iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/TR 31700-2

(Main)

Consumer protection — Privacy by design for consumer goods and services — Part 2: Use cases

Consumer protection — Privacy by design for consumer goods and services — Part 2: Use cases

This document provides illustrative use cases, with associated analysis, chosen to assist in understanding the requirements of 31700-1. The intended audience includes engineers and practitioners who are involved in the development, implementation or operation of digitally enabled consumer goods and services.

Protection des consommateurs — Respect de la vie privée assuré dès la conception des biens de consommation et services aux consommateurs — Partie 2: Cas d’usage

General Information

Status
Not Published
Publication Date
30-Jan-2023
ICS
03.080.30 - Services for consumers
03.100.01 - Company organization and management in general
Technical Committee
ISO/PC 317 - Consumer protection: privacy by design for consumer goods and services
Drafting Committee
ISO/PC 317 - Consumer protection: privacy by design for consumer goods and services
Current Stage
6060 - International Standard published
Start Date
31-Jan-2023
Due Date
31-Oct-2022
Completion Date
31-Jan-2023
Ref Project

Buy Standard

ISO/PRF TR 31700-2 - Consumer protection — Privacy by design for consumer goods and services — Part 2: Use cases Released:9. 12. 2022ISO/PRF TR 31700-2 - Consumer protection — Privacy by design for consumer goods and services — Part 2: Use cases Released:9. 12. 2022
PreviousNext
Draft
ISO/PRF TR 31700-2 - Consumer protection — Privacy by design for consumer goods and services — Part 2: Use cases Released:9. 12. 2022
English language
31 pages
sale 15% off
Preview
sale 15% off
Preview
REDLINE ISO/PRF TR 31700-2 - Consumer protection — Privacy by design for consumer goods and services — Part 2: Use cases Released:9. 12. 2022REDLINE ISO/PRF TR 31700-2 - Consumer protection — Privacy by design for consumer goods and services — Part 2: Use cases Released:9. 12. 2022
PreviousNext
Draft
REDLINE ISO/PRF TR 31700-2 - Consumer protection — Privacy by design for consumer goods and services — Part 2: Use cases Released:9. 12. 2022
English language
31 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

TECHNICAL ISO/TR
REPORT 31700-2
First edition
2023-01
Consumer protection — Privacy
by design for consumer goods and
services —
Part 2:
Use cases
Protection des consommateurs — Respect de la vie privée assuré
dès la conception des biens de consommation et services aux
consommateurs —
Partie 2: Cas d’usage
PROOF/ÉPREUVE
Reference number
ISO/TR 31700-2:2023(E)
© ISO/TR 2023
---------------------- Page: 1 ----------------------
ISO/TR 31700-2:2023(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2023

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on

the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below

or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
PROOF/ÉPREUVE © ISO 2023 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/TR 31700-2:2023(E)
Contents Page

Foreword ........................................................................................................................................................................................................................................iv

Introduction .................................................................................................................................................................................................................................v

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ..................................................................................................................................................................................... 1

3 Terms and definitions .................................................................................................................................................................................... 1

4 Abbreviated terms ............................................................................................................................................................................................. 2

5 Overview of ISO 31700-1 requirements and related concepts ........................................................................... 2

5.1 ISO 31700-1 Requirements .......................................................................................................................................................... 2

5.2 Related concepts ................................................................................................................................................................................... 3

5.3 Viewpoints in the use cases ........................................................................................................................................................ 6

5.3.1 General ........................................................................................................................................................................................ 6

5.3.2 Consumer product viewpoint ................................................................................................................................. 6

5.3.3 Engineering framework viewpoint.................................................................................................................... 7

5.3.4 Ecosystem viewpoint ..................................................................................................................................................... 7

6 Use case analysis .................................................................................................................................................................................................. 7

6.1 General ........................................................................................................................................................................................................... 7

6.2 Use case template ................................................................................................................................................................................. 7

7 Use cases ....................................................................................................................................................................................................................... 8

7.1 General ........................................................................................................................................................................................................... 8

7.2 On-line retailing .................................................................................................................................................................................... 9

7.2.1 On-line retailing use case main description .............................................................................................. 9

7.2.2 On-line retailing consumer communication ........................................................................................... 11

7.2.3 On-line retailing summary .....................................................................................................................................12

7.2.4 On-line retailing general requirements ......................................................................................................13

7.2.5 On-line retailing risk management ................................................................................................................. 14

7.2.6 On-line retailing development, deployment and operation ......................................................15

7.2.7 On-line retailing end of PII lifecycle ............................................................................................................... 16

7.3 Fitness company ...................................................................... ........................................................................................................... 17

7.3.1 Fitness company use case main description .......................................................................................... 17

7.3.2 Fitness company risk management of health application .......................................................... 19

7.3.3 Fitness company consumer communication .......................................................................................... 20

7.4 Smart locks for homes front doors .................................................................................................................................... 21

7.4.1 Smart locks product line main description ............................................................................................. 21

7.4.2 Smart locks basic configuration ........................................................................................................................ 24

7.4.3 Smart locks colocation configuration ........................................................................................................... 25

7.4.4 Smart locks family configuration ..................................................................................................................... 26

7.4.5 Smart locks risk management ............................................................................................................................. 27

7.4.6 Smart locks consumer communication .......................................................................................................28

7.4.7 Smart locks development, deployment and operation ..................................................................29

Bibliography .............................................................................................................................................................................................................................31

iii
© ISO 2023 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 3 ----------------------
ISO/TR 31700-2:2023(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www.iso.org/patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to

the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see

www.iso.org/iso/foreword.html.

This document was prepared by Project Committee 317 Consumer Protection – privacy by design for

consumer goods and services.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www.iso.org/members.html.
PROOF/ÉPREUVE © ISO 2023 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/TR 31700-2:2023(E)
Introduction
[1]

ISO 31700-1 provides high-level requirements and recommendations for organizations using privacy

by design in the development, maintenance and operation of consumer goods and services. These are

grounded in a consumer-focused approach, in which consumer privacy rights and preferences are

placed at the heart of product development and operation.

Use case help to identify, clarify and organize system requirements related to a set of goals, by

illustrating a series of possible sequences of interactions between stakeholder(s) and system(s) in a

particular ecosystem.
[2]

The use cases in this document use a template that is based on IEC 62559-2 while enabling a focus on

privacy by design challenges and on the ISO 31700-1 requirements.

Although there are a wide range of use cases, this document provides three sample use cases to help

further understand the implementation of ISO 31700-1: on-line retailing, a fitness company and smart

locks.
© ISO 2023 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 5 ----------------------
TECHNICAL REPORT ISO/TR 31700-2:2023(E)
Consumer protection — Privacy by design for consumer
goods and services —
Part 2:
Use cases
1 Scope

This document provides illustrative use cases, with associated analysis, chosen to assist in

understanding the requirements of 31700-1.

The intended audience includes engineers and practitioners who are involved in the development,

implementation or operation of digitally enabled consumer goods and services.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.

ISO and IEC maintain terminology databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org
3.1
privacy by design

design methodologies in which privacy is considered and integrated into the initial design stage

and throughout the complete lifecycle of products, processes or services that involve processing of

Personally Identifiable Information, including product retirement and the eventual deletion of any

associated personally identifiable information
Note 1 to entry: The lifecycle also includes changes or updates.
[SOURCE: ISO 31700-1:2023, 3.5]
3.2
use case

description of a sequence of interactions of a consumer and a consumer product used to help identify,

clarify, and organize requirements to support a specific business goal
Note 1 to entry: Consumers can be users, engineers, of systems.

Note 2 to entry: A system of interest in this document is a consumer goods or service.

[SOURCE: ISO 31700-1:2023, 3.22, modified — note 2 added]
© ISO 2023 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 6 ----------------------
ISO/TR 31700-2:2023(E)
4 Abbreviated terms
NIST National Institute of Standards and Technology
PII Personally identifiable information
5 Overview of ISO 31700-1 requirements and related concepts
5.1 ISO 31700-1 Requirements
[1]
Table 1 lists ISO 31700-1:2023 requirements, categorised as:
— general (ISO 31700-1:2023, clause 4);
— consumer communication requirements (ISO 31700-1:2023, clause 5);
— risk management requirements (ISO 31700-1:2023, clause 6);
— develop, deploy and operated privacy controls (ISO 31700-1:2023, clause 7);
— end of PII lifecycle requirements (ISO 31700-1:2023, clause 8).
Table 1 — ISO 31700-1 requirements
Category ISO 31700-1 section number and requirement
4.2 Design capabilities to enable consumers to enforce their privacy rights
4.3 Develop capability to determine consumer privacy preferences
4.4 Design human computer interface (HCI) for privacy
4.5 Assign relevant roles and authorities
General
4.6 Establish multi-disciplinary responsibilities
4.7 Develop privacy knowledge, skill and ability
4.8 Ensure knowledge of privacy controls
4.9 Documented information management
5.2 Provision of privacy information
5.3 Accountability of responsible persons to providing privacy information
Consumer communica-
5.4 Responding to consumer inquiries and complaints
tion requirements
5.5 Communicating to diverse consumer population
5.6 Prepare data breach communications
6.2 Conduct a privacy risk assessment
6.3 Assess privacy capabilities of third parties
Risk management re-
6.4 Establish and document requirements for privacy controls
quirements
6.5 Monitor and update risk assessment
6.6 Include privacy risks in cybersecurity resilience design
PROOF/ÉPREUVE © ISO 2023 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/TR 31700-2:2023(E)
TTabablele 1 1 ((ccoonnttiinnueuedd))
Category ISO 31700-1 section number and requirement

7.2 Integrate the design and operation of privacy controls into the products develop-

ment and management lifecycles
7.3 Design privacy controls
7.4 Implement privacy controls
Develop, deploy and
7.5 Design privacy control testing
operate designed privacy
7.6 Manage the transition of privacy controls
controls
7.7 Manage the operation of privacy controls
7.8 Prepare breach management

7.9 Operate privacy controls for the processes and products that the product in scope

depends upon through the PII lifecycle
End of PII lifecycle re-
8.2 Design privacy controls for retirement and end of use
quirements
5.2 Related concepts

The tables in this clause illustrate the relationships between the requirements of ISO 31700-1 and

related privacy engineering concepts:
— lifecycle processes as shown in Table 2;
[5]
— privacy protection goals, as shown in Table 3.
[7]
— NIST Privacy framework functions, as shown in Table 4;
— NIST privacy engineering objectives as shown in Table 5.
The resulting relations are shown in Table 6.
Table 2 — Lifecycle processes

Activities carried out by the organisation to define and maintain policies related to

Organisation policies
privacy by design

Product design and Activities carried out by the organisation to design and develop consumer goods or

development services

Activities carried out by the organisation to manage privacy when consumer goods or

Product use
services are in use
Table 3 — Privacy protection goals

Property that privacy-relevant data cannot be linked across domains that are consti-

tuted by a common purpose and context
Unlinkability

NOTE It ensures that a PII principal can make multiple uses of resources or services

without others being able to link these uses together

Property that ensures that all privacy-relevant data processing including the legal,

Transparency
technical and organizational setting can be understood as documented or stated

Property that ensures that PII principals, PII controllers, PII processors and supervi-

Intervenability
[12]
sory authorities can intervene in all privacy-relevant data processing
Table 4 — NIST Privacy Framework functions

Develop the organizational understanding to manage privacy risk for individuals aris-

Identify-P
ing from data processing
© ISO 2023 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 8 ----------------------
ISO/TR 31700-2:2023(E)
TTabablele 4 4 ((ccoonnttiinnueuedd))

Develop and implement the organizational governance structure to enable an ongoing

Govern-P understanding of the organization’s risk management priorities that are informed by

privacy risk

Develop and implement appropriate activities to enable organizations or individuals

to manage data with suffi
Control-P
cient granularity to manage privacy risks

Develop and implement appropriate activities to enable organizations and individuals

Communicate-P to have a reliable understanding and engage in a dialogue about how data are pro-

cessed and associated privacy risks
Protect-P Develop and implement appropriate data processing safeguards
Table 5 — NIST privacy engineering objectives

Enabling reliable assumptions by individuals, owners, and operators about data and

Predictability
their processing by a system, product, or service

Providing the capability for granular administration of data, including alteration, dele-

Manageability
tion, and selective disclosure

Enabling the processing of data or events without association to individuals or devices

Disassociability
beyond the operational requirements of the system
Table 6 — ISO 31700-1 requirements relationship with associated concepts
Privacy protec- NIST Privacy NIST privacy
Category of ISO 31700-1 Re- Lifecycle pro-
tion goals Framework engineering
requirement quirement cesses
functions objectives
4.2 Design capabil-
Intervenability Predictablity
ities to enable con- Product design Control-P, Com-
sumers to enforce and development municate-P
Transparency Manageability
their privacy rights
4.3 Develop capa-
Intervenability
bility to determine Product design Control-P, Com-
Predictability
consumer privacy and development municate-P
Transparency
preferences
4.4 Design human
Predictablity
Product design
computer interface Transparency Communicate-P
and development
Manageability
(HCI) for privacy
4.5 Assign relevant
Organisation
roles and authori- - Govern-p Manageability
policies
General
ties
4.6 Establish
Organisation
multi-disciplinary - Govern-P Manageability
policies
responsibilities
4.7 Develop privacy
Organisation
knowledge, skill and - Govern-P Manageability
policies
ability
4.8 Ensure knowl-
Manageability
Organisation
edge of privacy - Govern-P
policies
Disassociability
controls
4.9 Documented
Organisation
information man- - Govern-P Manageability
policies
agement
PROOF/ÉPREUVE © ISO 2023 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/TR 31700-2:2023(E)
TTabablele 6 6 ((ccoonnttiinnueuedd))
Privacy protec- NIST Privacy NIST privacy
Category of ISO 31700-1 Re- Lifecycle pro-
tion goals Framework engineering
requirement quirement cesses
functions objectives
5.2 Provision of pri- Organisation
Transparency Communicate-P Predictability
vacy information policies
5.3 Accountability
Predictability
of responsible per- Organisation Govern-P Com-
Transparency
sons to providing policies municate-P
Manageability
privacy information
Consumer 5.4 Responding to
Predictability
communication consumer inquiries Product use Transparency Communicate-P
Manageability
requirements and complaints
5.5 Communicating
to diverse consumer Product use Transparency Communicate-P Predictability
population
5.6 Prepare data
breach communica- Product use Transparency Communicate-P Predictability
tions
Product design Predictability
6.2 Conduct a priva- and development
Unlinkability Identify-P Manageability
cy risk assessment
Disassociability
Product design Predictability
6.3 Assess privacy
and development Identify-P, Pro-
capabilities of third Unlinkability Manageability
tect-P
parties
Disassociability
6.4 Establish and Product design Unlinkability Predictability
Risk manage- Identify-P, Con-
document require- and development
ment require- Intervenability trol-P, Communi- Manageability
ments for privacy
ments cate-P
controls
Transparency Disassociability
Product design Predictability
6.5 Monitor and
Identify-P,
and development
update risk assess- Unlinkability Manageability
Govern-P
ment
Disassociability
6.6 Include privacy
risks in cyberse- Organisation Identify-P, Pro-
Unlinkability -
curity resilience policies tect-P
design
© ISO 2023 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 10 ----------------------
ISO/TR 31700-2:2023(E)
TTabablele 6 6 ((ccoonnttiinnueuedd))
Privacy protec- NIST Privacy NIST privacy
Category of ISO 31700-1 Re- Lifecycle pro-
tion goals Framework engineering
requirement quirement cesses
functions objectives
7.2 Integrate the de-
sign and operation
Unlinkability Predictability
of privacy controls
Organisation
into the products Intervenability Protect-P Manageability
policies
development and
Transparency Disassociability
management life-
cycles
Product design Unlinkability Predictability
7.3 Design privacy and development
Intervenability Protect-P Manageability
controls
Transparency Disassociability
Product design Unlinkability Predictability
7.4 Implement pri- and development
Intervenability Protect-P Manageability
vacy controls
Transparency Disassociability
Product design Unlinkability Predictability
7.5 Design privacy and development
Develop, deploy
Intervenability Protect-P Manageability
control testing
and operate
Transparency Disassociability
designed privacy
controls
Predictability
7.6 Manage the
Intervenability
Organisation Control-P, Com-
transition of priva- Manageability
policies municate-P
Transparency
cy controls
Disassociability
Predictability
7.7 Manage the
Intervenability
Organisation Control-P, Com-
operation of privacy Manageability
policies municate-P
Transparency
controls
Disassociability
7.8 Prepare breach Organisation - Protect-P, Con-
management policies trol-P
7.9 Operate privacy
controls for the pro-
cesses and products
Control-P, Com-
that the product in Product use - -
municate-P
scope depends upon
through the PII
lifecycle
Predictability
8.2 Design privacy
End of PII lifecy- Product design Control-P, Com-
controls for retire- - Manageability
cle requirements and development municate-P
ment and end of use
Disassociability
5.3 Viewpoints in the use cases
5.3.1 General

The viewpoints presented here are shown in the sequence diagrams of the use cases in Clause 7.

5.3.2 Consumer product viewpoint

Consumer products and associated organisational practices protect consumers’ privacy when the

product is in use and throughout the PII lifecycle while the PII is under the organisation’s purview.

Considering how a product is likely to be used in practice, during product development, can require a

number of different contexts and situations to be evaluated. Different users with different capabilities

PROOF/ÉPREUVE © ISO 2023 – All rights reserved
---------------------- Page: 11 ----------------------
ISO/TR 31700-2:2023(E)

are catered for. This applies as the product, once in the possession of a consumer user, is operated in

unconstrained circumstances where the consumer’s understanding and abilities can, and often do, vary

considerably.

For each type of use the precise definition of use is coupled with an accurate description of how the

product and any associated organisational processes would operate so as to protect privacy.

Finally, consumer use can change over time and vary between cultures or demographic groups.

5.3.3 Engineering framework viewpoint

The development and management of privacy controls is an essential part of the engineering of

consumers products. The resulting engineering framework combines:
[3]
— processes based on standards such as ISO/IEC/IEEE 15288 ;

— extensions of such processes that integrate privacy engineering. These extensions can be based on

[5] [7]

ISO/IEC TR 27550, with the support of frameworks such as the NIST Privacy Framework, the

[6]
use of OASIS PMRM to operationalize privacy principles;
[1]

— the integration of the consumer product viewpoint, which is supported by ISO 31700-1 .

NOTE An additional reference to OASIS PMRM is under development: ISO/IEC 27561, Information technology

— Privacy operationalisation model and method for engineers — POMME
5.3.4 Ecosystem viewpoint
Consumer products involve two ecosystems:

— the supply chain, i.e., the ecosystem associated with the system lifecycle process. This involves

organisation and contractual activities on the privacy capabilities provided by third parties;

— the data space, i.e., the ecosystem associated with users and providers of data. This involves

organisation and contractual activities on data sharing.
6 Use case analysis
6.1 General

A use case template was developed to help illustrate, in a consistent manner, the use case examples. The

template is structured to provide the information that illustrates the use of ISO 31700-1.

— The entries for the main narrative are general. They include ID: use case name; description of

product, service or process; privacy protection goal; ecosystem and systems of interest; users,

stakeholders; PII; purpose; and use case narrative.

— The entries for the extended narratives follow the requirements of ISO 31700-1: general requirements;

consumer communication requirements; risk management requirements; development, deployment

and operations of designed privacy controls; and end of PII lifecycle requirements.

6.2 Use case template
Table 7 provides a template for the main narrative of a use case.
Table 7 — Template for main narrative
Entry Entry description
ID Unique identification
© ISO 2023 – All rights reserved PROOF/ÉPREUVE
---------------------- Page: 12 ----------------------
ISO/TR 31700-2:2023(E)
TTabablele 7 7 ((ccoonnttiinnueuedd))
Entry Entry description
Use case name Meaningful name
Description of product, ser- Short description of product
vice or process
Privacy protection goal Short description of privacy protection goals
Ecosystem and systems of Describe systems of interest
interest
Users Describe users
Stakeholders Describe stakeholders
PII Describe PII collected
Purpose Describe purpose of PII collection

Main narrative Short narrative on consumer goods and services (possibly with a sequence

diagram)
Table 8 provides a template for the extended narratives of a use case.
Table 8 — Template for extended narratives
Entry Entry description
ID Unique identification
Use case name Meaningful name

Narrative describing a specific variation, or focusing on the use of requirements

Additional narrative in a specific clause of ISO 31700-1. When possible, a sequence diagram is provid-

ed. Table 9 lists possible categories of narratives.

Table 9 lists proposed categories of extended narratives. They match categories of ISO 31700-1

requirements.
Table 9 — Categories of extended narratives
Category of extended narratives Relationship with ISO 31700-1
General requirements Focus on ISO 31700-1:2023, 4.2 to 4.9
Consumer communication requirements Focus on ISO 31700-1:2023, 5.2 to 5.6
Risk management requirements Focus on ISO 31700-1:2023, 6.2 to 6.6
Development, deployment and operation of
Focus on ISO 31700-1;2023, 7.2 to 7.9
designed privacy controls
End of PII lifecycle requirements Focus on ISO 31700-1:2023, 8.2
7 Use cases
7.1 General

Three use cases are described: on-line retailing, a fitness company and smart locks. These use cases

cover ISO 31700-1 requirements as shown in Table 10.

NOTE A sequence diagram is provided for each narrative. The code for the sequence diagrams in Figure 1 to

Figure 16 is available at: https:// standards .iso .org/ iso/ tr/ 31700/ -2/ ed -1/ en/ .

PROOF/ÉPREUVE © ISO 2023 – All rights reserved
---------------------- Page: 13 ----------------------
ISO/TR 31700-2:2023(E)
Table 10 — Use cases requirement coverage
Category of On-line Fitness Smart
ISO 31700-1 Requirement
requirement retailing compa-ny locks
Design capabilities to enable consumers to enforce
4.2 X
their privacy rights
Develop capab
...

Reference number of document: ISO /TR 31700-2:2023(E)
Committee identification: ISO PC 317
Secretariat: BSI
Privacy by design for consumer goods and services — Use cases

Ingénierie respectueuse de la protection de la vie privée pour les biens de consommation et services – cas

d’usage
Publication stage
Warning for WDs and CDs

This document is not an ISO International Standard. It is distributed for review and comment. It is subject to

change without notice and may not be referred to as an International Standard.

Recipients of this draft are invited to submit, with their comments, notification of any relevant patent

---------------------- Page: 1 ----------------------
© ISO/IEC 2022 – All rights reserved
1 © ISO 2023
2 All rights of which they are aware and to provide supporting documentation.

5 A model manuscript of a draft International Standard (known as “The Rice Model”) is available at

6 https://www.iso.org/iso/model_document-rice_model.pdf
---------------------- Page: 2 ----------------------
ISO /TR 31700-2:2023(E) Formatted: Font: 12 pt
Copyright Notice

This ISO document is a working draftreserved. Unless otherwise specified, or committee draft and is

copyright-protected by ISO. While required in the reproduction of working drafts or committee

drafts in any form for use by participants in the ISO standards development process is permitted

without prior permission from ISO, neither this document nor any extract from itcontext of its

implementation, no part of this publication may be reproduced, stored or utilized otherwise in any form or

transmitted in any form for any other purposeby any means, electronic or mechanical, including

photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be

requested from either ISO.

Requests for permission to reproduce this document for at the purpose of selling it should be

addressed as shownaddress below or to ISO’sISO's member body in the country of the requester:.

Secretariat of ISO PC317, BSI, Jean Stride: Jean.Stride@bsigroup.com

Reproduction for sales purposes may be subject to royalty payments or a licensing agreement.

Violators may be prosecuted.
ISO Copyright Office
CP 401 • CH-1214 Vernier, Geneva
Phone: + 41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland.
Formatted: Tab stops: Not at 304.8 pt
ii © ISO/IEC 2022 – All rights reserved
ii © ISO 2023 – All rights reserved
---------------------- Page: 3 ----------------------
ISO /TR 31700-2:2023(E) Formatted: Font: 12 pt, Bold
Contents

Foreword ......................................................................................................................................................................... iv

Introduction..................................................................................................................................................................... v

Foreword ....................................................................................................................................................................... iiv

Introduction.................................................................................................................................................................... vi

1 Scope .................................................................................................................................................................... 1

2 Normative references .................................................................................................................................... 1

3 Terms and definitions .................................................................................................................................... 1

4 Abbreviated terms .......................................................................................................................................... 2

5 Overview of ISO 31700-1 requirements and related concepts ....................................................... 2

5.1 ISO 31700-1 Requirements .................................................................................................................... 2

Table 1 — ISO 31700-1 requirements .................................................................................................................... 2

5.2 Related concepts ........................................................................................................................................ 3

Table 2 — Lifecycle processes ................................................................................................................................... 3

Table 3 — Privacy protection goals ........................................................................................................................ 3

Table 4 — NIST Privacy Framework functions ................................................................................................... 4

Table 5 — NIST privacy engineering objectives ................................................................................................. 4

Table 6 — ISO 31700-1 requirements relationship with associated concepts ....................................... 4

5.3 Viewpoints in the use cases .................................................................................................................... 7

5.3.1 General ................................................................................................................................................................ 7

5.3.2 Consumer product viewpoint ................................................................................................................... 7

5.3.3 Engineering framework viewpoint ......................................................................................................... 7

5.3.4 Ecosystem viewpoint .................................................................................................................................... 7

6 Use case analysis .............................................................................................................................................. 7

6.1 General ........................................................................................................................................................... 7

6.2 Use case template ....................................................................................................................................... 8

Table 7 — Template for main narrative ................................................................................................................ 8

Table 8 — Template for extended narratives ..................................................................................................... 8

Table 9 — Categories of extended narratives ..................................................................................................... 8

7 Use cases ............................................................................................................................................................. 9

7.1 General ........................................................................................................................................................... 9

Table 10 — Use cases requirement coverage ...................................................................................................... 9

7.2 On-line retailing ...................................................................................................................................... 10

7.2.1 On-line retailing use case main description ...................................................................................... 10

7.2.2 On-line retailing consumer communication ..................................................................................... 13

7.2.3 On-line retailing summary .......................................................................................................................1 5

7.2.4 On-line retailing general requirements ..............................................................................................1 7

7.2.5 On-line retailing risk management .......................................................................................................1 9

7.2.6 On-line retailing development, deployment and operation ....................................................... 20

7.2.7 On-line retailing end of PII lifecycle .....................................................................................................2 2

7.3 Fitness company ...................................................................................................................................... 24

7.3.1 Fitness company use case main description ..................................................................................... 24

7.3.2 Fitness company risk management of health application ........................................................... 27

7.3.3 Fitness company consumer communication .................................................................................... 29

7.4 Smart locks for homes front doors ................................................................................................... 31

7.4.1 Smart locks product line main description ....................................................................................... 31

7.4.2 Smart locks basic configuration .............................................................................................................3 6

7.4.3 Smart locks colocation configuration ..................................................................................................3 7

7.4.4 Smart locks family configuration ...........................................................................................................3 9

Formatted: Tab stops: Not at 460.7 pt
© ISO/IEC 2022 – All rights reserved iii
© ISO 2023 – All rights reserved iii
---------------------- Page: 4 ----------------------
ISO /TR 31700-2:2023(E) Formatted: Font: 12 pt

7.4.5 Smart locks risk management .................................................................................................................4 1

7.4.6 Smart locks consumer communication ...............................................................................................4 3

7.4.7 Smart locks development, deployment and operation ................................................................. 45

Bibliography ................................................................................................................................................................. 48

Foreword .......................................................................................................................................................................... 4

Introduction..................................................................................................................................................................... 5

1 Scope .................................................................................................................................................................... 1

2 Normative references .................................................................................................................................... 1

3 Terms and definitions .................................................................................................................................... 1

4 Abbreviated terms .......................................................................................................................................... 1

5 Overview of ISO 31700-1 requirements and related concepts ....................................................... 2

5.1 ISO 31700-1 Requirements .................................................................................................................... 2

5.2 Related concepts ........................................................................................................................................ 3

5.3 Viewpoints in the use cases .................................................................................................................... 6

5.3.1 General ................................................................................................................................................................ 6

5.3.2 Consumer product viewpoint ................................................................................................................... 6

5.3.3 Engineering framework viewpoint ......................................................................................................... 7

5.3.4 Ecosystem viewpoint .................................................................................................................................... 7

6 Use case analysis .............................................................................................................................................. 7

6.1 General ........................................................................................................................................................... 7

6.2 Use case template ....................................................................................................................................... 7

7 Use cases ............................................................................................................................................................. 8

7.1 General ........................................................................................................................................................... 8

7.2 On-line retailing ...................................................................................................................................... 10

7.2.1 On-line retailing use case main description ...................................................................................... 10

7.2.2 On-line retailing consumer communication ..................................................................................... 11

7.2.3 On-line retailing summary .......................................................................................................................1 2

7.2.4 On-line retailing general requirements .............................................................................................. 13

7.2.5 On-line retailing risk management .......................................................................................................1 4

7.2.6 On-line retailing development, deployment and operation ....................................................... 15

7.2.7 On-line retailing end of PII lifecycle .....................................................................................................1 6

7.3 Fitness company ...................................................................................................................................... 17

7.3.1 Fitness company use case main description ..................................................................................... 17

7.3.2 Fitness company risk management of health application ........................................................... 19

7.3.3 Fitness company consumer communication .................................................................................... 20

7.4 Smart locks for homes front doors ................................................................................................... 21

7.4.1 Smart locks product line main description ....................................................................................... 21

7.4.2 Smart locks basic configuration .............................................................................................................2 4

7.4.3 Smart locks colocation configuration ..................................................................................................2 5

7.4.4 Smart locks family configuration ...........................................................................................................2 6

7.4.5 Smart locks risk management .................................................................................................................2 7

7.4.6 Smart locks consumer communication ...............................................................................................2 8

7.4.7 Smart locks development, deployment and operation ................................................................. 29

Bibliography ................................................................................................................................................................. 32

Formatted: Tab stops: Not at 304.8 pt
iv © ISO/IEC 2022 – All rights reserved
iv © ISO 2023 – All rights reserved
---------------------- Page: 5 ----------------------
ISO /TR 31700-2:2023(E) Formatted: Font: 12 pt, Bold
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO

collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directiveswww.iso.org/directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any

patent rights identified during the development of the document will be in the Introduction and/or on

the ISO list of patent declarations received (see www.iso.org/patentswww.iso.org/patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the World

Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see

www.iso.org/iso/foreword.htmlwww.iso.org/iso/foreword.html.

This document was prepared by Project Committee 317 Consumer Protection – privacy by design for

consumer goods and services.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at
www.iso.org/members.htmlwww.iso.org/members.html.
Formatted: Tab stops: Not at 460.7 pt
© ISO/IEC 2022 – All rights reserved v
© ISO 2023 – All rights reserved v
---------------------- Page: 6 ----------------------
ISO /TR 31700-2:2023(E) Formatted: Font: 12 pt
Introduction
[1]

ISO 31700-1 provides high-level requirements and recommendations for organizations using privacy

by design in the development, maintenance and operation of consumer goods and services. These are

grounded in a consumer-focused approach, in which consumer privacy rights and preferences are placed

at the heart of product development and operation.

Use case help to identify, clarify and organize system requirements related to a set of goals, by illustrating

a series of possible sequences of interactions between stakeholder(s) and system(s) in a particular

ecosystem.
[2]

The use cases in this document use a template that is based on IEC 62559-2 while enabling a focus on

privacy by design challenges and on the ISO 31700-1 requirements.

Although there are a wide range of use cases, this document provides three sample use cases to help

further understand the implementation of ISO 31700-1: on-line retailing, a fitness company, and smart

locks.
Formatted: Tab stops: Not at 304.8 pt
vi © ISO/IEC 2022 – All rights reserved
vi © ISO 2023 – All rights reserved
---------------------- Page: 7 ----------------------
TECHNICAL REPORT ISO/TR 31700-2:2023(E)
Privacy by design for Consumer Goods and Services — Use cases
1 Scope

This document provides provides illustrative use cases, with associated analysis, chosen to assist in

understanding the requirements of 31700-1.

The intended audience includes engineers and practitioners who are involved in the development,

implementation or operation of digitally enabled consumer goods and services.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.

ISO and IEC maintain terminologicalterminology databases for use in standardization at the following

addresses:

— ISO Online browsing platform: available at https://www.iso.org/obphttps://www.iso.org/obp

— IEC Electropedia: available at http://www.electropedia.orghttp://www.electropedia.org

3.1
privacy by design

design methodologies in which privacy is considered and integrated into the initial design stage and

throughout the complete lifecycle of products, processes or services that involve processing of Personally

Identifiable Information, including product retirement and the eventual deletion of any associated

personally identifiable information
associated personally identifiable information
Note 1 to entry: The lifecycle also includes changes or updates.
[SOURCE ISO 31700-1:2023, 3.5]
3.2
use case

description of a sequence of interactions of a consumer and a consumer product used to help identify,

clarify, and organize requirements to support a specific business goal
Note 1 to entry: consumersConsumers can be users, engineers, of systems.

Note 2 to entry: aA system of interest in this document is a consumer goods or service.

[SOURCE: ISO 31700-1:2023, 3.22, modified — note 2 added]
© ISO 2023 – All rights reserved 1
---------------------- Page: 8 ----------------------
ISO/TR 31700-2:2023(E) Formatted: Font: 12 pt, Bold
4 Abbreviated terms
NIST National Institute of Standards and Technology
PII Personally identifiable information
5 Overview of ISO 31700-1 requirements and related concepts
5.1 ISO 31700-1 Requirements
[1]
Table 1 lists ISO 31700-1:2023 requirements, categorised as:
— general (ISO 31700-1:2023, clause 4);
— consumer communication requirements (ISO 31700-1:2023, clause 5);
— risk management requirements (ISO 31700-1:2023, clause 6);

— develop, deploy and operated privacy controls (ISO 31700-1:2023, clause 7); and

— end of PII lifecycle requirements (ISO 31700-1:2023, clause 8).
Table 1 — ISO 31700-1 requirements
Category ISO 31700-1 section number and requirement
4.2 Design capabilities to enable consumers to enforce their privacy rights
4.3 Develop capability to determine consumer privacy preferences
4.4 Design human computer interface (HCI) for privacy
4.5 Assign relevant roles and authorities
General
4.6 Establish multi-disciplinary responsibilities
4.7 Develop privacy knowledge, skill and ability
4.8 Ensure knowledge of privacy controls
4.9 Documented information management
5.2 Provision of privacy information
5.3 Accountability of responsible persons to providing privacy information
Consumer
communication 5.4 Responding to consumer inquiries and complaints
requirements
5.5 Communicating to diverse consumer population
5.6 Prepare data breach communications
6.2 Conduct a privacy risk assessment
6.3 Assess privacy capabilities of third parties
Risk management
6.4 Establish and document requirements for privacy controls
requirements
6.5 Monitor and update risk assessment
6.6 Include privacy risks in cybersecurity resilience design
Formatted: Footer
2 © ISO/IEC 2022 – All rights reserved
2 © ISO 2023 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/TR 31700-2:2023(E) Formatted: Font: 12 pt, Bold
7.2 Integrate the design and operation of privacy controls into the products
development and management lifecycles
7.3 Design privacy controls
7.4 Implement privacy controls
Develop, deploy and
7.5 Design privacy control testing
operate designed
7.6 Manage the transition of privacy controls
privacy controls
7.7 Manage the operation of privacy controls
7.8 Prepare breach management
7.9 Operate privacy controls for the processes and products that the product in
scope depends upon through the PII lifecycle
End of PII lifecycle
8.2 Design privacy controls for retirement and end of use
requirements
5.2 Related concepts

The tables in this clause illustrate the relationships between the requirements of ISO 31700-1 and related

privacy engineering concepts:
— lifecycle processes as shown in Table 2;
[5 ]
— privacy protection goals [, ], as shown in Table 3.
[7 ]
— NIST Privacy framework functions [, ], as shown in Table 4; and
— NIST privacy engineering objectives as shown in Table 5.
The resulting relations are shown in Table 6.
Table 2 — Lifecycle processes

Activities carried out by the organisation to define and maintain policies related to

Organisation policies
privacy by design

Product design and Activities carried out by the organisation to design and develop consumer goods or

development services

Activities carried out by the organisation to manage privacy when consumer goods or

Product use
services are in use
Table 3 — Privacy protection goals
Property that privacy-relevant data cannot be linked across domains that are
constituted by a common purpose and context
Unlinkability

NOTE It ensures that a PII principal can make multiple uses of resources or services

without others being able to link these uses together

Property that ensures that all privacy-relevant data processing including the legal,

Transparency
technical and organizational setting can be understood as documented or stated
Formatted: Footer
© ISO/IEC 2022 – All rights reserved 3
© ISO 2023 – All rights reserved 3
---------------------- Page: 10 ----------------------
ISO/TR 31700-2:2023(E) Formatted: Font: 12 pt, Bold
Property that ensures that PII principals, PII controllers, PII processors and
Intervenability
[12]
supervisory authorities can intervene in all privacy-relevant data processing
Table 4 — NIST Privacy Framework functions
Develop the organizational understanding to manage privacy risk for individuals
Identify-P
arising from data processing
Develop and implement the organizational governance structure to enable an

Govern-P ongoing understanding of the organization’s risk management priorities that are

informed by privacy risk

Develop and implement appropriate activities to enable organizations or individuals

Control-P
to manage data with sufficient granularity to manage privacy risks
Develop and implement appropriate activities to enable organizations and

Communicate-P individuals to have a reliable understanding and engage in a dialogue about how data

are processed and associated privacy risks
Protect-P Develop and implement appropriate data processing safeguards
Table 5 — NIST privacy engineering objectives

Enabling reliable assumptions by individuals, owners, and operators about data and

Predictability
their processing by a system, product, or service

Providing the capability for granular administration of data, including alteration,

Manageability
deletion, and selective disclosure
Enabling the processing of data or events without association to individuals or
Disassociability
devices beyond the operational requirements of the system
Table 6 — ISO 31700-1 requirements relationship with associated concepts
Privacy NIST Privacy NIST privacy
Category of ISO 31700-1 Lifecycle
protection Framework engineering
requirement Requirement processes
goals functions objectives
4.2 Design
capabilities to Product design Control-P,
Intervenability Predictablity
enable consumers and Communicate-
Transparency Manageability
to enforce their development P
privacy rights
4.3 Develop
capability to Product design Control-P,
Intervenability
General
determine and Communicate- Predictability
Transparency
consumer privacy development P
preferences
4.4 Design human
Product design
Predictablity
computer Communicate-
and Transparency
interface (HCI) for P
Manageability
development
privacy
Formatted: Footer
4 © ISO/IEC 2022 – All rights reserved
4 © ISO 2023 – All rights reserved
---------------------- Page: 11 ----------------------
ISO/TR 31700-2:2023(E) Formatted: Font: 12 pt, Bold
4.5 Assign relevant
Organisation
roles and - Govern-p Manageability
policies
authorities
4.6 Establish
Organisation
multi-disciplinary - Govern-P Manageability
policies
responsibilities
4.7 Develop
privacy Organisation
- Govern-P Manageability
knowledge, skill policies
and ability
4.8 Ensure
Manageability
Organisation
knowledge of - Govern-P
policies
Disassociability
privacy controls
4.9 Documented
Organisation
information - Govern-P Manageability
policies
management
5.2 Provision of
Organisation Communicate-
privacy Transparency Predictability
policies P
informat
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO 31700-1(Main)
Consumer protection — Privacy by design for consumer goods and services — Part 1: High-level requirements

This document establishes high-level requirements for privacy by design to protect privacy throughout the lifecycle of a consumer product, including data processed by the consumer. This document does not contain specific requirements for the privacy assurances and commitments that organizations can offer consumers nor does it specify particular methodologies that an organization can adopt to design and-implement privacy controls, nor the technology that can be used to operate such controls.

  • Draft
    37 pages
    English language
    sale 15% off
  • Draft
    37 pages
    English language
    sale 15% off
ISO
ISO/TS 24519:2022(Main)
Service activities relating to drinking water supply, wastewater and stormwater systems — Water and wastewater services for temporary settlements for displaced persons

This document provides guidelines for alternative water services (AWS) and alternative wastewater services (AWWS) to temporary settlements for displaced persons e.g. refugee/internally displaced persons (IDP) camps, for drinking, sanitation and hygiene purposes. It addresses AWS and AWWS principles and methods, operational planning and implementation. This document provides guidelines for drinking water supply to temporary settlements, and the disposal of wastewater, by implementation of different methods; it does not deal with the ways of using water inside the temporary settlements. This document deals with drinking water quantity but does not provide methods for quality testing. Water quality test methods are included in the scope of ISO TC 147. The document does make recommendations regarding public safety with respect to the location of distribution and collection points. On-site treatments are not discussed in this document but, depending on circumstances, they can be suitable. In such case, helpful technical guidelines are provided in the bibliography of this document. This document complements ISO 24527, whose scope excludes drinking water supplied to temporary settlements. It also complements other ISO TC 224's documents such as ISO 24518 and ISO/TS 24520. This document is intended to be used by the responsible body for the provision of the water service. It can be used by interested parties such as water utilities, governments and governmental organizations, security bodies, international refugee agencies, related NGOs and relevant industry stakeholders.

  • Technical specification
    17 pages
    English language
    sale 15% off
ISO
ISO 31700-1(Main)
Consumer protection — Privacy by design for consumer goods and services — Part 1: High-level requirements

This document establishes high-level requirements for privacy by design to protect privacy throughout the lifecycle of a consumer product, including data processed by the consumer. This document does not contain specific requirements for the privacy assurances and commitments that organizations can offer consumers nor does it specify particular methodologies that an organization can adopt to design and-implement privacy controls, nor the technology that can be used to operate such controls.

  • Draft
    37 pages
    English language
    sale 15% off
  • Draft
    37 pages
    English language
    sale 15% off
ISO
ISO/IEC 19086-2:2018/Amd 1:2023(Amendment)
Cloud computing — Service level agreement (SLA) framework — Part 2: Metric model — Amendment 1
  • Standard
    4 pages
    English language
    sale 15% off
ISO
ISO 7209:2023(Main)
Titanium and titanium alloys — Plate, sheet and strip — Technical delivery conditions

This document specifies requirements for the manufacture and technical delivery conditions of plate, sheet and strip made from titanium and titanium alloys.

  • Standard
    18 pages
    English language
    sale 15% off
  • Draft
    18 pages
    English language
    sale 15% off
  • Draft
    18 pages
    English language
    sale 15% off
ISO
ISO/IEC 30179:2023(Main)
Internet of Things (IoT) — Overview and general requirements of IoT system for ecological environment monitoring

This document specifies the Internet of Things system for ecological environment monitoring in terms of the following: – system infrastructure and system entities of the IoT system for ecological environment monitoring for natural entities such as air, water, soil, living organisms; and – the general requirements of the IoT system for ecological environment monitoring.

  • Standard
    15 pages
    English language
    sale 15% off
ISO
ISO 12509:2023(Main)
Earth-moving machinery and rough-terrain trucks — Lighting, signalling and marking lights, and reflex reflectors

This document specifies requirements for installation and performance of lighting, signalling and marking lights, and reflex reflectors. It is applicable to ride-on self-propelled wheeled or crawler earth-moving machines as defined in ISO 6165, and rough-terrain variable-reach trucks as defined in ISO 10896-1 and ISO 10896-2, hereafter known as “machines”. These machines are used off-road and can occasionally be driven on the road. NOTE 1 Meeting the requirements of this document does not ensure conformance to national or regional on-road regulations. NOTE 2 Rough-terrain trucks with mast as defined in ISO 3691-1 and rough-terrain lorry-mounted trucks as defined in ISO 20297-1 are not specifically covered by this document, but this document can be used for guidance.

  • Standard
    54 pages
    English language
    sale 15% off
  • Standard
    54 pages
    French language
    sale 15% off
ISO
ISO 13741-1:2023(Main)
Plastics/rubber — Determination of residual monomers and other organic components by capillary-column gas chromatography — Part 1: Direct liquid injection method

This document specifies a method for the determination of residual monomers and other (saturated) organic components in aqueous polymer dispersions and latices as well as in related products. It makes use of capillary-column gas chromatography with direct injection of the liquid sample. Residual monomers and saturated volatiles that have been successfully determined by this method include acrylic and methacrylic esters, acrylonitrile, butadiene, styrene, vinyl acetate, vinyl chloride as well as by-products such as acetaldehyde and ethylbenzene.

  • Standard
    9 pages
    English language
    sale 15% off
ISO
ISO/TR 22126-3:2023(Main)
Financial services — Semantic technology — Part 3: Semantic enrichment of the ISO 20022 conceptual model

This document examines semantic enrichment to support the maintenance of the ISO 20022 conceptual model. It reports on existing and proposed practices to enrich a model: — in a repository, annotating repository concepts with metadata using semantic markup or constraints; — outside a repository, using references to repository concepts, such as the provenance of changes.

  • Technical report
    12 pages
    English language
    sale 15% off
ISO
ISO 14619:2023(Main)
Space systems — Space experiments — General requirements

This document addresses experimental add-on components to a space system under development and specifies the procedures for preparing and carrying out space experiments (SEs), and analysis and processing of the findings. It is applicable to both manned and unmanned space systems. It can be tailored to the specific needs of different kinds of SEs.

  • Standard
    12 pages
    English language
    sale 15% off