Menu

IF Data Permissions Catalogue

Documenting design patterns for personal data sharing, with example uses and research. Work in progress. Maintained by IF. View on GitHub.

Fork

Access expiration

Someone sets an expiry date for sharing. Permission is revoked after the time has elapsed.

Examples

Active request

A person agrees to accept individual requests to share their data and makes a decision based on that request. For example, a request to share their location history with a company researching better transport for a city.

Examples

Activity log

A person can see a chronological record of who has accessed their data, when it was accessed and why.

Examples

Behavioural biometrics

The physical behaviour of a person trying to gain access to data is analysed against the past patterns of an authorised person. If they match, it’s assumed that they are that person and access is allowed.

Further information

Behavioural patterns

Access is allowed if a someones activity matches past behaviour. For example, a card transaction might be declined if used somewhere the user doesn’t usually go to.

Examples

Biometric access control

Permission to access data is controlled through matching biometric data.

Examples

Control of physical object

Data can only be shared with control of physical object, or a physical object contains the data.

Examples

Data licences

Different to standardised terms and conditions, data licences allow someone to customise the terms they are willing to use a service under — choosing who can use their data and for what purposes.

Examples

Dead man's handle

Data is shared if a secondary activity is stopped.

Examples

Delegate permissions

A person gives someone else, or third-party software, the authority to act on their behalf.

Examples

Digital breadcrumbs

Someone publishes their data, but makes it difficult to access — for example by requiring a set amount of computational work to view the data, or by slicing up the data and placing it in different locations.

Examples

Digital proof

A code or paper ticket that can be checked digitally to confirm that someone has permission to do something.

Examples

Emergency access

A person gives someone else they trust the authority to act on their behalf in an emergency by issuing them with an access code in advance. The trusted person can use the code to access the other person’s data in an emergency, but only after a set period of time has elapsed (during which there is the opportunity to veto access).

Examples

Geofencing

Access is controlled depending on the physical location of the person, using something like GPS.

Examples

Image-based authentication

A key is encoded into an image, like a pattern or a two-dimensional barcode. It’s scanned by a something which interprets the image and uses it in a cryptographic challenge with a key stored on the device of someone attempting to gain access. If the challenge is successful, access is granted.

Examples

Implied consent

Someone’s consent is assumed through continued use of a service. They are shown a message at the beginning of using the service, often with a link to further information.

Examples

Further information

Just-in-time consent

People are asked to agree to a specific, atomic permission at the point that a service needs it to complete a task, e.g. access to a phone’s camera or contacts.

Examples

Further information

Location based active request

A person is invited to share their data via a location based beacon. For example, when walking through a park they might be asked to volunteer their location data to help improve the design of the park.

Examples

Further information

Magic links

Access requires clicking a link sent through secondary means. For example, someone signing into an account on a service would be a sent a magic link to the email address associated with that account. It’s assumed that the email address is only accessible to the intended person.

Examples

Market place

People sell access to their data for a fee via a public marketplace. This can be used in conjunction with data licensing to allow people to set the terms of sale.

Examples

Message using public key encryption

A person encrypts their data so that it can only decrypted by the intended recipient and shares their data via an email or shared file system.

Examples

Further information

One-time code

A person can generate a unique code that allows a third-party to access their data at a set point in time. The code can only be used once. It is up to the person who generated the code how they deliver it to the third-party.

A one-time code cannot prevent saving/screen capture of data by the person using the code.

Examples

Open link sharing

A link to data is generated and shared with those who have permission to access it. Sometimes the link is delisted from search engines to prevent other people from discovering it. No further authentication is needed when the link is accessed.

Examples

Opt in to give consent

A person gives explicit permission for their data to be shared.

Examples

Opt out to remove consent

A person’s data is shared by default, but there is the option to opt-out.

Examples

Physical gestures

Someone physically makes a gesture or pattern which is matched against an expected pattern.

Examples

Physical security

Data is physically stored in a secure place. Only those who know the location of the secure place and how to access it have permission to access the data.

Examples

Post-access notification

Some services require a forced update to someone’s data, followed by a notification that it has occurred so that they have an opportunity to appeal. An example of this is if points for speeding need to be added to someone’s driving licence.

Examples

Quorum

Permission is given when over a set amount of people agree, possibly using physical tokens like Yubikeys.

Secret question

Gaining access to data through a series of answers that only an allowed person should know. (This information could be false — like lying about your name at Starbucks). Generally this pattern is used for identity rather than data access.

Examples

Smart contract access

Data is shared when a set of thresholds are met - for example on a certain date.

Examples

Terms and conditions

During a transaction, or during installation of software, people are asked to agree to a fixed set of terms and conditions before they can proceed.

Examples

Further information

Two-factor authentication

Someone intending to access data needs to satisfy two different “factors” of verifying their identity. Frequently, this takes the form of knowing a username and password and having access to a device which a code is sent to or generated from to confirm their possession of it.

Examples

Up-front consent

People are asked to agree to a specific set of permissions — for example access to a phone’s camera, location and contacts — before they use or install a service.

Examples

Usage-based unlock

Access depends on how frequently someone interacts with something.

Examples

Voice verification

In an end-to-end encrypted system, people can verify each others identities by saying a word from a pair that is generated by a cryptographic function. If their communication is compromised (through a man-in-the-middle attack, for example) the words won’t match.

Examples