Personal Data Ecosystem Roles
A person or organization may fulfill one or more roles at different or even the same time(s).
PRINCIPALAn individual or organization about whom information or attributes are stored, managed and accessed. |
||||
 |
||||
| PROVIDER Provide information or attributes “about” the principal. |
 |
RELYING PARTY Request information or attributes “about” the principal. |
||
 |
 |
 |
 |
 |
| CUSTODIAN Manage, safeguard, curate information about the principal. |
||||
PDEC definitions of Personal Data Ecosystem Roles:
- Principal – The principal is a person or organization that is identified by, described by or related to, information or attributes that can be stored about them and exchanged with other interested parties. The principal is a primary active participation role, not simply defined as subject (as defined in data protection legislation relating to individuals who are the subject of a process or data)
- Providers – Those organizations who generate, validate, create, or certify information or attributes relating to principals that other roles within the ecosystem may wish to collect, protect, curate, or access and make use of.
- Custodian – Those organizations that are not interested in the actual information itself but rather provide of services and solutions for the secure collection, transmission, exchange, storage, curation, management of the data on behalf principals. In general it is by the explicit delegation of a principal that a custodian is empowered to operate on their behalf.
- Relying Party – An organization, service or solution that requests, consumes or relies on data from others about or related to principals.