Contents

Disclosure

Policy actions sorted A-Z.

Enable people to access data held about them in an agreed format

People have the right to directly access, in a standardised format, data held on them by data controllers so they can understand what is held about them, by whom, correct errors and reuse the data elsewhere.

Examples

Commentary

Definitions

Related policy actions: Disclosure, Markets, Personal data, Redress

Link to this policy action

Establish a vulnerability information service

Create a central database of known software vulnerabilities. This will allow consumers to know what products and services are affected, and help developers fix vulnerable code. Software security research firms typically publish their findings publicly and have a unique vulnerability identifier attached to their work.

Examples

Commentary

Definitions

Related policy actions: Disclosure, Open data, Security, Transparency

Link to this policy action

Make recommendations for safe software development

Government and technical organisations should recommend best practices to developers to ensure safety, particularly in environments where computers have control over the physical environment. Existing guidelines are biased towards space and nuclear science, but there will be a need for consumer advocacy here as self-driving cars near readiness for everyday use.

Examples

Commentary

Definitions

Related policy actions: Algorithms, Disclosure, Education and awareness, Infrastructure, Security, Transparency

Link to this policy action

Provide a scam reporting service

Provide a service where scams can be reported to reduce the effort required for consumers to get redress.

Examples

Commentary

Related policy actions: Disclosure, Fraud, Redress, Transparency

Link to this policy action

Publish digital product recall notices

Software vulnerabilities are included in product recall notices and product recall notices are maintained and made available as open data, so that consumers are aware when they own an unsafe digital product.

Examples

Commentary

Related policy actions: Disclosure, Infrastructure, Open data, Security, Transparency

Link to this policy action

Require services to monitor for consumer fraud

The law requires services to monitor for suspicious authentication, for example signing in from another country, so fraud and data theft can be prevented.

Examples

Commentary

Related policy actions: Disclosure, Fraud, Personal data, Security

Link to this policy action

Require the reporting of data breaches

Data controllers are compelled to publicly report data breaches so that the public know it has occurred and can take action where possible and to incentivise data controllers to maintain secure data handling practices.

Examples

Commentary

Definitions

Related policy actions: Data protection, Disclosure, Personal data, Privacy, Regulation, Security, Transparency

Link to this policy action