Consumer protection — Privacy by design for consumer goods and services — Part 1: High-level requirements

This document establishes high-level requirements for privacy by design to protect privacy throughout the lifecycle of a consumer product, including data processed by the consumer. This document does not contain specific requirements for the privacy assurances and commitments that organizations can offer consumers nor does it specify particular methodologies that an organization can adopt to design and-implement privacy controls, nor the technology that can be used to operate such controls.

Protection des consommateurs — Respect de la vie privée assuré dès la conception des biens de consommation et services aux consommateurs — Partie 1: Exigences de haut niveau

[Not translated]

General Information

Status
Published
Publication Date
30-Jan-2023
Current Stage
6060 - International Standard published
Start Date
31-Jan-2023
Due Date
01-Nov-2022
Completion Date
31-Jan-2023

Buy Standard

Standard
ISO 31700-1:2023 - Consumer protection — Privacy by design for consumer goods and services — Part 1: High-level requirements Released:1/31/2023
English language
37 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
ISO/FDIS 31700-1 - Consumer protection — Privacy by design for consumer goods and services — Part 1: High-level requirements Released:26. 08. 2022
English language
37 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
REDLINE ISO/FDIS 31700-1 - Consumer protection — Privacy by design for consumer goods and services — Part 1: High-level requirements Released:26. 08. 2022
English language
37 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO
STANDARD 31700-1
First edition
2023-01
Consumer protection — Privacy
by design for consumer goods and
services —
Part 1:
High-level requirements
Protection des consommateurs — Respect de la vie privée assuré
dès la conception des biens de consommation et services aux
consommateurs —
Partie 1: Exigences de haut niveau
Reference number
ISO 31700-1:2023(E)
© ISO 2023

---------------------- Page: 1 ----------------------
ISO 31700-1:2023(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
  © ISO 2023 – All rights reserved

---------------------- Page: 2 ----------------------
ISO 31700-1:2023(E)
Contents Page
Foreword . vi
Introduction .vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 General . 8
4.1 Overview . 8
4.2 Designing capabilities to enable consumers to enforce their privacy rights . 9
4.2.1 Requirement . 9
4.2.2 Explanation . 9
4.2.3 Guidance . 10
4.3 Developing capability to determine consumer privacy preferences . 10
4.3.1 Requirement . 10
4.3.2 Explanation . 11
4.3.3 Guidance . 11
4.4 Designing human computer interface (HCI) for privacy . 11
4.4.1 Requirement . 11
4.4.2 Explanation .12
4.4.3 Guidance .12
4.5 Assigning relevant roles and authorities .
...

FINAL
INTERNATIONAL ISO/FDIS
DRAFT
STANDARD 31700-1
ISO/PC 317
Consumer protection — Privacy
Secretariat: BSI
by design for consumer goods and
Voting begins on:
2022-09-09 services —
Voting terminates on:
Part 1:
2022-11-04
High-level requirements
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/FDIS 31700-1:2022(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. © ISO 2022

---------------------- Page: 1 ----------------------
ISO/FDIS 31700-1:2022(E)
FINAL
INTERNATIONAL ISO/FDIS
DRAFT
STANDARD 31700-1
ISO/PC 317
Consumer protection — Privacy
Secretariat: BSI
by design for consumer goods and
Voting begins on:
services —
Voting terminates on:
Part 1:
High-level requirements
COPYRIGHT PROTECTED DOCUMENT
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
RECIPIENTS OF THIS DRAFT ARE INVITED TO
ISO copyright office
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
CP 401 • Ch. de Blandonnet 8
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
CH-1214 Vernier, Geneva
DOCUMENTATION.
Phone: +41 22 749 01 11
IN ADDITION TO THEIR EVALUATION AS
Reference number
Email: copyright@iso.org
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/FDIS 31700-1:2022(E)
Website: www.iso.org
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
Published in Switzerland
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
ii
  © ISO 2022 – All rights reserved
NATIONAL REGULATIONS. © ISO 2022

---------------------- Page: 2 ----------------------
ISO/FDIS 31700-1:2022(E)
Contents Page
Foreword . vi
Introduction .vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 General . 8
4.1 Overview . 8
4.2 Designing capabilities to enable consumers to enforce their privacy rights . 9
4.2.1 Requirement . 9
4.2.2 Explanation . 9
4.2.3 Guidance . 10
4.3 Developing capability to determine consumer privacy preferences . 10
4.3.1 Requirement .
...

ISO 31700-1:2022(E)
2022-06-2908-10
ISO/PC 317 N270
Secretariat: BSI
Consumer protection –— Privacy by design for consumer goods and services — Part 1: High-
level requirements

---------------------- Page: 1 ----------------------
ISO/FDIS 31700-1:2022(E)
© ISO 20212022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no
part of this publication may be reproduced or utilized otherwise in any form or by any means,
electronic or mechanical, including photocopying, or posting on the internet or an intranet, without
prior written permission. Permission can be requested from either ISO at the address below or
ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO 2021 – All rights reserved
ii © ISO 2022 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/FDIS 31700:2021-1:2022(E)
Contents
Foreword . iv
Introduction. v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 General . 8
4.1 Overview . 8
4.2 Design capabilities to enable consumers to enforce their privacy rights . 9
4.3 Develop capability to determine consumer privacy preferences . 11
4.4 Design human computer interface (HCI) for privacy . 12
4.5 Assign relevant roles and authorities . 12
4.6 Establish multi-functional responsibilities . 13
4.7 Develop privacy knowledge, skill and ability . 14
4.8 Ensure knowledge of privacy controls . 15
4.9 Documented information management . 16
5 Consumer communication requirements . 17
5.1 Overview . 17
5.2 Provision of privacy information . 17
5.3 Accountability for providing privacy information . 19
5.4 Responding to consumer inquiries and complaints . 19
5.5 Communicating to diverse consumer population . 20
5.6 Prepare data breach communications. 21
6 Risk management requirements . 21
6.1 Overview . 21
6.2 Conduct a privacy risk assessment . 22
6.3 Assess privacy capabilities of third parties . 23
6.4 Establish and document requirem
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.