are more willing to contribute valuable input when they can do so without leaking personal data, or perceive an equal or greater exchange in value either monetarily or socially.

• Informed Consent for Web-based Transactions

  This pattern describes how controllers can inform users whenever they intend to collect or otherwise use a user's personal data.

• Lawful Consent

  A crucial element in privacy protection is ensuring that all sensitive processing is preceded by the acquisition of freely given, informed, specific, and explicit consent.

• Masquerade

  Let users filter out some or all personal information they would otherwise provide to a service.

• Negotiation of Privacy Policy

  Over time, build user preferences from a privacy-preserving default semi-automatically, through opt-in/opt-out, semantics, and informed solicitations.

• Obtaining Explicit Consent

  Controllers require consent to be given willingly and specifically when in any way processing the personal data of their users.

• Outsourcing [with consent]

  “The controller has to obtain additional specific, informed, explicit, and freely given consent before outsourcing data processing to a third party.“

• Pay Back

  Give users some benefits in exchange for providing information or content.

• Personal Data Store

  Subjects keep control on their personal data that are stored on a personal device.

• Private link

  Enable sharing and re-sharing without wide public visibility or cumbersome authenticated access control.

• Reasonable Level of Control

  Let users share selectively (push) and make available (pull) specific information to predefined groups or individuals.

• Reciprocity

  Let users benefit according to the contributions they make.

• Selective access control

  Allow users to specify who may access the content they generate, both during and after submission.

• Sign an Agreement to Solve Lack of Trust on the Use of Private Data Context

  Services of a controller may require users to sign contracts that stipulate their obligations and processing purposes for which users must consent to use the service. This ensures that users can trust the controller as it is bound to the contract it signs.

• Single Point of Contact

  The Single Point of Contact is a security authority who protects the privacy and security of sensitive data stored online by validating the authority of requests and ensuring secure communication channels.

• [Support] Selective Disclosure

  Many services (or products) require the collection of a fixed, often large, amount of personal data before users can use them. Many users, instead, want to freely choose what information they share. This pattern recommends that services Support Selective Disclosure, tailoring functionality to work with the level of data the user feels comfortable sharing.