Chapter 1: Introduction to Privacy
Fair Information Practices (FIPs) Overview
Since the 1970s, Fair Information Practices (FIPs/FIPPs) have organized individual rights and organizational responsibilities into four categories: rights of individuals, controls on the information, information life cycle, and management.
Fair Information Practices (FIPs), sometimes called FIPPs, have since the 1970s been the main way of organizing individual rights and organizational responsibilities for personal information. Definitions vary over time and place, but the major themes are similar.
| Category | Principles included |
|---|---|
| Rights of individuals | Notice; choice and consent; data subject access |
| Controls on the information | Information security; information quality |
| Information life cycle | Collection; use and retention; disclosure |
| Management | Management and administration; monitoring and enforcement |
Codifications to know
Key FIP codifications: 1973 HEW principles, 1980 OECD Guidelines, 1981 Convention 108, 2004 APEC Privacy Framework, and the 2009 Madrid Resolution.
Key terms - quick answers
What is “Fair Information Practices (FIPs)”?
Guidelines, dating from the 1970s, for handling, storing, and managing data with privacy, security, and fairness; also called FIPPs.
What is “Notice”?
FIP requiring organizations to disclose their privacy policies and the purposes for which personal information is collected, used, retained, and disclosed.
What is “Choice and consent”?
FIP requiring organizations to describe available choices and obtain implicit or explicit consent for handling personal information.
What is “Data subject access”?
FIP requiring organizations to give individuals access to their personal information for review and updates.