Tech-invite3GPPspaceIETF RFCsSIP
Quick21222324252627282931323334353637384‑5x

Content for  TR 22.949  Word version:  16.0.0

Top   Top   None   None   Next
1…   4…

 

0  IntroductionWord‑p. 4

Privacy in 3GPP is about the appropriate handling of privacy related information between the user and service provider and between users in accordance with the preferences of the user and regulatory policies.
Building and maintaining trust between users of 3GPP services and the network operator requires the careful consideration and deployment of capabilities that safeguard confidential information about the user. Privacy is therefore seen not only as a value added service but also as a risk-reduction mechanism in terms of service deployment.
From a 3GPP perspective, a generic way to handle privacy related information is desirable in order to provide as far as possible a common set of rules that can be used by any service that requires the protection of personal data or information about a user.
Privacy is protected by regulation usually in the form of directives enforced by regional or national authorities. Where specific legal requirements exist, these need to be considered by each application to assure compliance.
Up

1  ScopeWord‑p. 5

The present document aims to investigate and summarise the existing service requirements on privacy for 3GPP services. In order to ensure that these services and future 3GPP services will have a consistent set of rules that control the availability and usage of confidential information, it is the intention to identify a common way to handle privacy related information in the network.
Generic privacy requirements for the mobile industry are also being defined in [3] by the Open Mobile Alliance and it is the intention of this document to present the existing requirements and any alternatives to achieving the required functionality within 3GPP networks.
The scope of this study is to:
  • Identify privacy related information that is used in the 3GPP system;
  • Identify the existing 3GPP services that handle privacy related information;
  • Identify the various stakeholders that handle, control or consume personal data, and to define their relationships;
  • Document the definitions of the various functions, stakeholders and functions involved in a privacy capability;
  • Identify the work being done by other organizations and the additional work to be done by 3GPP.
The types of data subject to privacy rules within the scope of this study include
  • Privacy related information specific to an individual user;
  • Privacy related information relating to entities such as corporations;
  • Network data such as serving cell and broadcast area, e.g. data that relates to the user's location or presence in the network, and which could be used by applications to track the user.
Up

2  References

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
  • References are either specific (identified by date of publication, edition number, version number, etc.) or non specific.
  • For a specific reference, subsequent revisions do not apply.
  • For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]
TS 41.101: "Technical Specifications and Technical Reports for a GERAN-based 3GPP system".
[2]
TR 21.905: "Vocabulary for 3GPP Specifications".
[3]
Open Mobile Alliance: "OMA Draft Privacy Requirements", OMA-RD_Privacy-V1_0_0-20031104-A
[4]
TS 22.071: Location Services (LCS); Stage 1".
[5]
TS 22.141: "Presence service; Stage 1".
[6]
Open Mobile Alliance (OMA): OMA-RD-Parlay_Service_Access-V1_0-20100427-A.
[7]
TS 22.240: "Service requirements for 3GPP Generic User Profile (GUP); Stage 1".
[8]
TS 22.174: "Push service; Stage 1".
[9]
TS 33.106: "Lawful interception requirements".
[10]
DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data http://europa.eu.int/smartapi/cgi/sga_doc?smartapi!celexapi!prod!CELEXnumdoc&lg=EN&numdoc=31995L0046&model=guichett
[11]
TS 22.140: "Multimedia Messaging Service (MMS); Stage 1".
[12]
TS 22.088: "Call Barring (CB) supplementary services; Stage 1".
[13]
TS 22.228: "Service requirements for the Internet Protocol (IP) multimedia core network subsystem; Stage 1".
Up

3  Definitions, symbols and abbreviationsWord‑p. 6

3.1  Definitions

For the purposes of the present document, the terms and definitions given in [2] and the following apply.
Personal Data:
Any information relating to an identified or identifiable natural person ("data subject") (an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity).
Privacy:
The appropriate handling of information that is deemed confidential between the user and service provider
Privacy Settings:
Information relating to Personal Data of a user. Privacy Settings describe the rights and limitations of access to and processing of Personal Data.
Trust:
Relationship between two entities that may be relied upon to ensure privacy
Up

3.2  Abbreviations

For the purposes of the present document, the following abbreviations apply:
BAOC
Barring of All Outgoing Calls
BOIC
Barring of Outgoing International Calls
BOIC-exHC
Barring of Outgoing International Calls except those directed to the Home PLMN Country
BIC
Baseline Implementation Capabilities
BIC-Roam
Barring of Incoming Calls when Roaming outside the home PLMN country
CLIP
Calling Line Identification Presentation
CLIR
Calling Line Identification Restriction
CS
Circuit Switched
GUP
Generic User Profile
HLR
Home Location Register
IMS
IP Multimedia Subsystem
ISDN
Integrated Services Digital Network
LCS
Location Services
MSISDN
Mobile Station ISDN number
OMA
Open Mobile Alliance
OSA
Open Services Access
PLMN
Public Land Mobile Network
PPR
SIP
Session Initiation Protocol
SMS
Short Message Service
UE
User Equipment
WLAN
Wireless Local Area Network
Additional definitions and abbreviations can be found in TR 21.905.
Up

Up   Top   ToC