Activity Tracking - Activities Not Disclosed, v1.0

Defines privacy requirements related to prohibitions on disclosure of information on end user activities.

Assessment Step

1
Activity Tracking - Activities Not Disclosed (ActivityTracking-ActivitiesNotDisclosed)
Does the organization ensure that it does not disclose information on end user activities to any party for any purpose other than federated authentication or to comply with law or legal process?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.

Conformance Criteria (1)

C-1
The organization does not disclose information on End User activities to any party for any purpose other than federated authentication or to comply with law or legal process.
Citation
FICAM-TFPAP
Section 3.2.4