What is ISO/IEC 29184 about?

ISO/IEC 29184 is an international standard used for information technology that specifies the structure of online privacy notices which helps in providing privacy to individuals.

ISO/IEC 29184 specifies controls, which shape the content and the structure of online privacy notices as well as the process of asking for consent to collect and process personally identifiable information (PII) from PII principals.

ISO/IEC 29184 specifies controls and associated additional information for organizations:

to provide the basis for presenting clear, easily understood information to individuals whose PII is collected, about how the organization processes their PII (e.g., when providing services to consumers or under an employment relationship)
to obtain consent from the PII principals in a fair, demonstrable, transparent, unambiguous and revocable (withdrawable) manner

Note: ISO/IEC 29184 is applicable in any online context where a PII controller or any other entity processing PII informs PII principals of processing.

Note 2: ISO/IEC 29184 provides details on the implementation of two privacy principles from ISO/IEC 29100.

Who is ISO/IEC 29184 for?

ISO/IEC 29184 on Information technology is useful for:

Cyber security
Peoples using internet connections
Employees of an organization

Why should you use ISO/IEC 29184?

Protection and privacy are important for individual people as nowadays everyone is using the internet on electronic devices. Because of cyberattacks, privacy is difficult to maintain. Therefore, internet security is an important issue for everyone. The content of the notice should have sufficient information which helps you to understand the process of PII and the rights posed by PII.

ISO/IEC 29184 helps in creating an easy-to-understand and non-technical document for explaining the privacy-related notices to your clients. It also helps in creating documentation on use of data by your or your organization to inform your clients. It further details the method to be used by the PII principal and informs the contact details for inquiries regarding the processing of PII. ISO/IEC 29184 guideline ensures clarity when obtaining the consent for collection of PII and helps in obtaining the re-consent from PII when conditions are changed.

Buying ISO/IEC 29184 can help you improve how you present complicated information to your clients and the understanding of consent in collecting and processing the PII.

BS ISO/IEC 29184:2020

Information technology. Online privacy notices and consent

Current

Published:

30 Jun 2020