From 077d2a924d59b6321343a4850e87591ef1d11c98 Mon Sep 17 00:00:00 2001 From: Nick Doty Date: Fri, 30 Jun 2023 16:34:15 -0400 Subject: [PATCH] principle for non-user privacy, to be able to access and remove data uploaded by others (#287) * addresses #24 related to #135 add principle to consent section to note that consent does not include non-user, and that functionality must be provided to access or remove data in those cases * Apply suggestions from code review accepting inline suggestions (other changes to be made in a separate commit just for workflow reasons) Co-authored-by: Robin Berjon * re-wording about consent implying consent of non-user formatting --------- Co-authored-by: Robin Berjon --- index.html | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/index.html b/index.html index a4a5c5b8..22a22666 100644 --- a/index.html +++ b/index.html @@ -1969,13 +1969,27 @@

- It should be as easy for a user to check what consent they have given, - to withdraw consent, or to opt out or object, - as to give consent. + It should be as easy for a [=person=] to check what consent they have given, to withdraw consent, + or to opt out or object, as to give consent.

+A [=person=] may share data about other [=people=] (e.g. a picture with both that person and others). If that person consents to the processing of that data, this does not imply that those other people have consented as well. + +
+

+ + [=Actors=] should provide functionality to access, correct, and remove data about + [=people=] to those [=people=] when that data has been provided by someone else. + +

+
+ +
+ See Group Privacy and Data Rights for + further discussion of privacy of people other than the user. +
## Notifications and Interruptions {#interruptions}