2016-02-02 The purpose of the BD Privacy Fabric Taxonomy is twofold: to serve as a taxonomic crosswalk to other standards and guidelines for privacy, and (2) to identify terms used for security that are candidates for redefinition/refinement that were originally only for security, but can/should be adapted for privacy. E.g., Chief Security Officer -> Chief Privacy Officer (n.b., a role, not necessarily a position).
The goal is to create a standalone document similar some other NIST documents that serve a quasi-technical purpose for organizations, and to a lesser extent, system architects.
A reason to do it is that satisfactory efforts have not been made by others, whereas on the security side, there is greater effort elsewhere we need not duplicate.
Some ideas to make the document more useful:
- Rank based on potential value, and collapse ideas or term that are essentially identical. Tease out those that are confounding SnP technology and techniques from “policy.”
- Write a 3-6 pp overview that introduces the key concepts and rationale. Highlight concepts central to Big Data scenarios. Comment on usefulness of cited standards for Big Data Privacy Fabric;
- In a written narrative (1-3 pp) and in a general way explain how a BD Privacy Fabric applies to the RA – but not in great detail (that bigger task is part of SnP V2)..