ISO IEC TS 27570-2021.docx

TECHNICA1.SPECIFICATIONISO/IECTS27570editionFirst2021-01Privacyprotection-Privacyguide1.inesforsmartcitiesISO/IEC7喇唳耐曲COPYRIGHTPROTECTEDDOCUMENT©IS0/1EC2021M11c<hefivdi1.itedotherwise*ri快ChBxXniEX1.msitRiDhmw;Itmiihr<1.ij1.trfvx>CoPwnR.pnttjuiionpostingontheinternetoranInunnu1.withoutpriorwrittenpermission.PermissioncanberequestedfromeitherISOatt1.½addressbe1.oworISO*smemberhodyinthecountryofth<?rrcucstcr.三cB1.andonnct8r,GenevaPhone:t41227490111辆jtc:用洲部砾o.orgPub1.ishedinSwitzer1.andContentsForewordVIntroductionvi2Scope13NormativereferencesTermsanddefinitions1145AbbreviatedtermsPrivacvinsmartcities65.15.2Genera)IntpprntinnofnrivnevinthesmartCitVreferenceframework665.35.2.1SHriniCjtJnkttigefo1111tCeJcIfiMitActors9A5.4Cha1.1.enges11UGuidanceonsmartcityecosystemsprivacyprotection6.1 Ecosystemprivacyp1.an6.1.1 RecommendationR6.1>>MMaM*WI>131313136.26.1.3WorkproductGovernance6.2.1RecommendationR6.2.14146.36.2.3WorkproductSupp1.ychain6.3.1RecommendationR63.15156.3.2Exp1.anations156.4WorkproductDatamanagement641RQcommondatkmR6.4,177>BGuidanceonstandardsforsmartcitvecosystemsDrivacvDrotection187.1Genera).187.2PrivacvPovernance198GuidanceonnrocessesforsmartcitvecosvstenDriVaCVnrotection208.1Genera1.208.2sncePrOCeSSft.2.1rKernmmp1dation.non.*.2121ExpftuvrrR,Z8.2.3 Guidanceonecosystemcoordination8.2.4 Guidancefororganizations21JA228.38.2.5Wiifi砒PxiRhRthntnhQdSDatamanagementprocess23228.3.1RecommendationR83八8.3.2Exp1.anations2?Guidanceecosystemcoordination8.3.4Guidancefororganizations238.3.5Standardsandmethods.24th1Tr8.4Hh4c1.narecfipn1.ie!R8.48.4.2Exp1.anations248.4.3Guidanceforecosystemcoordination隹：U传(JsEd豳b除ions8.4.6Workproduct8.5Engineeringprocess268.5.2Rpbnn1.11<1.otionR8.5.8.5.3Guidanceforecosystemcoordination278.5.4GuidanceFororganizations708.5.6Wa(TH甲TtH1.mtImethOds.8.6Citizenenaeementprocess.298.6.1RecommendationR8.6.29.4.56.6.%8.&8.EXPIIanatiQnS，.1<>*<><<.，<(，“，<>GuidanceJorecosystemcoordinationGUidanCefororon23tions30Wc*kproductAnnexA(informative)Examp1.eofecosystemprivacyp1.anstructureAnnexB(informative)UsingvideocamerasinsmartcitiesBib1.iography.ForewordISO(theInternationa1.OrganizationforStandardization)andIEC(theInternationa1.E1.ectrotechnica1.tnmmiS0h0fifiqiiB<1.旬ratemtfteIkmd1.bpidentstaofttotdhjatiama1.NStftnfidrdsbodiesrhttaMmitteesestab1.ishedbytherespectiveorganizationtodea1.withparticu1.arfie1.dsoftechnica1.activity.ISOandIECmitteesco1.1.aborateinfie1.dsofmutua1.interest.Otheriatpari°na1.cvons,Sovernmenta*dn<non-governmenta1.,in1.iaisonwithISOandIEC,a1.soTheproceduresusedtodeve1.opthisdocumentandthoseintendedforitsfurthermaintenanceare窗nf8妙CS1.g月M野用曲帆帆版IiO1.PdpMM4*e岷翻蛔ft凶祐砧即AronKifMWcdedtheeditoria1.ru1.esoftheISO/IECDirectives,Part2(seewww.iso.org/directivcs).1.istOfpatentdec1.arationsreceived(seepatents.iec.ch).Anytradenameusedinthisdocumentisinformationgivenfortheconvenienceofusersanddoesnotconstituteanendorsement.F»pWftsionsex闺ntftiWrtiiErtbwMty厕IentQfaWdhdardS,Ihfoemati皿曲Ut1.SCrPadixtasmhdWoI-IdTradeOrganization(WTO)princip1.esintheTechnica1.BarrierstoTrade(TBT)1seewww.iso.org/iso/foreword.htm1.3翻碎曜MC海砂R三枷也UW/8痛就CMWC8Mft唉/0/1Ed眄Ma.。mMbrmaamtechno1.ogy.Anyfeedbackorquestionsonthisdomentshou1.dbedirectedtotheuser/snationa1.standardsbody.Acomp1.ete1.istingofthesebodiescanbefoundatwww.iso.orgnenbers.h<m1.IntroductionThegrowingintegrationofICTtechno1.ogies(e.g.c1.oudcomputing,IoTrbigdata,mobi1.enetworks,QirpftbiUiiesinteionreiifdtnnanres.1.enitigrQwinfjrtmpdsoiHbvf比TJmfrOgdIda吧Ha1.tingcreatevu1.nerabi1.itiesatsecurityandprivacy1.eve1.Securityincidentscan1.eadtoessentia1.servicesnotoperatingproper1.y,forinstanceamassivee1.ectricitysupp1.yshortage.1.ikewise,unauthorizedaccesstopersona1.datacan1.eadtomajorprivacybreaches,forinstanceaccesstopersona1.hea1.thdatarecords.Ensuringthatprivacyisproper1.ydea1.twithinsmarttiesisacha1.1.enge.First,aWidevarietyofpub1.icandprivatestakeho1.derscanbeinvo1.vedsuchas:agenciesinchargeofmanagingessentia1.cityservicesforinstanceadministrationservices;businessorganizationsinchargeofoperatingservicesforinstancee1.ectricitydistribution:o8B?RftssystBms刚0p1.ychainsassociatedwiththedep1.oymentofre1.atedinfrastructureforinstanceassociationsrepresentingtheviewpointsofcitizens.Second1.y,awidevarietyofstandardscanbeusedsuchas：privacystandards;smartcitystandards；c1.oudcomputingstandards;IoTstandards;bigdatastandards;andITgovernancestandards.Figure1showsexamp1.esofsuchstandards.Thisdocumentthusfocusesonprovidingguidanceontheuseofstandards,whi1.etakingintoaccountthevarietyOfstakeho1.dersinasmartcityecosystem.Privicystandards ISOfCC29100privacyfra11e1x¼ ISOfCC29134PmCympaciasMsvnontgucSo1.nas ISOfCC27701pcvcyWormonmanagementsy9te*n>rQukenvenuISOCC2915184MMPrac1.B1.OfPIiPf«oCoOn 1.S0f三C27550PnVaCyennoerr>gSmartcitystandards ISOrtEC30145Smartr1.rncframworx PAS183dotoM1.abaahingadoc*orw11aKingH1.eWtkforsharingdaaandnformat>onrvco4 ISO37156Gu<Jene*MDMxca11geendShnngF<SnWtCCmmUn”ISO/IEC27570Privicyguide1.inesformartcitiC1.oudcomputingstandards ISOrCC17789C1.oudCocnputrgRofo*or)ceArchftocturcSO<C2W8.Co<¼ofpnhcforptcftorO(PI1.inPCt)MCoudsactingMPi1.PrOCeSWk>TstandardsISOf1.tC30141IoTRofrncoAfchnctur-ISOWC27030H*cu*1.tyandMsCyg<1*in*forIoTBigdaUstandards ISOwCX>M73B七rarefwcearen*IeCare-ISO«C2054741.gMA*curtyao<JprM>cyITgovernancestandards ISOMrC8500Corp(X8!governance&MXmetOa1.ecno<oy ISOHEC36S01GovwanceofITmpFrrteongud-ISOfFC38502GoverrancoofIT-Fra<n>M«d(end<nod-ISOftC3B5051ApptcebonofiSQ'1.C38500totheBovomanceo(8匕Figure 1 Examp1.esofstandardstoreferenceFigure2summarizesprivacyrecommendationstosmartcitiesecosystemsinthisdocument,furtherFigure 2 -EcosystemguidanceforprivacyFigure 3 summarizesprivacyrecommendationstosmartcitiesprocessesinthisdocument,furthernumberedR8.2,R8.3,R8.3,R8.4.andR8.5.Figure3ProcessguidanceforprivacyItisforeseenthatthisdocumentwi1.1.pavethewaytofutureprivacystandardsforsmartcities.Tab1.e1providesa1.istofpossib1.eFuture1.standards.ofpossib1.efuturestandardsTab1.eExamp1.esCategoryStandardsFrameworkforprivacymanagementinsmartcitiesGuide1.inesforprivacymanagementp1.ansinsmartcitiesGuide1.inesforprivacypo1.icymakinginsmartcitiesinc1.udingdataretentionGuide1.inesforprivacyimpactassessmentreportsinsmartcitiesGuide1.inesforconsentmanagementinsmartcitiesGuide1.inesforprivacyaccountabi1.ityandtransparencymanagementinsmartcitiesGuide1.inesforprivacybreachmanagementinsmartcitiesGuide1.inesforprivacy-bydcsignofsmartcityservicesCommondescriptionofprivacyincidentsinsmartcitiesPrivacyengineeringfocusesontheIntegrationofprivacyconcernsintheengineering>:PrivacyprotectionPrivacyguide1.inesforsmartcities1 ScopeItprovidesguidanceon：-Citizensjs1.andardscanbeusedatag1.oba1.1.eve1.andatanorganizationa1.1.eve1.forthebenefitofcompanies,governmen1.app1.icab1.etoandnot-for-profitorganizations,indudingservicesinsmartprivate2 Normativereferences3 Termsanddefinitionsna1.thefo1.1.owingISOandIECmaintaintermino1.ogica1.databasesforuseJns1.andard3Hcaddresses:3.1 IECE1.ectropedia:avai1.ab1.eat4ttwww.e1.eftropedisFgactivitySOURCE:ISO1ECIEEE15288:2015,4.1.3agency3.3avai1.abi1.itySOURCE:ISO/IEC27000:2018,3.7citizen3.5citizenengagementThedocumenttakesamu1.tip1.eagencyaswe1.1.asacitizen-centricviewpoint. smartcityecosystemprivacyprotection;how processesforsmartcityecosystemprivacyprotection.Thisdocumentisentities,a1.1.typesandsizesofthatprovidepub1.icandcityenvironments.Therearenonormativereferencesinthisdocument.Forthepurposesofthisdocument,thefo1.1.owingtermsanddefinitionsapp1.y. ISOOn1.inebrowsingp1.atform:avai1.ab1.eathttps:/www.iso.org/obpsetofcohesivetasks(3.32)ofaprocess(3.25)3.2organization(3.13)providingaspecificserviceforacitypropertyofbeingaccessib1.eandusab1.eupondemandbyanauthorizedentity3.4inhabitantofacityinvo1.vementofcitizens(3.4)inthedecision-makingofpub1.icpo1.icies3.6confidentia1.itypropertythatinformationisnotmadeavai1.ab1.eordisc1.osedtounauthorizedindividua1.s,entitiesorprocesses(3.25)聆URCEISO1EC27000:2018,3.10dataprotectionofficerpersonappointedbytheP1.1.contro1.1.er(3.15)toensure,inanindependentmanner,comp1.iancewiththeygacyiaw/regu1.ationrequirementsecosysteminfrastructureandservicesbasedonanetworkoforganizations(3.13)andstakeho1.dersNe1toentry:Organizationscaninc1.udepub1.icbodies.ecosystemprivacyp1.an典BnCdarrangementsforensuringthatprivacyisadequate1.ymanagedinanecosystem(3.8)governancesystemofdirectingandcontro1.1.ing史yyRCE:1SOIEC38500:201S.2.8integritypropertyofaccuracyandcomp1.eteness融RCE:)SOIEC27000:2018,3.36intervenabi1.itypropertythatensuresthatP1.1.principa1.s(3.16),P1.1.contro1.1.ers(3.15),P1.1.processors(3.17)andsupervisoryauthoritiescaninterveneina1.1.privacy-re1.evantdataprocessingNdey1.rftj1.awH?UnrWrinticVhiChnyfthesestakeho1.derscaninterveneindataprocessingcanbe1.imitedhy更RCE:ISO/IECTR27550:2019,3.6organizationpersonorgroupofpeop1.ethathasitsownfunctionswithresponsibi1.ities,authoritiesandre1.ationshipstoachieveitsobjectivesNWWPrtbenarjrfip,orai即IiGndhaiIUufo>n,eriperttimitdicun1.bina1.itee.thcrvb也th<ra)orattn>1.rpurHtcdfirm,not.pub1.icorprivate.(SOURCE:ISO37100:2016.3.2.3,modifiedNote2toentryhasbeenomitted.)3.14persona1.1.yidentifiab1.einformationanyinformationthata)canbeusedtoidentifytheP1.1.principa1.(36)towhomsuchinformationre1.ates,orb)isormightbedirect1.yorindirect1.y1.inkedtoaP1.1.principa1.NMeh1.m11)Rb1.y(be1.ttsHirwhetherphvBUmtariMfirfiidEbkdaxmtbx3hptidkenparty,OttthrihderitAmeansnatura1.person.KSJRCE:ISO/iEC29100:2011,2.9persona1.1.yidentifiab1.einformationcontro1.1.erPIIcontro1.1.erprivacystakeho1.der(orprivacystakeho1.ders)thatdeterminesthepurposesandmeansforprocessingpersona1.1.yidentifiab1.einformation(3.14)otherthannatura1.personswhousedataforpersona1.purposes(3,17)toprocessP1.1.onitsbeha1.f更钳RCE:ISO/IEC29100:2011,2.10persona1.1.yidentifiab1.einformationprincipa1.PIIprincipa1.natura1.persontowhomthepersona1.1.yidentifiab1.einformation(3.14)re1.atesme1in',d'sfchipcrfiuiRimttietiBdaiifndttterri1ticu1.aPtfrincipar.protectionandprivacy1.egis1.ation,the莫什RCE:ISO/IEC29100:2011,2.11persona1.1.yidentifiab1.einformationprocessorPIIprocessorprivacystakeho1.derthatprocessespersona1.1.yidentifiab1.einformation(3.14)onbeha1.fofandinaccordancewiththeinstructionsofaPHcontro1.1.er(35)jSOURCE:ISO/iEC29100:2011,2.12po1.icyintentionsanddirectionofanorganization(3.13)asforma1.1.yexpressedbyitstopmanagementiso/iec20547-3:2020,3.11privacybreachsituationwherepersona1.1.yidentifiab1.einformation(3.14)isprocessedinvio1.ationofoneormorere1.evantprivacysafeguardingrequirementsOURCE:ISO/IEC29100:2011,2,13privacy-by-designapproachinwhichprivacyisconsideredattheinitia1.designstageandthroughoutthecomp1.ete1.ifecyc1.eofproducts,processesorservicesthatinvo1.veprocessingpersona1.1.yidentifiab1.einformation(3.14)3.22privacydatasharingagreementbetweenentry:acontroersdata4S(1SOIEC27701:2019invo1.vedatatransfer,dataprocessing,andsharingofP1.1.3.20privacyprincip1.esSOURCE:ISO/IEC29100:2011,2.18)privacyriskNote1toentry:RiskIsdefinedasthe"effectofuncertaintyonobjectives*mISOGuide73andISO31000.SOURCE:1SO1EC29100:2011,2.19privacyru1.e3.25process!SOURCE:ISO/IEC27000:2018,3.54JprocessingofPIIa1.teration.retrieva1.Examp1.esconsu1.tat>on.processing<iisdosure,Openationsanonyinizahon,pseudonymtzation.disseminationco1.1.ection.otherwiseSOURCE:ISO/IEC29100:2011,2.23smartcity(SOURCE:BSIPS181:2014)smartcityservicegovernancebody8.3Datamanagementprocess8.3.1 RecommendationR8.3Adatamanagementprocessshou1.dbeestab1.ishedbythesmartcityservicegovernancebodytoensureprotectionofPU.8.3.2 Exp1.anationsThedatamanagementprocessfocusesonthemanagementofprivacyinthecreating,capturing,cWe<f1.r11S(trAttw11Jj11inptibi<tting,cityaccessing,tram1b11!iha11aTHtMngactivitj6sdatBi11MitiddaSmrt1.bythegoverningbodiesofasmartcity,aswe1.1.asbytheorganizationsintheecosystemasshowedinFigure16.Aprerequisitetothisprocessisthesynchronizationwiththegovernance,riskmanagementFigure16Datamanagementprocessstakeho1.ders8.3.3 GuidanceonecosystemcoordinationThefo1.1.owingguidanceisprovidedattheecosystem1.eve1.:poficiesn(fiatkmprocessanddemonstratethatthedatasharingpurposeiscomp1.iantwith initiatetheriskmanagementprocessasrequired; initiatetheengineeringprocessasrequired; specifytheprivacyimpactassessmentandsharingagreementtemp1.atestouse;and estab1.ishandimp1.ementcoordinationschemesintheecosystem,concerning: theparticipationofneworganizationstoadatasharingcommunity; theextensionofdatasharingtonewapp1.ications: thecomp1.ianceofdatasharingapp1.icationswithagreedpo1.iciesaswe1.1.asregu1.ation;and assuranceandauditofpractice.8.3.4GuidancefororganizationsThefo1.1.owingguidanceisprovidedattheorganization1.eve1.：-initiatethegovernanceprocessasrequired;©ISO!EC2021-A1.1.rightsreservedinitiatetheengineeringprocessasrequired,useandcarryoutdatasharingactivitiesinaccordancewiththeecosystemcoordinationscheme.Thefo1.1.owingstandardsandmethodscanbeused:BSIPAS183isusedto一ISO37156providesaframeworkfordataexchangeandsharingtoentitieshavingauthorityto1SOIEC29184providescontro1.s,whichshapethecontentandthestructureofon1.ineprivacynoticeaswe1.1.astheprocessofaskingconsenttoco1.1.ectandprocessP1.!fromP1.1.principa1.s.overa1.1.1AcityDataIsoperatesanwiththeconsentofthesmartmeterstheinorderofenergyitsunique1.y.Theco1.1.ecteddataismadeavai1.ab1.etoanumberofdataana1.yticscompaniesthroughadatasharingagreementwhichexp1.icit1.yforbidsorganizationsinthedatasharingecosystemtousethedataforanotheradatathanenergystudy,statestothisdocument.inc1.udesafterana1.ysis.Thecityagencyestab1.ishesthedatasharingecosystemreportannua1.1.yprovidinginformationsuchasPIAannua1.reportupdate,the1.is