The Data protection Code of Conduct describes an approach to meet the requirements of the EU Data Protection Directive in federated identity management. The Data protection Code of Conduct defines behavioral rules for Service Providers which want to receive user attributes from the Identity Providers managed by the Home Organisations. It is expected that Home Organisations are more willing to release attributes to Service Providers who manifest conformance to the Data protection Code of Conduct. For more information, see Introduction to Code of Conduct.
- Code of Conduct for Service Providers
- SAML 2 Profile for the Data Protection Code of Conduct
- Entity Category Definition: Data protection Code of Conduct
Non-normative, Informational Documents
- Introduction to Code of Conduct
- Introduction to Data protection directive
- Managing Data Protection Risks Using the Code of Conduct
- What attributes are relevant for a Service Provider
- Data protection good practice for Home Organisations
- Operator guidelines
- Handling non-compliance
- Notes on Implementation of INFORM/CONSENT GUI Interfaces
License to the documents above is granted under the Creative Commons BY-SA 3.0 license.
Work in progress
Recent space activity