PD ISO/TR 12859:2009 Intelligent transport systems. System architecture. Privacy aspects in ITS standards and systems
PD ISO/TR 12859 is a technical report which gives general guidelines to developers of intelligent transport systems (ITS) standards and systems on data privacy aspects and associated legislative requirements for the development and revision of ITS standards and systems.
For guidance on specific data protection and data privacy requirements on the subject of ITS probe data, see ISO 241001.
Contents of PD ISO/TR 12859:
Foreword
Introduction
1 Scope
2 Terms, definitions and abbreviated terms
2.1 Terms and definitions
2.2 Abbreviated terms
3 Background
3.1 Origin and basis of this Technical Report
3.2 Privacy requires security
3.3 The investigative process
4 Recommendations
4.1 Basis of recommendations
4.2 Avoidance of harm
4.3 Fairly and lawfully
4.4 Specified, explicit and legitimate purposes
4.5 Explicit and legitimate and must be determined at the time of collection of the data
4.6 Not further processed in a way incompatible with the purposes for which they are originally collected
4.7 Not to be disclosed without the consent of the data subject
4.8 Adequate, relevant and not excessive in relation to the purposes for which they are collected
4.9 Accurate and, where necessary, kept up to date
4.10 Identification of data subjects for no longer than is necessary for the purposes for which the data were collected
4.11 Restriction to those who have a demonstrable “need to know
4.12 Clear and accessible
4.13 Security safeguards
4.14 Cumulative interpretation of multiple recommendations
Annex A (informative) Data privacy Framework, Directives and Guidelines
Annex B (informative) Example of national implementation of guidelines
Annex C (informative) Examples of the principle of “cumulative interpretation
Annex D (informative) Security-related International Standards
Bibliography