Comment: One of the goals of the document is to standardize on wording. In the first paragraph: "Through federated technologies, an IDP could have insight into a range of transactions a user is conducting online across a variety of RPs, building a narrative about a user that she never anticipated, or wanted, the IDP to have." is known as "user profiling" in the EU’s GDPR.
Suggested Change: Through federated technologies, an IDP could have insight into a range of transactions a user is conducting online across a variety of RPs, building a narrative about a user that she never anticipated, or wanted, the IDP to have. This is known as user profiling.
Organization: VASCO Data Security
Type: 2 - Industry
Reference: section "5.4. Privacy Requirements"
Comment: One of the goals of the document is to standardize on wording. In the first paragraph: "Through federated technologies, an IDP could have insight into a range of transactions a user is conducting online across a variety of RPs, building a narrative about a user that she never anticipated, or wanted, the IDP to have." is known as "user profiling" in the EU’s GDPR.
Suggested Change: Through federated technologies, an IDP could have insight into a range of transactions a user is conducting online across a variety of RPs, building a narrative about a user that she never anticipated, or wanted, the IDP to have. This is known as user profiling.