This International Standard provides a privacy framework which
— specifies a common privacy terminology;
— defines the actors and their roles in processing personally identifiable information (PII);
— describes privacy safeguarding considerations; and
— provides references to known privacy principles for information technology.
This International Standard is applicable to natural persons and organizations involved in specifying,
procuring, architecting, designing, developing, testing, maintaining, administering, and operating
information and communication technology systems or services where privacy controls are required
for the processing of PII.